npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

xaip-sdk

v0.4.0

Published

Chain-agnostic trust protocol for AI agents. Register, Attest, Query, Settle.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

xkumakichixkumakichi

Keywords

aiagenttrustidentitydidmcpa2areputationverificationprotocol

Readme

xaip-sdk

Status: Alpha — This is an experimental protocol. Do not use for production trust decisions without independent verification.

⚠️ Do NOT use XAIP trust scores for high-stakes decisions (payments, security, production routing).

Chain-agnostic trust protocol for AI agents.

When agents delegate tasks to other agents, they need to know: "Can I trust you?" XAIP answers that question — without requiring any specific blockchain, platform, or vendor.

Install

npm install xaip-sdk

Quick Start

import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
import { withXAIP } from "xaip-sdk";

const server = new McpServer({ name: "my-agent", version: "1.0.0" });

// Register your tools...
server.tool("translate", { text: z.string() }, async ({ text }) => {
  return { content: [{ type: "text", text: translated }] };
});

// Add XAIP trust infrastructure — one line.
await withXAIP(server, { did: "did:web:myagent.example.com" });

Every tool execution is now:

  • Signed with Ed25519 + JCS canonical payload (RFC 8785)
  • Scored using Bayesian Beta distribution (no magic constants)
  • Queryable by other agents via xaip_query
  • Co-signed when a caller provides a SigningDelegate

Trust Model (v0.3.1)

trust = bayesianScore x callerDiversity x coSignFactor

| Axis | What it measures | Range | |------|-----------------|-------| | Bayesian Score | Execution success rate with Beta prior | 0-1 | | Caller Diversity | How many independent callers (Sybil defense) | 0-1 | | Co-sign Factor | Percentage of dual-signed receipts | 0.5-1 |

No magic constants. Each axis has a clear statistical meaning.

Identity Priors

DID methods with higher creation cost start with a stronger Bayesian prior, but all methods converge with evidence:

| Method | Prior | Prior Mean | Cost | |--------|-------|------------|------| | did:key | Beta(1,1) | 0.500 | Free | | did:web | Beta(2,1) | 0.667 | Domain | | did:ethr | Beta(3,1) | 0.750 | Gas | | did:xrpl | Beta(5,1) | 0.833 | XRP reserve |

A did:key agent with 200+ diverse callers achieves the same trust as did:xrpl.

Verdict

| Verdict | Condition | |---------|-----------| | yes | trust >= 0.70 AND >= 10 executions | | caution | trust >= 0.40 AND >= 10 executions | | no | trust < 0.40 AND >= 10 executions | | unknown | fewer than 10 executions (bootstrap period) |

Query Example

{
  "verdict": "yes",
  "trust": 0.782,
  "riskFlags": [],
  "score": {
    "overall": 0.95,
    "byCapability": {
      "translate": { "score": 0.97, "executions": 150, "recentSuccessRate": 0.98 }
    }
  },
  "meta": {
    "sampleSize": 192,
    "bayesianScore": 0.952,
    "callerDiversity": 0.871,
    "coSignedRate": 0.94,
    "prior": [2, 1]
  }
}

Co-signatures with SigningDelegate

Callers co-sign receipts without exposing private keys:

import { createSigningDelegate, withXAIP } from "xaip-sdk";

// Caller side: key never leaves this process
const signer = createSigningDelegate("did:web:caller.com", myPrivateKey);

await withXAIP(server, {
  did: "did:web:myagent.com",
  callerSigner: signer,
});

Federation

Push receipts to multiple aggregators for resilience. Queries take the median trust value across nodes (Byzantine fault tolerant when honest nodes > 50%).

await withXAIP(server, {
  did: "did:web:myagent.com",
  aggregatorUrls: [
    "https://agg1.example.com",
    "https://agg2.example.com",
    "https://agg3.example.com",
  ],
});

Recommendation: Configure at least 3 aggregators, with the majority operated by trusted parties.

Plugins

| Plugin | Purpose | |--------|---------| | veridict | Import Veridict execution history | | xrpl | On-chain DID registration, score anchoring, escrow | | otel | Export receipts as OpenTelemetry spans |

import { veridictPlugin } from "xaip-sdk/plugins/veridict";
import { xrplPlugin } from "xaip-sdk/plugins/xrpl";
import { otelPlugin } from "xaip-sdk/otel";

await withXAIP(server, {
  plugins: [veridictPlugin(), xrplPlugin({ wallet }), otelPlugin()],
});

Security Notice

Trust scores are a risk assessment tool, not a safety guarantee.

  • A high trust score means the agent has a history of successful executions verified by diverse, independent callers. It does not guarantee the absence of malicious behavior (e.g., data exfiltration while returning correct results).
  • Agents with fewer than 10 executions are in a bootstrap period and always return verdict: "unknown" regardless of their computed trust value. Do not make critical delegation decisions based on bootstrap-period scores.
  • Sybil resistance depends on caller diversity. Collusion rings (multiple DIDs controlled by one entity) can inflate trust scores, though weighted diversity raises the cost.
  • Aggregator-based federation assumes honest majority among configured aggregator nodes. An attacker controlling >50% of your aggregator list can manipulate query results.

See XAIP-SPEC.md for the full threat model.

Specification

Full protocol specification: XAIP-SPEC.md

Links

License

MIT