npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@shivam-secure/secure-layer-sdk

v1.0.3

Published

Enterprise-grade security SDK for license verification and field-level encryption

Downloads

269

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

shivam-secureshivam-secure

Keywords

Readme

@yourorg/secure-layer-sdk

Enterprise-grade security SDK for license verification and field-level encryption. Verifies encrypted, signed licenses and integrates with the secure-agent for dynamic key derivation.

Requirements

  • Node.js >= 18
  • Secure Layer installed on the host (VPS) with:
    • secure-agent at /usr/local/bin/secure-agent (Linux) or C:\secure-layer\bin\secure-agent.bat (Windows)
    • machine.id at /etc/secure-layer/machine.id (Linux) or C:\secure-layer\machine.id (Windows)
    • license.dat at /etc/secure-layer/license.dat (Linux) or C:\secure-layer\license.dat (Windows)

Installation

npm install @yourorg/secure-layer-sdk

Backend integration (middleware, request/response flow)

For a centralized middleware-based setup (decrypt on request, encrypt on response, one place to update): see docs/BACKEND_INTEGRATION.md.

Usage

import { SecureLayer } from "@yourorg/secure-layer-sdk";

async function main() {
  const sdk = await SecureLayer.init();

  const license = sdk.getLicenseInfo();
  console.log(license.company, license.plan);

  const encrypted = await sdk.encryptField("user-123", "email", "[email protected]");
  const decrypted = await sdk.decryptField("user-123", "email", encrypted);
}

Custom License Path

const sdk = await SecureLayer.init("/path/to/license.dat");

API

SecureLayer.init(licensePath?: string): Promise<SecureLayer>

Initializes the SDK. Must be called before any other methods.

  • Verifies the license (decrypt, signature, expiry, machineId)
  • Ensures secure-agent connectivity
  • Returns the SDK instance

SecureLayer.getInstance(): SecureLayer

Returns the current initialized instance. Throws if init() was not called.

sdk.encryptField(userId: string, field: string, value: string): Promise<EncryptedPayload>

Encrypts a field value using agent-derived keys and AES-256-GCM. Returns { data, iv, tag }.

sdk.decryptField(userId: string, field: string, encryptedObj: EncryptedPayload): Promise<string>

Decrypts a field value. Uses the same userId and field as used during encryption.

sdk.getLicenseInfo(): License

Returns the validated license object (company, product, machineId, expiry, plan, created).

License Installation

  1. Generate a license using the license-generator tool:

    node license-cli.js create --company "Acme Inc" --machine auto --expiry 2026-12-31 --plan enterprise

  2. Copy license.dat to the target machine:

    • Linux: /etc/secure-layer/license.dat
    • Windows: C:\secure-layer\license.dat

  3. Ensure machine.id on the target matches the license's machineId.

Security Architecture

  • License: Encrypted with AES-256-CBC, signed with RSA-SHA256. Key derived from SHA256("SECURE_LAYER_LICENSE"). Public key in package for verification.
  • Field encryption: AES-256-GCM. Keys derived by secure-agent (root.secret + userId + field) on the VPS. Keys never leave the agent.
  • Agent: Runs on VPS, holds root.secret. Returns derived keys for valid (userId, field) pairs. Uses execFile (no shell injection), 3s timeout.
  • No plaintext keys, no global mutable state, fail-closed validation.

Production Best Practices

  1. Run the SDK only on machines where secure-agent is installed and configured.
  2. Use init() at application startup; fail fast if license or agent is invalid.
  3. Do not log decrypted values, keys, or license contents.
  4. Keep public.pem in the package; never ship private.pem.
  5. Ensure file permissions on /etc/secure-layer (or C:\secure-layer) restrict access.

Supported Platforms

  • Linux
  • Windows
  • macOS (uses Linux-style paths)

License

Proprietary. See your organization's terms.

secure-layer-sdk