receipt-express
v1.0.0
Published
Express middleware for cryptographic receipts. Auto-generates verifiable proof for every request.
Downloads
118
Maintainers
amann805Readme
receipt-express
Express middleware for cryptographic receipts. Auto-generates verifiable proof for every request.
npm install receipt-expressQuick Start
const express = require('express');
const { receiptMiddleware } = require('receipt-express');
const app = express();
// Add receipt middleware - every request gets a cryptographic receipt
app.use(receiptMiddleware({
privateKey: process.env.RECEIPT_KEY
}));
app.get('/api/action', (req, res) => {
// Receipt is automatically generated
console.log(res.locals.receipt); // { message, timestamp, signer, signature, ... }
res.json({ success: true });
});
app.listen(3000);Every Request = Verifiable Receipt
The middleware automatically signs:
- HTTP method + path
- Response status code
- Request duration
- Timestamp
- Client IP + User-Agent
Anyone can verify these receipts using the public Ethereum address.
Options
app.use(receiptMiddleware({
// Required: your signing key
privateKey: process.env.RECEIPT_KEY,
// Optional: custom action name
getAction: (req, res) => `user.${req.user?.id}.${req.method}.${req.path}`,
// Optional: custom metadata
getMetadata: (req, res, defaults) => ({
...defaults,
userId: req.user?.id,
correlationId: req.headers['x-correlation-id']
}),
// Optional: callback when receipt generated (for storage)
onReceipt: async (receipt, req, res) => {
await db.receipts.insert(receipt);
},
// Optional: skip certain paths
skipPaths: ['/health', '/metrics', '/favicon.ico']
}));Store Receipts
const receipts = [];
app.use(receiptMiddleware({
privateKey: process.env.RECEIPT_KEY,
onReceipt: (receipt) => {
receipts.push(receipt);
// Or: send to database, queue, or external service
}
}));
// Endpoint to export receipts
app.get('/receipts', (req, res) => {
res.json(receipts);
});Verify Receipts
const { verify } = require('receipt-sdk');
const result = verify(receipt);
console.log(result.valid); // true
console.log(result.signer); // 0x...Use Cases
- Audit trails - Prove what happened, when, by whom
- AI agent accountability - Every agent action is signed
- Compliance - Immutable proof of operations
- API metering - Verifiable usage records
- SLA proof - Response times with cryptographic evidence
License
MIT - Built by FinalBoss