Important: This documentation covers Yarn 1 (Classic).
For Yarn 2+ docs and migration guide, see yarnpkg.com.

Package detail

@trap_stevo/verilink

trap_stevo155See License in LICENSE.md0.0.1

Encrypted from the start. Trusted to the end. This client-side protocol redefines secure communication — forging a direct bridge to zero-trust architecture through encrypted sessions, intelligent attestation, and seamless claim validation. Engineered for

Legendary, Enlightened, Steven Compton, Magical, Secure Communication, Encrypted Requests, Encrypted Client, Zero Trust, Cyber security, Cybersecurity, Session Encryption, Attestation, Session Identity, Client Protocol, Claim Validation, Browser Security, Persistent Identity, Real-time Security, Trusted Sessions, Modern Web Security, Edge Communication, Secure Frontend, Secure Client, VeriLink, Lightweight Encryption, Crypto Middleware, Secure Payload, Client Verification

readme

🔗 VeriLink · Legendary End-toEnd Encrypted Client Protocol

Encrypted from the start. Trusted to the end. This client-side protocol redefines secure communication — forging a direct bridge to zero-trust architecture through encrypted sessions, intelligent attestation, and seamless claim validation.
Engineered for the future of connectivity, it enables real-time payload exchange, persistent identity, and adaptive trust — all in an ultra-light format built to empower encrypted APIs and modern edge environments.

🚀 Features

  • 🔐 Encrypted payload delivery from browser and edge clients
  • 🧠 Identity claims backed by attestation
  • 🔄 Session-based communication with optional persistence
  • ⚙️ Customizable mutation and storage handling
  • 🌐 Native browser compatibility
  • 🧩 Seamless integration with VeriPath-secured routes
  • 💡 Drop-in secure request mechanism for the modern web

📦 Installation

npm install @trap_stevo/verilink

🔧 Quick Start

import { VeriLink } from "@trap_stevo/verilink";

const client = new VeriLink({
      serverURL         : "https://api.example.com",
      deviceID          : "my-device-id",
      persistSessionKey : true,
      persistSessionID  : true,
      mutator           : "vlk"
});

// Pair once per session
await client.pair("/device/pair");

// Send secure request
const result = await client.send("POST", "/create-user", {
      username : "legend",
      email    : "legend@example.com"
});

console.log(result);

🛠 Configuration Options

Property Type Description
serverURL string Base URL for encrypted API server.
deviceID string Optional identifier for the calling device.
mutator string or Uint8Array Key used for XOR-based local obfuscation. Default: "vlk"
vaultSGN string Storage key for session key. Default: "vlx"
linkSGN string Storage key for session ID. Default: "vli"
persistSessionKey boolean If true, stores the session key locally.
persistSessionID boolean If true, stores the session ID locally.
sessionKey ArrayBuffer | string (Optional) Provide a pre-generated session key.
sessionID string (Optional) Provide a custom session ID.

📘 API Overview

🛠 Instance Methods

Method Description
constructor(options) Creates a new encrypted client instance with optional persistence and device identity.
pair(path = "/device/pair") Pairs the client with the server, submitting the session key securely.
send(method, path, data, headers, options) Sends an encrypted request to the server and returns the decrypted response.
setServer(url) Updates the server URL for future requests.
setKey(key) Sets the session key manually (ArrayBuffer or base64 string).

🔧 Request Parameters (for .send())

Parameter Type Description
method string HTTP method (e.g., "GET", "POST")
path string Endpoint path (e.g., "/create-user")
data object Payload to send (will be encrypted)
headers object Optional custom headers
options object Optional flags (e.g., { fullResponse: true })

🧠 Identity and Trust

Every request includes session-bound claims with attested identity information and a cryptographically signed trust token. This allows the server to verify that the request originated from a known session, device, and environment — without relying on traditional token chains.

When persistSessionKey and persistSessionID are enabled, session state can be retained across reloads or reboots, creating long-lived secure interactions without re-pairing.

🌐 Designed For

Environment Use Case
Browser Secure frontend-to-server requests
Edge Apps Lightweight encrypted API clients
Kiosks/IoT Session-persistent command and control flows

🤝 Companion APIs

Package Role
VeriPath Receives, decrypts, and verifies incoming client data
VeriAuth Pairs session keys and manages session trust

🧱 Use Cases

  • Secure data transmission from frontend apps
  • Encrypted micro-clients for embedded systems
  • Stateless yet secure request flows
  • Lightweight trust enforcement across client tiers

📜 License

See LICENSE.md

Forged for trust. Optimized for the edge. Delivered with precision. 🔐