insumer-verify 1.3.6 → 1.3.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +4 -4
- package/build/index.js +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -4,7 +4,7 @@ Client-side verifier for [InsumerAPI](https://insumermodel.com/developers/) atte
|
|
|
4
4
|
|
|
5
5
|
**In production:** [DJD Agent Score](https://github.com/jacobsd32-cpu/djdagentscore) (Coinbase x402 ecosystem) uses insumer-verify for client-side cryptographic verification in their AI agent wallet trust scoring pipeline. [Case study](https://insumermodel.com/blog/djd-agent-score-insumer-api-integration.html).
|
|
6
6
|
|
|
7
|
-
Part of the InsumerAPI ecosystem: [REST API](https://insumermodel.com/developers/) (
|
|
7
|
+
Part of the InsumerAPI ecosystem: [REST API](https://insumermodel.com/developers/) (26 endpoints, 32 chains) | [MCP server](https://www.npmjs.com/package/mcp-server-insumer) (npm) | [LangChain](https://pypi.org/project/langchain-insumer/) (PyPI) | [ElizaOS](https://www.npmjs.com/package/eliza-plugin-insumer) (10 actions, npm) | [OpenAI GPT](https://chatgpt.com/g/g-699c5e43ce2481918b3f1e7f144c8a49-insumerapi-verify) (GPT Store)
|
|
8
8
|
|
|
9
9
|
## Install
|
|
10
10
|
|
|
@@ -155,7 +155,7 @@ Because XRPL results have no `blockTimestamp`, the freshness check (`maxAge`) sk
|
|
|
155
155
|
|
|
156
156
|
### Handling `rpc_failure` errors
|
|
157
157
|
|
|
158
|
-
If the API cannot reach one or more data sources
|
|
158
|
+
If the API cannot reach one or more upstream data sources after retries, it returns `ok: false` with error code `rpc_failure` instead of issuing an attestation. **No signature, no JWT, no credits charged.** This is a retryable error — retry the same request after a short delay (2-5 seconds).
|
|
159
159
|
|
|
160
160
|
```json
|
|
161
161
|
{
|
|
@@ -164,7 +164,7 @@ If the API cannot reach one or more data sources (RPC nodes, Helius, XRPL, Coval
|
|
|
164
164
|
"code": "rpc_failure",
|
|
165
165
|
"message": "Unable to verify all conditions — data source unavailable after retries",
|
|
166
166
|
"failedConditions": [
|
|
167
|
-
{ "
|
|
167
|
+
{ "chainId": "43114", "message": "Timeout" }
|
|
168
168
|
]
|
|
169
169
|
},
|
|
170
170
|
"meta": { "version": "1.0", "timestamp": "..." }
|
|
@@ -211,7 +211,7 @@ const result = await verifyAttestation(apiResponse, { maxAge: 120 });
|
|
|
211
211
|
// Fails if any blockTimestamp is older than 120 seconds
|
|
212
212
|
```
|
|
213
213
|
|
|
214
|
-
Results without `blockTimestamp` (
|
|
214
|
+
Results without `blockTimestamp` (certain EVM chains, Solana, and XRPL) are skipped, not treated as failures. XRPL results use `ledgerIndex` and `ledgerHash` instead.
|
|
215
215
|
|
|
216
216
|
### JWKS key discovery
|
|
217
217
|
|
package/build/index.js
CHANGED
|
@@ -252,7 +252,7 @@ function checkFreshness(results, maxAge) {
|
|
|
252
252
|
for (let i = 0; i < results.length; i++) {
|
|
253
253
|
const r = results[i];
|
|
254
254
|
if (!r.blockTimestamp)
|
|
255
|
-
continue; //
|
|
255
|
+
continue; // some chains lack blockTimestamp
|
|
256
256
|
const age = now - new Date(r.blockTimestamp).getTime();
|
|
257
257
|
if (age > maxAgeMs) {
|
|
258
258
|
return {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "insumer-verify",
|
|
3
|
-
"version": "1.3.
|
|
3
|
+
"version": "1.3.8",
|
|
4
4
|
"description": "Client-side verifier for InsumerAPI attestations. ECDSA P-256 signatures, condition hashes, block freshness, expiry. Zero dependencies. Used by DJD Agent Score (Coinbase x402).",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "build/index.js",
|