@authenticvision/attestation NPM

attestation-js

Authentic Vision / Meta Anchor attestation tools

Getting started

Create new or add to NodeJS project (Typescript or Javascript)
Install package via npm i @authenticvision/attestation
Hack away from one of the boilerplates below

Boilerplate Production

import { attestationDecoder } from '@authenticvision/attestation';

// Typically, a GET-Parameter 'av_sip' is carrying the attestation token
// We assume to have a NodeJS-Request object 'req' available.
const token = req.query?.av_sip

if(token) {
    try {
        const attestation = await attestationDecoder.decode(token);
        const slid = attestation.getSlid(); // An attestation *always* has a SecureLabel-Identifier (SLID)
        
        if(attestation.isAuthenticated()) {
            console.log(`Authenticated attestation received. It's safe to unlock value for slid=${slid}`)
        } else {
            if(attestation.isFraud()) {
                console.log(`FRAUD detected for ${slid} - handle it!`);
            } else {
                // Its not fraud, and the label can be identified. Some "ungated" information could be displayed
                console.log(`A SLID is known, but not authenticated. You may display public information for slid=${slid}`)
            }
        }
    } catch(e) {
        // Key not found, token expired, already redeemed before, .... 
        console.error(e); 
    }
}

Boilerplate local development:

Request an API-Key at XXXX
Use https://api.metaanchor.io/api/v1/attestation/dev/generate to generate development-attestations
Set attestationDecoder.setDevelopment(true) to enable the development-keyserver. Make sure to not use this line in production!

Complete example:

import { attestationDecoder } from '@authenticvision/attestation';

// SETUP
attestationDecoder.activateDevelopmentMode() // FIXME DO NOT SHIP THIS LINE TO PRODUCTION

// Typically, a GET-Parameter 'av_sip' is carrying the attestation token
// We assume to have a NodeJS-Request object 'req' available.
const token = "v4.public.eyJhdWQiOiJleGFtcGxlLmNvbSIsImV4cCI6IjIwMzAtMDEtMDFUMDA6MDA6MDBaIiwiaWF0IjoiMjAyMy0wNC0yMFQxNjo1NDowMVoiLCJqdGkiOiJmOGIxZDdmNzNiNzEzYWY0M2FkNTllMzNiN2MwMmRmNSIsInJlc3VsdCI6IkFVVEhFTlRJQyIsInNsaWQiOiJaNDVKQkpSNlM5IiwibG9jYXRpb24iOnsibGF0Ijo0Ny43OTQ2LCJsb24iOjEyLjk4NjR9LCJleHRyZWZzIjpbImZvbyIseyJiYXIiOiJiYXoifSwxMjNdffeoKRK7wfueWl9ti4h9JTYM2ZOXOPgHMOq-6eRxFEKFUYz1LLcNxUp9JtHHY-FD5pHxP9OQ9nOg_izxMwK3GgU.eyJraWQiOiAiazQucGlkLjJ1YWIzaDE4c2dhWVgxUEtGVzNPSU12R0lmQU1udXdXQko2VHVDYnV3UWlpIn0"

if(token) {
    try {
        const attestation = await attestationDecoder.decode(token);
        const slid = attestation.getSlid(); // An attestation *always* has a SecureLabel-Identifier (SLID)
        
        if(attestation.isAuthenticated()) {
            console.log(`Authenticated attestation received. It's safe to unlock value for slid=${slid}`)
        } else {
            if(attestation.isFraud()) {
                console.log(`FRAUD detected for ${slid} - handle it!`);
            } else {
                // Its not fraud, and the label can be identified. Some "ungated" information could be displayed
                console.log(`A SLID is known, but not authenticated. You may display public information for slid=${slid}`)
            }
        }
    } catch(e) {
        // Key not found, token expired, already redeemed before, .... 
        console.error(e); 
    }
}

attestation paseto AuthenticVision MetaAnchor

26 days ago

27 days ago

1 month ago