@zeroad.network/token 0.9.1 → 0.10.0

package/README.md

@@ -40,7 +40,7 @@ bun add @zeroad.network/token
 
 # Examples
 
-Take the example as a reference only. The most basic, and honestly, quite complete use with `express` could look similar to this:
+Take the example as a reference only. The most basic, and honestly, quite complete use with `express` v.5 could look similar to this:
 
 ```js
 import express from "express";
@@ -56,41 +56,44 @@ const app = express();
 const port = 3000;
 
 // Welcome Header Value acquired during Site Registration process at Zero Ad Network platform
-const ZERO_AD_PARTNER_HEADER_VALUE = "AZqnKU56eIC7vCD1PPlwhg^1^3";
+const ZERO_AD_NETWORK_WELCOME_HEADER_VALUE = "AZqnKU56eIC7vCD1PPlwhg^1^3";
 
 // Initialize your Zero Ad Network module
-init({ value: ZERO_AD_PARTNER_HEADER_VALUE });
+init({ value: ZERO_AD_NETWORK_WELCOME_HEADER_VALUE });
 
 app
-    .use((req, res, next) => {
-        // X-Better-Web-Welcome header injection can could have it's own simple middleware like this:
-        res.header(getServerHeaderName(), getServerHeaderValue())
-    })
-    .use((req, res, next) => {
-        const result = await processRequest(c.req.header(getClientHeaderName()));
-
-        res.locals.disableAds = result.shouldRemoveAds();
-        res.locals.removePaywalls = result.shouldEnablePremiumContentAccess();
-        res.locals.vipExperience = result.shouldEnableVipExperience();
-
-        next();
-    })
-    .get('/', (req, res) => {
-        // The "locals.disableAds" variable can now be used to suppress rendering
-        // of ads and 3rd party non-functional trackers.
-
-        // The "locals.removePaywalls" variable can allow users to bypass pay-walled content.
-        res.render('index.ejs');
-    });
+  .use((req, res, next) => {
+    // X-Better-Web-Welcome header injection can could have it's own simple middleware like this:
+    res.set(getServerHeaderName(), getServerHeaderValue());
+
+    next();
+  })
+  .use((req, res, next) => {
+    const tokenContext = processRequest(req.get(getClientHeaderName()));
+    res.locals.tokenContext = tokenContext;
+
+    next();
+  })
+  .get("/", (req, res) => {
+    // The "locals.disableAds" variable can now be used to suppress rendering
+    // of ads and 3rd party non-functional trackers.
+
+    // If "locals.shouldRemoveAds" value is true, the ads should be disabled in the template.
+
+    // If "locals.shouldEnablePremiumContentAccess" value is true, the access to paywalled content should be enabled. Depending on site subscription pricing, the basic subscription access could be enabled without forcing visitor to pay.
+
+    // If "locals.shouldEnableVipExperience" value is true, the next tier subscription access should be enabled without forcing visitor to pay.
+    res.render("index.ejs");
+  });
 
 app.listen(port, () => {
   console.log(`Server listening at http://localhost:${port}`);
 });
 ```
 
-P.S.: Each web request coming from active subscriber using their Zero Ad Network browser extension will incur a fraction of CPU computation cost to verify the token data matches its encrypted signature. On modern web infrasctructure a request execution time will increase roughly by ~0.1ms to 3ms or so.
+For more example implementations such as `Express.js`, `Hono` or `Fastify`, please go to [see more examples](https://github.com/laurynas-karvelis/zeroad-token/tree/main/examples/).
 
-In near future we will aim to add some form of "Request Header to processed result" caching mechanism for Redis users. In real life, Redis usually will deliver such payload slower than it would take to verify attached cryptographic token signature.
+P.S.: Each web request coming from active subscriber using their Zero Ad Network browser extension will incur a tiny fraction of CPU computation cost to verify the token data matches its encrypted signature. On modern web infrasctructure a request execution time will increase roughly by ~0.08ms to 0.2ms or so. Mileage might vary, but the impact is minimal.
 
 # Final thoughts
 

package/dist/{browser-BwYe5nvr.cjs → browser-BDaRPCd0.cjs}

@@ -21,16 +21,6 @@ var PROTOCOL_VERSION = /* @__PURE__ */ ((PROTOCOL_VERSION2) => {
 })(PROTOCOL_VERSION || {});
 const CURRENT_PROTOCOL_VERSION = 1 /* V_1 */;
 
-var constants = /*#__PURE__*/Object.freeze({
-  __proto__: null,
-  CLIENT_HEADERS: CLIENT_HEADERS,
-  CURRENT_PROTOCOL_VERSION: CURRENT_PROTOCOL_VERSION,
-  PROTOCOL_VERSION: PROTOCOL_VERSION,
-  SERVER_HEADERS: SERVER_HEADERS,
-  SITE_FEATURES: SITE_FEATURES,
-  ZEROAD_NETWORK_PUBLIC_KEY: ZEROAD_NETWORK_PUBLIC_KEY
-});
-
 const toBase64 = (data) => {
   if (typeof data.toBase64 === "function") return data.toBase64();
   if (typeof Buffer !== "undefined") return Buffer.from(data).toString("base64");
@@ -161,7 +151,6 @@ exports.SITE_FEATURES = SITE_FEATURES;
 exports.ServerHeader = ServerHeader;
 exports.ZEROAD_NETWORK_PUBLIC_KEY = ZEROAD_NETWORK_PUBLIC_KEY;
 exports.bytesToUnixTimestamp = bytesToUnixTimestamp;
-exports.constants = constants;
 exports.fromBase64 = fromBase64;
 exports.hasFeature = hasFeature;
 exports.log = log;

package/dist/{browser-UaGP6C6U.mjs → browser-CX0ZDy3i.mjs}

@@ -19,16 +19,6 @@ var PROTOCOL_VERSION = /* @__PURE__ */ ((PROTOCOL_VERSION2) => {
 })(PROTOCOL_VERSION || {});
 const CURRENT_PROTOCOL_VERSION = 1 /* V_1 */;
 
-var constants = /*#__PURE__*/Object.freeze({
-  __proto__: null,
-  CLIENT_HEADERS: CLIENT_HEADERS,
-  CURRENT_PROTOCOL_VERSION: CURRENT_PROTOCOL_VERSION,
-  PROTOCOL_VERSION: PROTOCOL_VERSION,
-  SERVER_HEADERS: SERVER_HEADERS,
-  SITE_FEATURES: SITE_FEATURES,
-  ZEROAD_NETWORK_PUBLIC_KEY: ZEROAD_NETWORK_PUBLIC_KEY
-});
-
 const toBase64 = (data) => {
   if (typeof data.toBase64 === "function") return data.toBase64();
   if (typeof Buffer !== "undefined") return Buffer.from(data).toString("base64");
@@ -151,4 +141,4 @@ class ServerHeader {
   }
 }
 
-export { CLIENT_HEADERS as C, PROTOCOL_VERSION as P, SITE_FEATURES as S, ZEROAD_NETWORK_PUBLIC_KEY as Z, ServerHeader as a, bytesToUnixTimestamp as b, setLogLevel as c, SERVER_HEADERS as d, CURRENT_PROTOCOL_VERSION as e, fromBase64 as f, constants as g, hasFeature as h, log as l, setFeatures as s, toBase64 as t, unixTimestampToBytes as u };
+export { CLIENT_HEADERS as C, PROTOCOL_VERSION as P, SITE_FEATURES as S, ZEROAD_NETWORK_PUBLIC_KEY as Z, ServerHeader as a, bytesToUnixTimestamp as b, setLogLevel as c, SERVER_HEADERS as d, CURRENT_PROTOCOL_VERSION as e, fromBase64 as f, hasFeature as h, log as l, setFeatures as s, toBase64 as t, unixTimestampToBytes as u };

package/dist/browser.d.cts

@@ -0,0 +1,53 @@
+/**
+ * This is an official ZeroAd Network public key.
+ * Used to verify `X-Better-Web-User` header values are not tampered with.
+ */
+declare const ZEROAD_NETWORK_PUBLIC_KEY: string;
+declare enum SITE_FEATURES {
+    ADLESS_EXPERIENCE = 1,
+    PREMIUM_CONTENT_ACCESS = 2,
+    VIP_EXPERIENCE = 4
+}
+type UUID = string;
+declare enum SERVER_HEADERS {
+    WELCOME = "X-Better-Web-Welcome"
+}
+declare enum CLIENT_HEADERS {
+    HELLO = "X-Better-Web-Hello"
+}
+declare enum PROTOCOL_VERSION {
+    V_1 = 1
+}
+declare const CURRENT_PROTOCOL_VERSION = PROTOCOL_VERSION.V_1;
+type ServerHeaderSimpleOptions = {
+    value: string;
+};
+type ServerHeaderExtendedOptions = {
+    siteId: UUID;
+    features: SITE_FEATURES[];
+};
+type ServerHeaderOptions = ServerHeaderExtendedOptions | ServerHeaderSimpleOptions;
+type WelcomeHeaderParseResult = WelcomeHeader | undefined;
+type WelcomeHeader = {
+    version: PROTOCOL_VERSION;
+    siteId: UUID;
+    flags: number;
+};
+type ClientHeaderParseResult = ClientParsedHeader | undefined;
+type ClientParsedHeader = {
+    version: PROTOCOL_VERSION;
+    expiresAt: Date;
+    expired: boolean;
+    flags: number;
+};
+
+declare class ServerHeader {
+    name: SERVER_HEADERS;
+    value: string;
+    constructor(options: ServerHeaderOptions);
+    encode(siteId: UUID, features: SITE_FEATURES[]): string;
+    static decode(headerValue: string | undefined): WelcomeHeaderParseResult;
+}
+
+export { CLIENT_HEADERS, CURRENT_PROTOCOL_VERSION, PROTOCOL_VERSION, SERVER_HEADERS, SITE_FEATURES, ServerHeader, ZEROAD_NETWORK_PUBLIC_KEY };
+export type { ClientHeaderParseResult, ClientParsedHeader, ServerHeaderExtendedOptions, ServerHeaderOptions, ServerHeaderSimpleOptions, UUID, WelcomeHeader, WelcomeHeaderParseResult };

package/dist/browser.d.mts

@@ -1 +1,53 @@
-export { b as ServerHeader, j as constants } from './browser-DxDxgCTA.mjs';
+/**
+ * This is an official ZeroAd Network public key.
+ * Used to verify `X-Better-Web-User` header values are not tampered with.
+ */
+declare const ZEROAD_NETWORK_PUBLIC_KEY: string;
+declare enum SITE_FEATURES {
+    ADLESS_EXPERIENCE = 1,
+    PREMIUM_CONTENT_ACCESS = 2,
+    VIP_EXPERIENCE = 4
+}
+type UUID = string;
+declare enum SERVER_HEADERS {
+    WELCOME = "X-Better-Web-Welcome"
+}
+declare enum CLIENT_HEADERS {
+    HELLO = "X-Better-Web-Hello"
+}
+declare enum PROTOCOL_VERSION {
+    V_1 = 1
+}
+declare const CURRENT_PROTOCOL_VERSION = PROTOCOL_VERSION.V_1;
+type ServerHeaderSimpleOptions = {
+    value: string;
+};
+type ServerHeaderExtendedOptions = {
+    siteId: UUID;
+    features: SITE_FEATURES[];
+};
+type ServerHeaderOptions = ServerHeaderExtendedOptions | ServerHeaderSimpleOptions;
+type WelcomeHeaderParseResult = WelcomeHeader | undefined;
+type WelcomeHeader = {
+    version: PROTOCOL_VERSION;
+    siteId: UUID;
+    flags: number;
+};
+type ClientHeaderParseResult = ClientParsedHeader | undefined;
+type ClientParsedHeader = {
+    version: PROTOCOL_VERSION;
+    expiresAt: Date;
+    expired: boolean;
+    flags: number;
+};
+
+declare class ServerHeader {
+    name: SERVER_HEADERS;
+    value: string;
+    constructor(options: ServerHeaderOptions);
+    encode(siteId: UUID, features: SITE_FEATURES[]): string;
+    static decode(headerValue: string | undefined): WelcomeHeaderParseResult;
+}
+
+export { CLIENT_HEADERS, CURRENT_PROTOCOL_VERSION, PROTOCOL_VERSION, SERVER_HEADERS, SITE_FEATURES, ServerHeader, ZEROAD_NETWORK_PUBLIC_KEY };
+export type { ClientHeaderParseResult, ClientParsedHeader, ServerHeaderExtendedOptions, ServerHeaderOptions, ServerHeaderSimpleOptions, UUID, WelcomeHeader, WelcomeHeaderParseResult };

package/dist/browser.mjs

@@ -1 +1 @@
-export { a as ServerHeader, g as constants } from './browser-UaGP6C6U.mjs';
+export { C as CLIENT_HEADERS, e as CURRENT_PROTOCOL_VERSION, P as PROTOCOL_VERSION, d as SERVER_HEADERS, S as SITE_FEATURES, a as ServerHeader, Z as ZEROAD_NETWORK_PUBLIC_KEY } from './browser-CX0ZDy3i.mjs';

package/dist/index.cjs

@@ -1,40 +1,34 @@
 'use strict';
 
-var browser = require('./browser-BwYe5nvr.cjs');
+var browser = require('./browser-BDaRPCd0.cjs');
+var crypto = require('crypto');
 
-const cryptoUniversal = (() => {
-  let cryptoImpl;
-  if (typeof globalThis !== "undefined" && globalThis.crypto?.subtle) {
-    cryptoImpl = globalThis.crypto;
-  }
-  if (!cryptoImpl) {
-    try {
-      const { webcrypto } = require("crypto");
-      cryptoImpl = webcrypto;
-    } catch {
-    }
-  }
-  if (!cryptoImpl) {
-    throw new Error("WebCrypto API not available in this environment.");
-  }
-  const getRandomValues = cryptoImpl.getRandomValues.bind(cryptoImpl);
-  return {
-    subtle: cryptoImpl.subtle,
-    getRandomValues
-  };
-})();
-
-const { subtle, getRandomValues } = cryptoUniversal;
-const algorithm = { name: "Ed25519" };
-const importPrivateKey = (privateKey) => subtle.importKey("pkcs8", browser.fromBase64(privateKey), algorithm, false, ["sign"]);
-const importPublicKey = (publicKey) => subtle.importKey("spki", browser.fromBase64(publicKey), algorithm, false, ["verify"]);
-const sign = (data, privateKey) => subtle.sign(algorithm, privateKey, data);
-const verify = (data, signature, publicKey) => subtle.verify(algorithm, publicKey, signature, data);
-const nonce = (byteCount) => {
-  const bytes = new Uint8Array(byteCount);
-  getRandomValues(bytes);
-  return bytes;
+const importPrivateKey = (privateKeyBase64) => {
+  const keyBuffer = Buffer.from(privateKeyBase64, "base64");
+  return crypto.createPrivateKey({
+    key: keyBuffer,
+    format: "der",
+    type: "pkcs8"
+  });
+};
+const importPublicKey = (publicKeyBase64) => {
+  const keyBuffer = Buffer.from(publicKeyBase64, "base64");
+  return crypto.createPublicKey({
+    key: keyBuffer,
+    format: "der",
+    type: "spki"
+  });
+};
+const sign = (data, privateKey) => {
+  const buffer = Buffer.from(data);
+  return crypto.sign(null, buffer, privateKey);
 };
+const verify = (data, signature, publicKey) => {
+  const dataBuffer = Buffer.from(data);
+  const sigBuffer = Buffer.from(signature);
+  return crypto.verify(null, dataBuffer, publicKey, sigBuffer);
+};
+const nonce = (size) => new Uint8Array(crypto.randomBytes(size));
 
 const NONCE_BYTES = 4;
 const SEPARATOR = ".";
@@ -48,7 +42,7 @@ class ClientHeader {
     this.publicKey = publicKey;
     this.privateKey = privateKey;
   }
-  async encode(version, expiresAt, features) {
+  encode(version, expiresAt, features) {
     if (!this.privateKey) throw new Error("Private key is required");
     const flags = browser.setFeatures(0, features);
     const data = mergeByteArrays([
@@ -57,18 +51,18 @@ class ClientHeader {
       browser.unixTimestampToBytes(expiresAt),
       new Uint8Array([flags])
     ]);
-    if (!this.cryptoPrivateKey) this.cryptoPrivateKey = await importPrivateKey(this.privateKey);
-    const signature = await sign(data.buffer, this.cryptoPrivateKey);
+    if (!this.cryptoPrivateKey) this.cryptoPrivateKey = importPrivateKey(this.privateKey);
+    const signature = sign(data.buffer, this.cryptoPrivateKey);
     return [browser.toBase64(data), browser.toBase64(new Uint8Array(signature))].join(SEPARATOR);
   }
-  async decode(headerValue) {
+  decode(headerValue) {
     if (!headerValue?.length) return;
-    if (!this.cryptoPublicKey) this.cryptoPublicKey = await importPublicKey(this.publicKey);
+    if (!this.cryptoPublicKey) this.cryptoPublicKey = importPublicKey(this.publicKey);
     try {
       const [data, signature] = headerValue.split(SEPARATOR);
       const dataBytes = browser.fromBase64(data);
       const signatureBytes = browser.fromBase64(signature);
-      if (!await verify(dataBytes.buffer, signatureBytes.buffer, this.cryptoPublicKey)) {
+      if (!verify(dataBytes.buffer, signatureBytes.buffer, this.cryptoPublicKey)) {
         throw new Error("Forged header value is provided");
       }
       const version = dataBytes[0];
@@ -83,13 +77,19 @@ class ClientHeader {
       browser.log("warn", "Could not decode client header value", { reason: err?.message });
     }
   }
-  async processRequest(headerValue) {
-    const data = await this.decode(headerValue);
+  processRequest(headerValue) {
+    const data = this.decode(headerValue);
     return {
-      data,
-      shouldRemoveAds: () => shouldRemoveAds(data),
-      shouldEnablePremiumContentAccess: () => shouldEnablePremiumContentAccess(data),
-      shouldEnableVipExperience: () => shouldEnableVipExperience(data)
+      _raw: data,
+      get shouldRemoveAds() {
+        return shouldRemoveAds(data);
+      },
+      get shouldEnablePremiumContentAccess() {
+        return shouldEnablePremiumContentAccess(data);
+      },
+      get shouldEnableVipExperience() {
+        return shouldEnableVipExperience(data);
+      }
     };
   }
 }
@@ -118,12 +118,12 @@ class Site {
     this.clientHeader = new ClientHeader(browser.ZEROAD_NETWORK_PUBLIC_KEY);
   }
 }
-let _defaultSite;
-const init = (options) => _defaultSite = new Site(options);
-const processRequest = (headerValue) => _defaultSite.clientHeader.processRequest(headerValue);
-const getClientHeaderName = () => _defaultSite.clientHeader.name;
-const getServerHeaderName = () => _defaultSite.serverHeader.name;
-const getServerHeaderValue = () => _defaultSite.serverHeader.value;
+let defaultSite;
+const init = (options) => defaultSite = new Site(options);
+const processRequest = (headerValue) => defaultSite.clientHeader.processRequest(headerValue);
+const getClientHeaderName = () => defaultSite.clientHeader.name;
+const getServerHeaderName = () => defaultSite.serverHeader.name;
+const getServerHeaderValue = () => defaultSite.serverHeader.value;
 
 exports.CLIENT_HEADERS = browser.CLIENT_HEADERS;
 exports.CURRENT_PROTOCOL_VERSION = browser.CURRENT_PROTOCOL_VERSION;

package/dist/index.d.cts

@@ -1,5 +1,5 @@
-import { C as CLIENT_HEADERS, P as PROTOCOL_VERSION, S as SITE_FEATURES, a as ClientHeaderParseResult, b as ServerHeader, c as ServerHeaderOptions, d as SERVER_HEADERS } from './browser-DxDxgCTA.cjs';
-export { e as CURRENT_PROTOCOL_VERSION, i as ClientParsedHeader, g as ServerHeaderExtendedOptions, f as ServerHeaderSimpleOptions, U as UUID, h as WelcomeHeader, W as WelcomeHeaderParseResult, Z as ZEROAD_NETWORK_PUBLIC_KEY } from './browser-DxDxgCTA.cjs';
+import { CLIENT_HEADERS, PROTOCOL_VERSION, SITE_FEATURES, ClientHeaderParseResult, ServerHeader, ServerHeaderOptions, SERVER_HEADERS } from './browser.cjs';
+export { CURRENT_PROTOCOL_VERSION, ClientParsedHeader, ServerHeaderExtendedOptions, ServerHeaderSimpleOptions, UUID, WelcomeHeader, WelcomeHeaderParseResult, ZEROAD_NETWORK_PUBLIC_KEY } from './browser.cjs';
 
 declare class ClientHeader {
     private cryptoPublicKey;
@@ -8,14 +8,14 @@ declare class ClientHeader {
     private privateKey;
     name: CLIENT_HEADERS;
     constructor(publicKey: string, privateKey?: string);
-    encode(version: PROTOCOL_VERSION, expiresAt: Date, features: SITE_FEATURES[]): Promise<string>;
-    decode(headerValue: string): Promise<ClientHeaderParseResult>;
-    processRequest(headerValue: string | undefined): Promise<{
-        data: ClientHeaderParseResult;
-        shouldRemoveAds: () => boolean;
-        shouldEnablePremiumContentAccess: () => boolean;
-        shouldEnableVipExperience: () => boolean;
-    }>;
+    encode(version: PROTOCOL_VERSION, expiresAt: Date, features: SITE_FEATURES[]): string;
+    decode(headerValue: string): ClientHeaderParseResult;
+    processRequest(headerValue: string | undefined): {
+        _raw: ClientHeaderParseResult;
+        readonly shouldRemoveAds: boolean;
+        readonly shouldEnablePremiumContentAccess: boolean;
+        readonly shouldEnableVipExperience: boolean;
+    };
 }
 
 type LogLevel = "error" | "warn" | "info" | "debug";
@@ -27,12 +27,12 @@ declare class Site {
     constructor(options: ServerHeaderOptions);
 }
 declare const init: (options: ServerHeaderOptions) => Site;
-declare const processRequest: (headerValue: string | undefined) => Promise<{
-    data: ClientHeaderParseResult;
-    shouldRemoveAds: () => boolean;
-    shouldEnablePremiumContentAccess: () => boolean;
-    shouldEnableVipExperience: () => boolean;
-}>;
+declare const processRequest: (headerValue: string | undefined) => {
+    _raw: ClientHeaderParseResult;
+    readonly shouldRemoveAds: boolean;
+    readonly shouldEnablePremiumContentAccess: boolean;
+    readonly shouldEnableVipExperience: boolean;
+};
 declare const getClientHeaderName: () => CLIENT_HEADERS;
 declare const getServerHeaderName: () => SERVER_HEADERS;
 declare const getServerHeaderValue: () => string;

package/dist/index.d.mts

@@ -1,5 +1,5 @@
-import { C as CLIENT_HEADERS, P as PROTOCOL_VERSION, S as SITE_FEATURES, a as ClientHeaderParseResult, b as ServerHeader, c as ServerHeaderOptions, d as SERVER_HEADERS } from './browser-DxDxgCTA.mjs';
-export { e as CURRENT_PROTOCOL_VERSION, i as ClientParsedHeader, g as ServerHeaderExtendedOptions, f as ServerHeaderSimpleOptions, U as UUID, h as WelcomeHeader, W as WelcomeHeaderParseResult, Z as ZEROAD_NETWORK_PUBLIC_KEY } from './browser-DxDxgCTA.mjs';
+import { CLIENT_HEADERS, PROTOCOL_VERSION, SITE_FEATURES, ClientHeaderParseResult, ServerHeader, ServerHeaderOptions, SERVER_HEADERS } from './browser.mjs';
+export { CURRENT_PROTOCOL_VERSION, ClientParsedHeader, ServerHeaderExtendedOptions, ServerHeaderSimpleOptions, UUID, WelcomeHeader, WelcomeHeaderParseResult, ZEROAD_NETWORK_PUBLIC_KEY } from './browser.mjs';
 
 declare class ClientHeader {
     private cryptoPublicKey;
@@ -8,14 +8,14 @@ declare class ClientHeader {
     private privateKey;
     name: CLIENT_HEADERS;
     constructor(publicKey: string, privateKey?: string);
-    encode(version: PROTOCOL_VERSION, expiresAt: Date, features: SITE_FEATURES[]): Promise<string>;
-    decode(headerValue: string): Promise<ClientHeaderParseResult>;
-    processRequest(headerValue: string | undefined): Promise<{
-        data: ClientHeaderParseResult;
-        shouldRemoveAds: () => boolean;
-        shouldEnablePremiumContentAccess: () => boolean;
-        shouldEnableVipExperience: () => boolean;
-    }>;
+    encode(version: PROTOCOL_VERSION, expiresAt: Date, features: SITE_FEATURES[]): string;
+    decode(headerValue: string): ClientHeaderParseResult;
+    processRequest(headerValue: string | undefined): {
+        _raw: ClientHeaderParseResult;
+        readonly shouldRemoveAds: boolean;
+        readonly shouldEnablePremiumContentAccess: boolean;
+        readonly shouldEnableVipExperience: boolean;
+    };
 }
 
 type LogLevel = "error" | "warn" | "info" | "debug";
@@ -27,12 +27,12 @@ declare class Site {
     constructor(options: ServerHeaderOptions);
 }
 declare const init: (options: ServerHeaderOptions) => Site;
-declare const processRequest: (headerValue: string | undefined) => Promise<{
-    data: ClientHeaderParseResult;
-    shouldRemoveAds: () => boolean;
-    shouldEnablePremiumContentAccess: () => boolean;
-    shouldEnableVipExperience: () => boolean;
-}>;
+declare const processRequest: (headerValue: string | undefined) => {
+    _raw: ClientHeaderParseResult;
+    readonly shouldRemoveAds: boolean;
+    readonly shouldEnablePremiumContentAccess: boolean;
+    readonly shouldEnableVipExperience: boolean;
+};
 declare const getClientHeaderName: () => CLIENT_HEADERS;
 declare const getServerHeaderName: () => SERVER_HEADERS;
 declare const getServerHeaderValue: () => string;

package/dist/index.mjs

@@ -1,39 +1,33 @@
-import{createRequire as _pkgrollCR}from"node:module";const require=_pkgrollCR(import.meta.url);import { f as fromBase64, C as CLIENT_HEADERS, s as setFeatures, u as unixTimestampToBytes, t as toBase64, P as PROTOCOL_VERSION, b as bytesToUnixTimestamp, l as log, S as SITE_FEATURES, h as hasFeature, a as ServerHeader, Z as ZEROAD_NETWORK_PUBLIC_KEY } from './browser-UaGP6C6U.mjs';
-export { e as CURRENT_PROTOCOL_VERSION, d as SERVER_HEADERS, c as setLogLevel } from './browser-UaGP6C6U.mjs';
+import { C as CLIENT_HEADERS, s as setFeatures, u as unixTimestampToBytes, t as toBase64, f as fromBase64, P as PROTOCOL_VERSION, b as bytesToUnixTimestamp, l as log, S as SITE_FEATURES, h as hasFeature, a as ServerHeader, Z as ZEROAD_NETWORK_PUBLIC_KEY } from './browser-CX0ZDy3i.mjs';
+export { e as CURRENT_PROTOCOL_VERSION, d as SERVER_HEADERS, c as setLogLevel } from './browser-CX0ZDy3i.mjs';
+import { randomBytes, createPrivateKey, sign as sign$1, createPublicKey, verify as verify$1 } from 'crypto';
 
-const cryptoUniversal = (() => {
-  let cryptoImpl;
-  if (typeof globalThis !== "undefined" && globalThis.crypto?.subtle) {
-    cryptoImpl = globalThis.crypto;
-  }
-  if (!cryptoImpl) {
-    try {
-      const { webcrypto } = require("crypto");
-      cryptoImpl = webcrypto;
-    } catch {
-    }
-  }
-  if (!cryptoImpl) {
-    throw new Error("WebCrypto API not available in this environment.");
-  }
-  const getRandomValues = cryptoImpl.getRandomValues.bind(cryptoImpl);
-  return {
-    subtle: cryptoImpl.subtle,
-    getRandomValues
-  };
-})();
-
-const { subtle, getRandomValues } = cryptoUniversal;
-const algorithm = { name: "Ed25519" };
-const importPrivateKey = (privateKey) => subtle.importKey("pkcs8", fromBase64(privateKey), algorithm, false, ["sign"]);
-const importPublicKey = (publicKey) => subtle.importKey("spki", fromBase64(publicKey), algorithm, false, ["verify"]);
-const sign = (data, privateKey) => subtle.sign(algorithm, privateKey, data);
-const verify = (data, signature, publicKey) => subtle.verify(algorithm, publicKey, signature, data);
-const nonce = (byteCount) => {
-  const bytes = new Uint8Array(byteCount);
-  getRandomValues(bytes);
-  return bytes;
+const importPrivateKey = (privateKeyBase64) => {
+  const keyBuffer = Buffer.from(privateKeyBase64, "base64");
+  return createPrivateKey({
+    key: keyBuffer,
+    format: "der",
+    type: "pkcs8"
+  });
+};
+const importPublicKey = (publicKeyBase64) => {
+  const keyBuffer = Buffer.from(publicKeyBase64, "base64");
+  return createPublicKey({
+    key: keyBuffer,
+    format: "der",
+    type: "spki"
+  });
+};
+const sign = (data, privateKey) => {
+  const buffer = Buffer.from(data);
+  return sign$1(null, buffer, privateKey);
 };
+const verify = (data, signature, publicKey) => {
+  const dataBuffer = Buffer.from(data);
+  const sigBuffer = Buffer.from(signature);
+  return verify$1(null, dataBuffer, publicKey, sigBuffer);
+};
+const nonce = (size) => new Uint8Array(randomBytes(size));
 
 const NONCE_BYTES = 4;
 const SEPARATOR = ".";
@@ -47,7 +41,7 @@ class ClientHeader {
     this.publicKey = publicKey;
     this.privateKey = privateKey;
   }
-  async encode(version, expiresAt, features) {
+  encode(version, expiresAt, features) {
     if (!this.privateKey) throw new Error("Private key is required");
     const flags = setFeatures(0, features);
     const data = mergeByteArrays([
@@ -56,18 +50,18 @@ class ClientHeader {
       unixTimestampToBytes(expiresAt),
       new Uint8Array([flags])
     ]);
-    if (!this.cryptoPrivateKey) this.cryptoPrivateKey = await importPrivateKey(this.privateKey);
-    const signature = await sign(data.buffer, this.cryptoPrivateKey);
+    if (!this.cryptoPrivateKey) this.cryptoPrivateKey = importPrivateKey(this.privateKey);
+    const signature = sign(data.buffer, this.cryptoPrivateKey);
     return [toBase64(data), toBase64(new Uint8Array(signature))].join(SEPARATOR);
   }
-  async decode(headerValue) {
+  decode(headerValue) {
     if (!headerValue?.length) return;
-    if (!this.cryptoPublicKey) this.cryptoPublicKey = await importPublicKey(this.publicKey);
+    if (!this.cryptoPublicKey) this.cryptoPublicKey = importPublicKey(this.publicKey);
     try {
       const [data, signature] = headerValue.split(SEPARATOR);
       const dataBytes = fromBase64(data);
       const signatureBytes = fromBase64(signature);
-      if (!await verify(dataBytes.buffer, signatureBytes.buffer, this.cryptoPublicKey)) {
+      if (!verify(dataBytes.buffer, signatureBytes.buffer, this.cryptoPublicKey)) {
         throw new Error("Forged header value is provided");
       }
       const version = dataBytes[0];
@@ -82,13 +76,19 @@ class ClientHeader {
       log("warn", "Could not decode client header value", { reason: err?.message });
     }
   }
-  async processRequest(headerValue) {
-    const data = await this.decode(headerValue);
+  processRequest(headerValue) {
+    const data = this.decode(headerValue);
     return {
-      data,
-      shouldRemoveAds: () => shouldRemoveAds(data),
-      shouldEnablePremiumContentAccess: () => shouldEnablePremiumContentAccess(data),
-      shouldEnableVipExperience: () => shouldEnableVipExperience(data)
+      _raw: data,
+      get shouldRemoveAds() {
+        return shouldRemoveAds(data);
+      },
+      get shouldEnablePremiumContentAccess() {
+        return shouldEnablePremiumContentAccess(data);
+      },
+      get shouldEnableVipExperience() {
+        return shouldEnableVipExperience(data);
+      }
     };
   }
 }
@@ -117,11 +117,11 @@ class Site {
     this.clientHeader = new ClientHeader(ZEROAD_NETWORK_PUBLIC_KEY);
   }
 }
-let _defaultSite;
-const init = (options) => _defaultSite = new Site(options);
-const processRequest = (headerValue) => _defaultSite.clientHeader.processRequest(headerValue);
-const getClientHeaderName = () => _defaultSite.clientHeader.name;
-const getServerHeaderName = () => _defaultSite.serverHeader.name;
-const getServerHeaderValue = () => _defaultSite.serverHeader.value;
+let defaultSite;
+const init = (options) => defaultSite = new Site(options);
+const processRequest = (headerValue) => defaultSite.clientHeader.processRequest(headerValue);
+const getClientHeaderName = () => defaultSite.clientHeader.name;
+const getServerHeaderName = () => defaultSite.serverHeader.name;
+const getServerHeaderValue = () => defaultSite.serverHeader.value;
 
 export { CLIENT_HEADERS, ClientHeader, PROTOCOL_VERSION, SITE_FEATURES, ServerHeader, Site, ZEROAD_NETWORK_PUBLIC_KEY, getClientHeaderName, getServerHeaderName, getServerHeaderValue, init, processRequest };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zeroad.network/token",
-  "version": "0.9.1",
+  "version": "0.10.0",
   "license": "SEE LICENSE IN LICENSE",
   "repository": "github:laurynas-karvelis/zeroad-token",
   "homepage": "https://zeroad.network",
@@ -49,7 +49,7 @@
   },
   "dependencies": {},
   "devDependencies": {
-    "@types/bun": "^1.3.2",
+    "@types/bun": "^1.3.3",
     "@types/node": "^24.10.0",
     "pkgroll": "^2.20.1",
     "prettier": "^3.6.2",

package/dist/browser-DxDxgCTA.d.cts

@@ -1,76 +0,0 @@
-/**
- * This is an official ZeroAd Network public key.
- * Used to verify `X-Better-Web-User` header values are not tampered with.
- */
-declare const ZEROAD_NETWORK_PUBLIC_KEY: string;
-declare enum SITE_FEATURES {
-    ADLESS_EXPERIENCE = 1,
-    PREMIUM_CONTENT_ACCESS = 2,
-    VIP_EXPERIENCE = 4
-}
-type UUID = string;
-declare enum SERVER_HEADERS {
-    WELCOME = "X-Better-Web-Welcome"
-}
-declare enum CLIENT_HEADERS {
-    HELLO = "X-Better-Web-Hello"
-}
-declare enum PROTOCOL_VERSION {
-    V_1 = 1
-}
-declare const CURRENT_PROTOCOL_VERSION = PROTOCOL_VERSION.V_1;
-type ServerHeaderSimpleOptions = {
-    value: string;
-};
-type ServerHeaderExtendedOptions = {
-    siteId: UUID;
-    features: SITE_FEATURES[];
-};
-type ServerHeaderOptions = ServerHeaderExtendedOptions | ServerHeaderSimpleOptions;
-type WelcomeHeaderParseResult = WelcomeHeader | undefined;
-type WelcomeHeader = {
-    version: PROTOCOL_VERSION;
-    siteId: UUID;
-    flags: number;
-};
-type ClientHeaderParseResult = ClientParsedHeader | undefined;
-type ClientParsedHeader = {
-    version: PROTOCOL_VERSION;
-    expiresAt: Date;
-    expired: boolean;
-    flags: number;
-};
-
-type constants_CLIENT_HEADERS = CLIENT_HEADERS;
-declare const constants_CLIENT_HEADERS: typeof CLIENT_HEADERS;
-declare const constants_CURRENT_PROTOCOL_VERSION: typeof CURRENT_PROTOCOL_VERSION;
-type constants_ClientHeaderParseResult = ClientHeaderParseResult;
-type constants_ClientParsedHeader = ClientParsedHeader;
-type constants_PROTOCOL_VERSION = PROTOCOL_VERSION;
-declare const constants_PROTOCOL_VERSION: typeof PROTOCOL_VERSION;
-type constants_SERVER_HEADERS = SERVER_HEADERS;
-declare const constants_SERVER_HEADERS: typeof SERVER_HEADERS;
-type constants_SITE_FEATURES = SITE_FEATURES;
-declare const constants_SITE_FEATURES: typeof SITE_FEATURES;
-type constants_ServerHeaderExtendedOptions = ServerHeaderExtendedOptions;
-type constants_ServerHeaderOptions = ServerHeaderOptions;
-type constants_ServerHeaderSimpleOptions = ServerHeaderSimpleOptions;
-type constants_UUID = UUID;
-type constants_WelcomeHeader = WelcomeHeader;
-type constants_WelcomeHeaderParseResult = WelcomeHeaderParseResult;
-declare const constants_ZEROAD_NETWORK_PUBLIC_KEY: typeof ZEROAD_NETWORK_PUBLIC_KEY;
-declare namespace constants {
-  export { constants_CLIENT_HEADERS as CLIENT_HEADERS, constants_CURRENT_PROTOCOL_VERSION as CURRENT_PROTOCOL_VERSION, constants_PROTOCOL_VERSION as PROTOCOL_VERSION, constants_SERVER_HEADERS as SERVER_HEADERS, constants_SITE_FEATURES as SITE_FEATURES, constants_ZEROAD_NETWORK_PUBLIC_KEY as ZEROAD_NETWORK_PUBLIC_KEY };
-  export type { constants_ClientHeaderParseResult as ClientHeaderParseResult, constants_ClientParsedHeader as ClientParsedHeader, constants_ServerHeaderExtendedOptions as ServerHeaderExtendedOptions, constants_ServerHeaderOptions as ServerHeaderOptions, constants_ServerHeaderSimpleOptions as ServerHeaderSimpleOptions, constants_UUID as UUID, constants_WelcomeHeader as WelcomeHeader, constants_WelcomeHeaderParseResult as WelcomeHeaderParseResult };
-}
-
-declare class ServerHeader {
-    name: SERVER_HEADERS;
-    value: string;
-    constructor(options: ServerHeaderOptions);
-    encode(siteId: UUID, features: SITE_FEATURES[]): string;
-    static decode(headerValue: string | undefined): WelcomeHeaderParseResult;
-}
-
-export { CLIENT_HEADERS as C, PROTOCOL_VERSION as P, SITE_FEATURES as S, ZEROAD_NETWORK_PUBLIC_KEY as Z, ServerHeader as b, SERVER_HEADERS as d, CURRENT_PROTOCOL_VERSION as e, constants as j };
-export type { UUID as U, WelcomeHeaderParseResult as W, ClientHeaderParseResult as a, ServerHeaderOptions as c, ServerHeaderSimpleOptions as f, ServerHeaderExtendedOptions as g, WelcomeHeader as h, ClientParsedHeader as i };

package/dist/browser-DxDxgCTA.d.mts

@@ -1,76 +0,0 @@
-/**
- * This is an official ZeroAd Network public key.
- * Used to verify `X-Better-Web-User` header values are not tampered with.
- */
-declare const ZEROAD_NETWORK_PUBLIC_KEY: string;
-declare enum SITE_FEATURES {
-    ADLESS_EXPERIENCE = 1,
-    PREMIUM_CONTENT_ACCESS = 2,
-    VIP_EXPERIENCE = 4
-}
-type UUID = string;
-declare enum SERVER_HEADERS {
-    WELCOME = "X-Better-Web-Welcome"
-}
-declare enum CLIENT_HEADERS {
-    HELLO = "X-Better-Web-Hello"
-}
-declare enum PROTOCOL_VERSION {
-    V_1 = 1
-}
-declare const CURRENT_PROTOCOL_VERSION = PROTOCOL_VERSION.V_1;
-type ServerHeaderSimpleOptions = {
-    value: string;
-};
-type ServerHeaderExtendedOptions = {
-    siteId: UUID;
-    features: SITE_FEATURES[];
-};
-type ServerHeaderOptions = ServerHeaderExtendedOptions | ServerHeaderSimpleOptions;
-type WelcomeHeaderParseResult = WelcomeHeader | undefined;
-type WelcomeHeader = {
-    version: PROTOCOL_VERSION;
-    siteId: UUID;
-    flags: number;
-};
-type ClientHeaderParseResult = ClientParsedHeader | undefined;
-type ClientParsedHeader = {
-    version: PROTOCOL_VERSION;
-    expiresAt: Date;
-    expired: boolean;
-    flags: number;
-};
-
-type constants_CLIENT_HEADERS = CLIENT_HEADERS;
-declare const constants_CLIENT_HEADERS: typeof CLIENT_HEADERS;
-declare const constants_CURRENT_PROTOCOL_VERSION: typeof CURRENT_PROTOCOL_VERSION;
-type constants_ClientHeaderParseResult = ClientHeaderParseResult;
-type constants_ClientParsedHeader = ClientParsedHeader;
-type constants_PROTOCOL_VERSION = PROTOCOL_VERSION;
-declare const constants_PROTOCOL_VERSION: typeof PROTOCOL_VERSION;
-type constants_SERVER_HEADERS = SERVER_HEADERS;
-declare const constants_SERVER_HEADERS: typeof SERVER_HEADERS;
-type constants_SITE_FEATURES = SITE_FEATURES;
-declare const constants_SITE_FEATURES: typeof SITE_FEATURES;
-type constants_ServerHeaderExtendedOptions = ServerHeaderExtendedOptions;
-type constants_ServerHeaderOptions = ServerHeaderOptions;
-type constants_ServerHeaderSimpleOptions = ServerHeaderSimpleOptions;
-type constants_UUID = UUID;
-type constants_WelcomeHeader = WelcomeHeader;
-type constants_WelcomeHeaderParseResult = WelcomeHeaderParseResult;
-declare const constants_ZEROAD_NETWORK_PUBLIC_KEY: typeof ZEROAD_NETWORK_PUBLIC_KEY;
-declare namespace constants {
-  export { constants_CLIENT_HEADERS as CLIENT_HEADERS, constants_CURRENT_PROTOCOL_VERSION as CURRENT_PROTOCOL_VERSION, constants_PROTOCOL_VERSION as PROTOCOL_VERSION, constants_SERVER_HEADERS as SERVER_HEADERS, constants_SITE_FEATURES as SITE_FEATURES, constants_ZEROAD_NETWORK_PUBLIC_KEY as ZEROAD_NETWORK_PUBLIC_KEY };
-  export type { constants_ClientHeaderParseResult as ClientHeaderParseResult, constants_ClientParsedHeader as ClientParsedHeader, constants_ServerHeaderExtendedOptions as ServerHeaderExtendedOptions, constants_ServerHeaderOptions as ServerHeaderOptions, constants_ServerHeaderSimpleOptions as ServerHeaderSimpleOptions, constants_UUID as UUID, constants_WelcomeHeader as WelcomeHeader, constants_WelcomeHeaderParseResult as WelcomeHeaderParseResult };
-}
-
-declare class ServerHeader {
-    name: SERVER_HEADERS;
-    value: string;
-    constructor(options: ServerHeaderOptions);
-    encode(siteId: UUID, features: SITE_FEATURES[]): string;
-    static decode(headerValue: string | undefined): WelcomeHeaderParseResult;
-}
-
-export { CLIENT_HEADERS as C, PROTOCOL_VERSION as P, SITE_FEATURES as S, ZEROAD_NETWORK_PUBLIC_KEY as Z, ServerHeader as b, SERVER_HEADERS as d, CURRENT_PROTOCOL_VERSION as e, constants as j };
-export type { UUID as U, WelcomeHeaderParseResult as W, ClientHeaderParseResult as a, ServerHeaderOptions as c, ServerHeaderSimpleOptions as f, ServerHeaderExtendedOptions as g, WelcomeHeader as h, ClientParsedHeader as i };