Releases: VeritasActa/verify
Releases · VeritasActa/verify
v0.2.2 — Offline Receipt Verification
@veritasacta/verify v0.2.2
Offline verification of Ed25519-signed receipts and artifacts.
Features
- Ed25519 signature verification (RFC 8032)
- JCS canonicalization (RFC 8785) for deterministic payloads
- Batch verification of receipt chains
- Hash-chain integrity checking
- Zero network dependencies — works fully offline
- CLI:
npx @veritasacta/verify receipt.json
Standards
- IETF Internet-Draft: draft-farley-acta-signed-receipts
- Integrated into Microsoft Agent Governance Toolkit
Install
npm install @veritasacta/verifyApache-2.0 licensed.
v0.1.0 — Initial Release
@veritasacta/verify v0.1.0
First public release of the BRASS protocol verification primitive.
What's included
- Core verifier —
verify(msg, ctx, config, store)implementing the full BRASS redemption flow - Crypto primitives — deterministic hashing, nullifier derivation, salt computation, window management
- Storage adapters — MemoryStore (in-process) and KVStore (Cloudflare KV)
- Examples — Express middleware and Cloudflare Worker integrations
- 75 tests — full coverage of crypto primitives and storage operations
- Protocol specification — formal PROTOCOL.md documenting the BRASS protocol
Install
npm install @veritasacta/verifyKey properties
- Issuer-blind: the entity issuing tokens never learns which API they're used on
- Offline verification: the issuer is never contacted during token redemption
- Deterministic nullifiers: same token + same scope = same nullifier, different scope = unlinkable
- Zero vendor lock-in: pluggable storage, pure functions, no framework dependencies
Dependencies
- @noble/curves ^1.3.0 (audited by Cure53)
- @noble/hashes ^1.3.0 (audited by Cure53)
License
MIT — with pending patent applications covering the BRASS protocol mechanism.