UNPKG

@trap_stevo/verilink

Version:

Encrypted from the start. Trusted to the end. This client-side protocol redefines secure communication โ€” forging a direct bridge to zero-trust architecture through encrypted sessions, intelligent attestation, and seamless claim validation. Engineered for

140 lines (98 loc) โ€ข 6.53 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
# ๐Ÿ”— VeriLink ยท Legendary End-toEnd Encrypted Client Protocol > **Encrypted from the start. Trusted to the end.** This client-side protocol redefines secure communication โ€” forging a direct bridge to zero-trust architecture through encrypted sessions, intelligent attestation, and seamless claim validation. > Engineered for the future of connectivity, it enables real-time payload exchange, persistent identity, and adaptive trust โ€” all in an ultra-light format built to empower encrypted APIs and modern edge environments. --- ## ๐Ÿš€ Features - ๐Ÿ” Encrypted payload delivery from browser and edge clients - ๐Ÿง  Identity claims backed by attestation - ๐Ÿ”„ Session-based communication with optional persistence - โš™๏ธ Customizable mutation and storage handling - ๐ŸŒ Native browser compatibility - ๐Ÿงฉ Seamless integration with VeriPath-secured routes - ๐Ÿ’ก Drop-in secure request mechanism for the modern web --- ## ๐Ÿ“ฆ Installation ```bash npm install @trap_stevo/verilink ``` --- ## ๐Ÿ”ง Quick Start ```js import { VeriLink } from "@trap_stevo/verilink"; const client = new VeriLink({ serverURL : "https://api.example.com", deviceID : "my-device-id", persistSessionKey : true, persistSessionID : true, mutator : "vlk" }); // Pair once per session await client.pair("/device/pair"); // Send secure request const result = await client.send("POST", "/create-user", { username : "legend", email : "legend@example.com" }); console.log(result); ``` --- ## ๐Ÿ›  Configuration Options | Property | Type | Description | |------------------------|-------------------------|--------------------------------------------------------------------------| | `serverURL` | `string` | Base URL for encrypted API server. | | `deviceID` | `string` | Optional identifier for the calling device. | | `userAgent` | `string` | The client identifier used for request validation. | | `mutator` | `string` or `Uint8Array`| Key used for XOR-based local obfuscation. Default: `"vlk"` | | `vaultSGN` | `string` | Storage key for session key. Default: `"vlx"` | | `linkSGN` | `string` | Storage key for session ID. Default: `"vli"` | | `persistSessionKey` | `boolean` | If `true`, stores the session key locally. | | `persistSessionID` | `boolean` | If `true`, stores the session ID locally. | | `sessionKey` | `ArrayBuffer \| string` | (Optional) Provide a pre-generated session key. | | `sessionID` | `string` | (Optional) Provide a custom session ID. | --- ## ๐Ÿ“˜ API Overview ### ๐Ÿ›  Instance Methods | Method | Description | |---------------------------------------------|-----------------------------------------------------------------------------| | `constructor(options)` | Creates a new encrypted client instance with optional persistence and device identity. | | `pair(path = "/device/pair")` | Pairs the client with the server, submitting the session key securely. | | `paired()` | Checks the pair status of the client device. | | `send(method, path, data, headers, options)`| Sends an encrypted request to the server and returns the decrypted response. | | `setServer(url)` | Updates the server URL for future requests. | | `setKey(key)` | Sets the session key manually (ArrayBuffer or base64 string). | --- ### ๐Ÿ”ง Request Parameters (for `.send()`) | Parameter | Type | Description | |-------------|------------|------------------------------------------------------------| | `method` | `string` | HTTP method (e.g., `"GET"`, `"POST"`) | | `path` | `string` | Endpoint path (e.g., `"/create-user"`) | | `data` | `object` | Payload to send (will be encrypted) | | `headers` | `object` | Optional custom headers | | `options` | `object` | Optional flags (e.g., `{ fullResponse: true }`) | --- ## ๐Ÿง  Identity and Trust Every request includes session-bound claims with attested identity information and a cryptographically signed trust token. This allows the server to verify that the request originated from a known session, device, and environment โ€” without relying on traditional token chains. When `persistSessionKey` and `persistSessionID` are enabled, session state can be retained across reloads or reboots, creating long-lived secure interactions without re-pairing. --- ## ๐ŸŒ Designed For | Environment | Use Case | |-------------|----------------------------------------------| | Browser | Secure frontend-to-server requests | | Edge Apps | Lightweight encrypted API clients | | Kiosks/IoT | Session-persistent command and control flows | --- ## ๐Ÿค Companion APIs | Package | Role | |-------------|-------------------------------------------------------| | `VeriPath` | Receives, decrypts, and verifies incoming client data | | `VeriAuth` | Pairs session keys and manages session trust | --- ## ๐Ÿงฑ Use Cases - Secure data transmission from frontend apps - Encrypted micro-clients for embedded systems - Stateless yet secure request flows - Lightweight trust enforcement across client tiers --- ## ๐Ÿ“œ License See [LICENSE.md](./LICENSE.md) _Forged for trust. Optimized for the edge. Delivered with precision._ ๐Ÿ”