npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

@trap_stevo/verilink

v0.0.3

Published

Encrypted from the start. Trusted to the end. This client-side protocol redefines secure communication — forging a direct bridge to zero-trust architecture through encrypted sessions, intelligent attestation, and seamless claim validation. Engineered for

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

trap_stevotrap_stevo

Keywords

LegendaryEnlightenedSteven ComptonMagicalSecure CommunicationEncrypted RequestsEncrypted ClientZero TrustCyber securityCybersecuritySession EncryptionAttestationSession IdentityClient ProtocolClaim ValidationBrowser SecurityPersistent IdentityReal-time SecurityTrusted SessionsModern Web SecurityEdge CommunicationSecure FrontendSecure ClientVeriLinkLightweight EncryptionCrypto MiddlewareSecure PayloadClient Verification

Readme

🔗 VeriLink · Legendary End-toEnd Encrypted Client Protocol

Encrypted from the start. Trusted to the end. This client-side protocol redefines secure communication — forging a direct bridge to zero-trust architecture through encrypted sessions, intelligent attestation, and seamless claim validation.
Engineered for the future of connectivity, it enables real-time payload exchange, persistent identity, and adaptive trust — all in an ultra-light format built to empower encrypted APIs and modern edge environments.

🚀 Features

  • 🔐 Encrypted payload delivery from browser and edge clients
  • 🧠 Identity claims backed by attestation
  • 🔄 Session-based communication with optional persistence
  • ⚙️ Customizable mutation and storage handling
  • 🌐 Native browser compatibility
  • 🧩 Seamless integration with VeriPath-secured routes
  • 💡 Drop-in secure request mechanism for the modern web

📦 Installation

npm install @trap_stevo/verilink

🔧 Quick Start

import { VeriLink } from "@trap_stevo/verilink";

const client = new VeriLink({
      serverURL         : "https://api.example.com",
      deviceID          : "my-device-id",
      persistSessionKey : true,
      persistSessionID  : true,
      mutator           : "vlk"
});

// Pair once per session
await client.pair("/device/pair");

// Send secure request
const result = await client.send("POST", "/create-user", {
      username : "legend",
      email    : "[email protected]"
});

console.log(result);

🛠 Configuration Options

| Property | Type | Description | |------------------------|-------------------------|--------------------------------------------------------------------------| | serverURL | string | Base URL for encrypted API server. | | deviceID | string | Optional identifier for the calling device. | | userAgent | string | The client identifier used for request validation. | | mutator | string or Uint8Array| Key used for XOR-based local obfuscation. Default: "vlk" | | vaultSGN | string | Storage key for session key. Default: "vlx" | | linkSGN | string | Storage key for session ID. Default: "vli" | | persistSessionKey | boolean | If true, stores the session key locally. | | persistSessionID | boolean | If true, stores the session ID locally. | | sessionKey | ArrayBuffer \| string | (Optional) Provide a pre-generated session key. | | sessionID | string | (Optional) Provide a custom session ID. |

📘 API Overview

🛠 Instance Methods

| Method | Description | |---------------------------------------------|-----------------------------------------------------------------------------| | constructor(options) | Creates a new encrypted client instance with optional persistence and device identity. | | pair(path = "/device/pair") | Pairs the client with the server, submitting the session key securely. | | paired() | Checks the pair status of the client device. | | send(method, path, data, headers, options)| Sends an encrypted request to the server and returns the decrypted response. | | setServer(url) | Updates the server URL for future requests. | | setKey(key) | Sets the session key manually (ArrayBuffer or base64 string). |

🔧 Request Parameters (for .send())

| Parameter | Type | Description | |-------------|------------|------------------------------------------------------------| | method | string | HTTP method (e.g., "GET", "POST") | | path | string | Endpoint path (e.g., "/create-user") | | data | object | Payload to send (will be encrypted) | | headers | object | Optional custom headers | | options | object | Optional flags (e.g., { fullResponse: true }) |

🧠 Identity and Trust

Every request includes session-bound claims with attested identity information and a cryptographically signed trust token. This allows the server to verify that the request originated from a known session, device, and environment — without relying on traditional token chains.

When persistSessionKey and persistSessionID are enabled, session state can be retained across reloads or reboots, creating long-lived secure interactions without re-pairing.

🌐 Designed For

| Environment | Use Case | |-------------|----------------------------------------------| | Browser | Secure frontend-to-server requests | | Edge Apps | Lightweight encrypted API clients | | Kiosks/IoT | Session-persistent command and control flows |

🤝 Companion APIs

| Package | Role | |-------------|-------------------------------------------------------| | VeriPath | Receives, decrypts, and verifies incoming client data | | VeriAuth | Pairs session keys and manages session trust |

🧱 Use Cases

  • Secure data transmission from frontend apps
  • Encrypted micro-clients for embedded systems
  • Stateless yet secure request flows
  • Lightweight trust enforcement across client tiers

📜 License

See LICENSE.md

Forged for trust. Optimized for the edge. Delivered with precision. 🔐