npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

reputrans

v0.1.5

Published

Zero-knowledge credential toolkit - issue, prove, and verify credentials without revealing private data

Downloads

699

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

danielabrahamxdanielabrahamx

Keywords

Readme

REPUTRANS

Prove things about yourself without revealing the underlying data.

A university signs your degree. You want to prove you studied Computer Science - but not reveal your name, GPA, or graduation year. REPUTRANS lets you do exactly that: generate a cryptographic proof that discloses only the fields you choose, and a verifier can check it without ever seeing the original credential.

You can also prove things about hidden values. "My GPA is at least 3.0" - the verifier sees that the statement is true, but never learns the actual number.

Two proof types:

  • Selective disclosure - reveal specific fields, hide the rest
  • Range proofs - prove a numeric field meets a threshold (>= or <=) without revealing the value

Everything runs locally on your machine. No blockchain, no server, no accounts. Real cryptography built on Noir zero-knowledge circuits with Barretenberg UltraHonk proofs.

Quick Start

Prerequisites: Node.js 18+

npx reputrans keygen
npx reputrans issue
npx reputrans inspect
npx reputrans prove --disclose field_of_study
npx reputrans verify

Five commands, zero config. Each command auto-detects output files from the previous step, so you don't need to pass file paths.

| Command | What it does | |---|---| | keygen | Generate an issuer keypair (e.g. a university or employer) | | issue | Sign claims into a verifiable credential. Without --claims, uses an example | | inspect | Show credential fields and what proof types each supports | | prove | Generate a zero-knowledge proof (see syntax below) | | verify | Check a proof mathematically - no trust, no credential needed |

Prove syntax

The prove command supports two flags:

--disclose - reveal specific fields, hide the rest:

npx reputrans prove --disclose field_of_study
# Verifier sees: field_of_study = "Computer Science"
# Verifier does NOT see: name, gpa, graduation_year

--range - prove a numeric value meets a threshold without revealing it:

npx reputrans prove --range gpa:gte:3.0
# Verifier sees: gpa >= 3.0 (TRUE)
# Verifier does NOT see: the actual GPA value

Range format is field:operator:threshold where:

  • gte = greater than or equal to (>=)
  • lte = less than or equal to (<=)

Combine both in a single proof:

npx reputrans prove --disclose department --range clearance:gte:2
# Verifier sees: department = "R&D", clearance >= 2
# Verifier does NOT see: the actual clearance level, role, or any other fields

Custom Credentials

Create a claims.json with any fields you want:

{
  "role": "engineer",
  "clearance": "3",
  "department": "R&D",
  "years_experience": "7"
}

Then:

npx reputrans keygen --name "Acme Corp"
npx reputrans issue --key acme-corp-key.json --claims claims.json
npx reputrans inspect
npx reputrans prove --disclose department --range clearance:gte:2
npx reputrans verify

Numeric fields (like clearance and years_experience) automatically support range proofs. String fields support selective disclosure.

Install Globally (optional)

npm install -g reputrans
reputrans keygen

How It Works

REPUTRANS uses three roles:

  1. Issuer - generates a keypair and signs claims into a credential. The credential is a Poseidon Merkle tree of field hashes, signed with an EdDSA signature over BabyJubjub
  2. Provar (credential holder) - generates a ZK proof revealing only selected fields. The proof is computed inside a Noir circuit that verifies the issuer's signature, validates Merkle paths for disclosed fields, and checks range constraints - all in zero knowledge
  3. Arbiter (verifier) - checks the proof. This is pure math - no trust required, no contact with the issuer, no access to the original credential

The proof is portable. Verify it on any machine, via the included REST API, or on-chain. No blockchain required for the basic flow.

Architecture

reputrans/
  circuits/     7 Noir circuits (compiled to Barretenberg UltraHonk)
  sdk/src/      TypeScript SDK (poseidon, eddsa, encoder, identity, prover, verifier)
  cli/src/      CLI commands (keygen, issue, inspect, prove, verify)
  verifier/     REST verifier service with DID resolution

Circuits

| Circuit | Purpose | Used by CLI | |---|---|---| | composite | EdDSA signature verify + Merkle selective disclosure + range proof | Yes - the main circuit | | field_disclosure | Standalone selective disclosure | No | | range_proof | Standalone range check | No | | set_membership | Merkle tree membership proof | No | | signature_verify | Standalone EdDSA verification | No | | poseidon_compat | Cross-boundary hash validation | Testing only | | map_to_curve | BabyJubjub point mapping | Optimization, not required |

The CLI uses the composite circuit for everything. The standalone circuits exist for modularity and testing.

CLI Reference

| Command | Required args | Optional args | Auto-detects | |---|---|---|---| | keygen | none | --name, --out | - | | issue | none | --key, --claims, --out | *-key.json | | inspect | none | --credential | credential-*.json | | prove | --disclose or --range | --credential, --out | credential-*.json | | verify | none | --proof | proof-*.json |

Range format: field:operator:threshold

  • gte = greater than or equal to (>=)
  • lte = less than or equal to (<=)
  • Examples: gpa:gte:3 (GPA is at least 3), age:lte:65 (age is at most 65)

Development

git clone https://github.com/danielabrahamx/reputrans-core.git
cd reputrans-core
npm install
npm run build
npm test         # 91 tests, including real ZK proof generation
npm run test:e2e # full CLI lifecycle test

Protocol Roles

  • Provar - the credential holder who generates proofs
  • Arbiter - the verifier who checks proofs

Anyone can be an issuer. The Provar does not need their own keys - the credential file contains everything needed for proof generation. Anonymous identity (master secret, nullifiers) is available in the Enterprise product.

License

MIT