npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@trap_stevo/veripath

v0.0.4

Published

The pinnacle of real-time encrypted routing and session-bound communication through a precision-crafted middleware system. Empowering developers to secure every route with dynamic request decryption, intelligent session validation, and seamless encrypted

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

trap_stevotrap_stevo

Keywords

LegendaryEnlightenedSteven ComptonMagicalauthauthenticationCyber securityCybersecurityveripathveriauthverilinkend-to-end encryptiondevice pairingencryption middlewaremiddlewaresecure communicationrequest encryptionresponse encryptionclaim injectionAttestationzero trustcustom claimsencrypted REST APIdynamic session authmodular securitytokenless securitysecure express routerversatile securityrobust authconfigurable encryption

Readme

🛡️ VeriPath · Legendary End-to-End Encrypted Routing Gateway

The pinnacle of real-time encrypted routing and session-bound communication through a precision-crafted middleware system.
Empower secure, scalable interactions — from device APIs to private internal tools — and redefine how encrypted paths are governed across every layer of your application.
VeriPath handles dynamic decryption, encrypted response orchestration, and claim-aware routing — all in one seamless drop-in router.

🚀 Features

  • 🔐 Automatic request decryption & response encryption
  • 🔄 Real-time session validation with secure key pairing
  • 🧠 Attestation-backed identity claims via session metadata
  • 🗃 Session key and ID persistence
  • ⚙️ Local key mutation for secure storage
  • 🔌 .get(), .post(), .put(), etc. with encrypted middleware stack
  • 🧩 Built-in pairing via VeriAuth
  • 🌐 Compatible with VeriLink browser gateway clients

📦 Installation

npm install @trap_stevo/veripath

🔧 Quick Start

const { VeriPath } = require("@trap_stevo/veripath");

const express = require("express");

const app = express();
app.use(express.json());

const vp = new VeriPath({
      persistSessionKey : false,
      persistSessionID  : false,
      enablePairing     : true,
      mutator           : "vlk",
      vaultSGN          : "vlx",
      linkSGN           : "vli"
});

vp.post("/create-user", async (req, res) => {
      const { username, email } = req.vData;
      res.vSend({ message : `User ${username} with email ${email} created.` });
});

vp.get("/fetch-profile", async (req, res) => {
      const { userID } = req.vData;
      res.vSend({ message : `Fetched profile for user ID: ${userID}` });
});

app.use("/", vp.router());

app.listen(12569, () => {
      console.log("🔐 VeriPath running at http://localhost:12569");
});

📘 API Specification

🛠 Configuration Options

| Property | Type | Description | |--------------------------|-------------------------|-----------------------------------------------------------------------------| | restoreSessionsPaths | boolean | Restores previously stored session paths on startup. Default: true | | persistSessionKey | boolean | Enables session key persistence across restarts. | | persistSessionID | boolean | Enables session ID persistence across restarts. | | mutator | string or Uint8Array| Mutator used for XOR obfuscation of session keys. Default: "vlk" | | vaultSGN | string | Storage key name for the encrypted session key. Default: "vlx" | | linkSGN | string | Storage key name for the session ID. Default: "vli" | | sessionIDExtractor | function(req) | Optional custom extractor for session ID from the request. | | enablePairing | boolean | Enables secure key-pairing route. | | pairingGuard | function(req,res,next)| Optional middleware to guard the pairing route. | | pairingPath | string | Path for the pairing route. Default: "/device/pair" | | veriAuthConfigurations | object | Optional config passed to VeriAuth constructor. | | expectedUserAgents | string[] | Allows multiple client identifiers for request validation. | | expectedUserAgent | string | Specifies a single expected client identifier for request validation. |

📚 Instance Methods

| Method | Description | |------------------------------------------|-----------------------------------------------------------------------------| | .get(path, ...handlers) | Registers encrypted GET route. | | .post(path, ...handlers) | Registers encrypted POST route. | | .put(path, ...handlers) | Registers encrypted PUT route. | | .patch(path, ...handlers) | Registers encrypted PATCH route. | | .delete(path, ...handlers) | Registers encrypted DELETE route. | | .router() | Returns the internal express.Router() instance. | | .enablePairingRoute(path, guard, conf) | Registers a pairing route manually using VeriAuth. |

🔐 Request Helpers

These are injected into route handlers:

| Helper | Type | Description | |----------------|------------|---------------------------------------------------------------| | req.vData | object | Decrypted payload from the request (JSON body or query). | | res.vSend() | function | Sends an encrypted response. Accepts a JSON-serializable object. |

🤝 Pairing Behavior

When enablePairing = true, VeriPath automatically adds a POST route (default: /device/pair) using VeriAuth.

  • Accepts a session key associated with a session ID.
  • You may optionally guard this route with pairingGuard middleware.
  • Pairing keys are stored in the vault and used to decrypt subsequent requests.

Example guard:

(req, res, next) => {
      if (req.headers["x-admin-key"] !== "expected") return res.status(403).end();
      next();
}

🌐 Compatible Clients

| Client | Purpose | |--------------|-----------------------------------------| | VeriLink | Encrypted browser/client-side communication | | VeriAuth | Handles session key registration and pairing |

🧱 Use Cases

  • 🔐 Encrypted device-to-server communication
  • 🛡️ Internal dashboards secured by session-based identity
  • 🔄 Stateless APIs with stateful encrypted identity handling
  • 🧠 Claim-aware route control with seamless integration

📜 License

See LICENSE.md

Every path protected. Every byte encrypted. Every client verified. 🔐