reference-typescript
v1.0.0Node 20+ and browser ESM build of the SignedReceipts producer and verifier. SubtleCrypto-backed in browsers, node:crypto on the server, zero runtime dependencies.
About this artefact
@signedreceipts/core is the reference TypeScript package. It exposes a tiny producer API and a strict verifier that share a single canonicalisation pipeline. On Node 20+ the package uses node:crypto; on modern browsers it uses SubtleCrypto. The package is ESM-only, ships TypeScript declarations directly, and has zero runtime dependencies. Release artefacts are published to npm with provenance attestations.
A separate @signedreceipts/cli wrapper exposes the same verifier through a small command-line shim, but the canonical CLI is the Rust binary in verifier-cli — the TS shim exists to make local development inside JavaScript projects friction-free. The build is deterministic: the published tarball matches the on-disk tree byte-for-byte, with a top-level signature over MANIFEST.sha256.
Manifest
| Path | Size | SHA-256 |
|---|---|---|
package.json | 0.9 KB | 7b68d7e2d4074bbc892f9ab312f3f88d8a6a132e3778d5be690aa6e387b87072 |
src/index.ts | 3.2 KB | 15ecb98e1133d913784e847c5f6b503c55a19d8ffd22f68e720352934b9dd74a |
src/canonical.ts | 4.8 KB | 078cc5e8b25ae96df26f379e4565949dd20fe032e975f513637ca3523a76470a |
src/verify.ts | 7.1 KB | b83cb2fc4cb1d5753eae408eef096ac4c6573bc78db74bba12370f9bc4a7b78e |
src/jwks.ts | 2.6 KB | ec2719a88bfb945c3df2ce1739ef09ce94153c45f8730a8ee21a1fc72362451c |
8af4c92d · signed by working-group key wg-2026-03Quick start
pnpm add @signedreceipts/core # or: npm i @signedreceipts/core # or: yarn add @signedreceipts/core
import { Verifier } from "@signedreceipts/core";
const verifier = await Verifier.fromJwksUrl(
"https://api.cloakapi.io/.well-known/jwks.json",
);
const result = await verifier.verify(receiptJson);
if (!result.ok) throw new Error(result.reason);
Issues / questions
Bug reports, patches, and security advisories all go to the working-group inbox.
Back to /source/ · related: spec · conformance · implementations