truvaxia-ai-sdk 1.0.0

package/README.md

@@ -0,0 +1,49 @@
+# @truvaxia/sdk
+
+The Truvaxia Client SDK is a powerful, drop-in browser library designed to seamlessly integrate Zero-Trust identity verification and fraud prevention into any web application.
+
+## Core Capabilities
+
+- **Biometric Verification**: Handles camera permissions, face matching, and liveness checks natively through an embedded UI widget.
+- **Behavioral Telemetry**: Silently monitors typing cadence (Keystrokes Per Minute), mouse movements, and clipboard events (paste detection).
+- **Device Fingerprinting**: Extracts hardware constraints, OS data, browser properties, and canvas fingerprints to detect spoofing or headless automation.
+- **Secure Encrypted Payloads**: Packages all telemetry into a secure payload evaluated directly by the Truvaxia AI Backend.
+
+## Installation
+
+```bash
+npm install @truvaxia/sdk
+# or
+yarn add @truvaxia/sdk
+```
+
+## Quick Start
+
+### 1. Initialization
+Initialize the SDK globally when your application loads.
+
+```javascript
+import { Truvaxia } from '@truvaxia/sdk';
+
+// Initialize the Zero-Trust SDK
+Truvaxia.init({ staffId: 'USER_1234' }).catch(console.error);
+```
+
+### 2. Launching the Security Widget
+Trigger the biometric verification widget when a user submits sensitive data.
+
+```javascript
+const formData = { firstName: 'John', lastName: 'Doe', bvn: '12345678901' };
+
+Truvaxia.verifyOnboarding(formData, {
+  onSuccess: (result) => {
+    console.log('Verification Passed!', result.score);
+  },
+  onFailure: (error) => {
+    console.error('Verification Failed!', error.reasons);
+  }
+});
+```
+
+## Architecture
+The SDK is built using vanilla TypeScript and compiles down to both CommonJS and ES Modules, ensuring compatibility with React, Vue, Angular, or vanilla HTML/JS projects.

package/dist/truvaxia.cjs

@@ -0,0 +1,648 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/core/truvaxia.ts
+var truvaxia_exports = {};
+__export(truvaxia_exports, {
+  Truvaxia: () => Truvaxia
+});
+module.exports = __toCommonJS(truvaxia_exports);
+
+// src/modules/behavioral/input-tracker.ts
+var InputTracker = class {
+  staffId = null;
+  sessionStartTime = 0;
+  keystrokeCount = 0;
+  pasteCount = 0;
+  trackingInterval = null;
+  startTracking(staffId) {
+    if (this.staffId) return;
+    this.staffId = staffId;
+    this.sessionStartTime = Date.now();
+    if (typeof document !== "undefined") {
+      document.addEventListener("keydown", this.handleKeyDown);
+      document.addEventListener("paste", this.handlePaste);
+    }
+    this.trackingInterval = setInterval(() => {
+      this.evaluateTelemetry();
+    }, 1e4);
+  }
+  stopTracking() {
+    if (typeof document !== "undefined") {
+      document.removeEventListener("keydown", this.handleKeyDown);
+      document.removeEventListener("paste", this.handlePaste);
+    }
+    if (this.trackingInterval) {
+      clearInterval(this.trackingInterval);
+      this.trackingInterval = null;
+    }
+    this.staffId = null;
+  }
+  handleKeyDown = (event) => {
+    if (["Shift", "Control", "Alt", "Meta", "CapsLock"].includes(event.key)) {
+      return;
+    }
+    this.keystrokeCount++;
+  };
+  handlePaste = (event) => {
+    const target = event.target;
+    if (target && (target.tagName === "INPUT" || target.tagName === "TEXTAREA")) {
+      this.pasteCount++;
+    }
+  };
+  evaluateTelemetry() {
+    if (!this.staffId) return;
+    const elapsedMinutes = (Date.now() - this.sessionStartTime) / 6e4;
+    const kpm = elapsedMinutes > 0 ? this.keystrokeCount / elapsedMinutes : 0;
+    const isAnomalous = kpm > 300 || this.pasteCount > 3;
+    const profile = {
+      staffId: this.staffId,
+      sessionStartTime: this.sessionStartTime,
+      keystrokesPerMinute: Math.round(kpm),
+      pasteEventsCount: this.pasteCount,
+      totalKeystrokes: this.keystrokeCount,
+      isAnomalous
+    };
+    if (isAnomalous) {
+      console.warn(`[Truvaxia:FraudAlert] Anomalous behavior detected for RO: ${this.staffId}`, profile);
+    }
+  }
+  getSessionData() {
+    const elapsedMinutes = (Date.now() - this.sessionStartTime) / 6e4;
+    const kpm = elapsedMinutes > 0 ? this.keystrokeCount / elapsedMinutes : 0;
+    return {
+      staffId: this.staffId || "",
+      sessionStartTime: this.sessionStartTime,
+      keystrokesPerMinute: Math.round(kpm),
+      pasteEventsCount: this.pasteCount,
+      totalKeystrokes: this.keystrokeCount,
+      isAnomalous: kpm > 300 || this.pasteCount > 3
+    };
+  }
+};
+
+// src/modules/biometrics/liveness.ts
+var import_tasks_vision = require("@mediapipe/tasks-vision");
+var LivenessDetector = class {
+  faceLandmarker = null;
+  videoElement = null;
+  lastVideoTime = -1;
+  isDetecting = false;
+  animationFrameId = null;
+  mediaRecorder = null;
+  recordedChunks = [];
+  currentStage = "BLINK" /* BLINK */;
+  onProgressCallback;
+  preloaded = false;
+  preloadingPromise = null;
+  /**
+   * Preloads the heavy MediaPipe WASM models without requesting the camera.
+   */
+  async preload() {
+    if (this.preloaded) return;
+    if (this.preloadingPromise) return this.preloadingPromise;
+    console.log("[Truvaxia:Liveness] Preloading MediaPipe WASM in background...");
+    this.preloadingPromise = (async () => {
+      try {
+        const vision = await import_tasks_vision.FilesetResolver.forVisionTasks(
+          "https://cdn.jsdelivr.net/npm/@mediapipe/tasks-vision@0.10.3/wasm"
+        );
+        this.faceLandmarker = await import_tasks_vision.FaceLandmarker.createFromOptions(vision, {
+          baseOptions: {
+            modelAssetPath: "https://storage.googleapis.com/mediapipe-models/face_landmarker/face_landmarker/float16/latest/face_landmarker.task",
+            delegate: "GPU"
+          },
+          runningMode: "VIDEO",
+          numFaces: 1,
+          outputFaceBlendshapes: true,
+          outputFacialTransformationMatrixes: true
+        });
+        this.preloaded = true;
+        console.log("[Truvaxia:Liveness] MediaPipe WASM preloaded successfully.");
+      } catch (error) {
+        console.error("[Truvaxia:Liveness] Failed to preload MediaPipe WASM:", error);
+      }
+    })();
+    return this.preloadingPromise;
+  }
+  /**
+   * Initializes the camera and begins the actual detection loop.
+   * This should be called when the user opens the scanner.
+   */
+  async start(onProgress) {
+    console.log("[Truvaxia:Liveness] Starting Liveness module...");
+    this.onProgressCallback = onProgress;
+    this.currentStage = "BLINK" /* BLINK */;
+    if (this.onProgressCallback) this.onProgressCallback(this.currentStage);
+    try {
+      if (!this.preloaded) {
+        await this.preload();
+      }
+      this.videoElement = document.createElement("video");
+      this.videoElement.setAttribute("autoplay", "");
+      this.videoElement.setAttribute("playsinline", "");
+      const stream = await navigator.mediaDevices.getUserMedia({
+        video: { width: 1280, height: 720, facingMode: "user" }
+      });
+      this.videoElement.srcObject = stream;
+      this.recordedChunks = [];
+      try {
+        this.mediaRecorder = new MediaRecorder(stream, { mimeType: "video/webm" });
+        this.mediaRecorder.ondataavailable = (event) => {
+          if (event.data.size > 0) {
+            this.recordedChunks.push(event.data);
+          }
+        };
+        this.mediaRecorder.start();
+      } catch (e) {
+        console.error("[Truvaxia:Liveness] Failed to start MediaRecorder:", e);
+      }
+      this.videoElement.addEventListener("loadeddata", () => {
+        this.isDetecting = true;
+        this.detectLoop();
+      });
+      return stream;
+    } catch (error) {
+      console.error("[Truvaxia:Liveness] Failed to start camera or load model:", error);
+      throw error;
+    }
+  }
+  advanceStage(nextStage) {
+    this.currentStage = nextStage;
+    console.log(`[Truvaxia:Liveness] Advanced to stage: ${nextStage}`);
+    if (this.onProgressCallback) {
+      this.onProgressCallback(nextStage);
+    }
+  }
+  /**
+   * Continuously analyzes the video stream for liveness indicators (e.g., blinking).
+   */
+  detectLoop = () => {
+    if (!this.isDetecting || !this.videoElement || !this.faceLandmarker) return;
+    const startTimeMs = performance.now();
+    if (this.lastVideoTime !== this.videoElement.currentTime) {
+      this.lastVideoTime = this.videoElement.currentTime;
+      const results = this.faceLandmarker.detectForVideo(this.videoElement, startTimeMs);
+      if (results.faceBlendshapes && results.faceBlendshapes.length > 0 && results.faceLandmarks && results.faceLandmarks.length > 0) {
+        const blendshapes = results.faceBlendshapes[0].categories;
+        const landmarks = results.faceLandmarks[0];
+        const leftBlink = blendshapes.find((b) => b.categoryName === "eyeBlinkLeft")?.score || 0;
+        const rightBlink = blendshapes.find((b) => b.categoryName === "eyeBlinkRight")?.score || 0;
+        const noseX = landmarks[1].x;
+        const leftCheekX = landmarks[234].x;
+        const rightCheekX = landmarks[454].x;
+        const distLeft = Math.abs(noseX - leftCheekX);
+        const distRight = Math.abs(noseX - rightCheekX);
+        const ratio = distLeft / (distRight + 1e-4);
+        switch (this.currentStage) {
+          case "BLINK" /* BLINK */:
+            if (leftBlink > 0.4 && rightBlink > 0.4) {
+              this.advanceStage("TURN_LEFT" /* TURN_LEFT */);
+            }
+            break;
+          case "TURN_LEFT" /* TURN_LEFT */:
+            if (ratio < 0.35) {
+              this.advanceStage("TURN_RIGHT" /* TURN_RIGHT */);
+            }
+            break;
+          case "TURN_RIGHT" /* TURN_RIGHT */:
+            if (ratio > 2.5) {
+              this.advanceStage("LOOK_STRAIGHT" /* LOOK_STRAIGHT */);
+            }
+            break;
+          case "LOOK_STRAIGHT" /* LOOK_STRAIGHT */:
+            if (ratio > 0.7 && ratio < 1.3) {
+              this.advanceStage("COMPLETED" /* COMPLETED */);
+            }
+            break;
+          case "COMPLETED" /* COMPLETED */:
+            break;
+        }
+      }
+    }
+    if (this.currentStage !== "COMPLETED" /* COMPLETED */) {
+      this.animationFrameId = requestAnimationFrame(this.detectLoop);
+    }
+  };
+  /**
+   * Called upon form submission. Evaluates liveness status and captures the frame.
+   */
+  async execute() {
+    console.log("[Truvaxia:Liveness] Executing final validation...");
+    this.isDetecting = false;
+    if (this.animationFrameId) {
+      cancelAnimationFrame(this.animationFrameId);
+    }
+    if (this.currentStage !== "COMPLETED" /* COMPLETED */) {
+      return { success: false, reason: "Liveness check failed: Sequence not completed." };
+    }
+    if (!this.videoElement) {
+      return { success: false, reason: "Video stream unavailable." };
+    }
+    const canvas = document.createElement("canvas");
+    canvas.width = this.videoElement.videoWidth;
+    canvas.height = this.videoElement.videoHeight;
+    const ctx = canvas.getContext("2d");
+    let base64Image;
+    if (ctx) {
+      ctx.drawImage(this.videoElement, 0, 0, canvas.width, canvas.height);
+      base64Image = canvas.toDataURL("image/jpeg", 0.9);
+    }
+    let videoBase64;
+    if (this.mediaRecorder && this.mediaRecorder.state !== "inactive") {
+      videoBase64 = await new Promise((resolve) => {
+        this.mediaRecorder.onstop = () => {
+          const blob = new Blob(this.recordedChunks, { type: "video/webm" });
+          const reader = new FileReader();
+          reader.readAsDataURL(blob);
+          reader.onloadend = () => resolve(reader.result);
+          reader.onerror = () => resolve(void 0);
+        };
+        this.mediaRecorder.stop();
+      });
+    }
+    const stream = this.videoElement.srcObject;
+    if (stream) {
+      stream.getTracks().forEach((track) => track.stop());
+    }
+    this.videoElement.srcObject = null;
+    if (base64Image) {
+      return { success: true, frameBase64: base64Image, videoBase64 };
+    }
+    return { success: false, reason: "Failed to extract frame from canvas." };
+  }
+};
+
+// src/modules/policy/policy-client.ts
+var PolicyClient = class {
+  currentPolicy = {
+    requireBiometrics: true,
+    fraudScoreThreshold: 80,
+    enableGeofencing: false
+  };
+  /**
+   * Fetches the organization's current policy from the Truvaxia Backend.
+   * @param staffId The staff ID to fetch the specific branch/org policy for.
+   */
+  async fetchPolicy(staffId) {
+    try {
+      console.log(`[Truvaxia:Policy] Fetching policies for staff: ${staffId}...`);
+      await new Promise((resolve) => setTimeout(resolve, 500));
+      console.log("[Truvaxia:Policy] Policies loaded successfully.", this.currentPolicy);
+      return this.currentPolicy;
+    } catch (error) {
+      console.error("[Truvaxia:Policy] Failed to fetch policy. Falling back to strict defaults.", error);
+      return this.currentPolicy;
+    }
+  }
+  getPolicy() {
+    return this.currentPolicy;
+  }
+};
+
+// src/modules/ui/widget-manager.ts
+var WidgetManager = class {
+  container = null;
+  videoElement = null;
+  instructionText = null;
+  contentBox = null;
+  mount(customerName, onClose) {
+    if (this.container) return;
+    this.container = document.createElement("div");
+    this.container.id = "truvaxia-widget-root";
+    this.container.setAttribute("style", "position: fixed; top: 0; left: 0; width: 100vw; height: 100vh; z-index: 99999; display: flex; align-items: center; justify-content: center; padding: 1rem; background: rgba(0,0,0,0.8); backdrop-filter: blur(4px); font-family: ui-sans-serif, system-ui, sans-serif;");
+    this.container.innerHTML = `
+      <div style="width: 100%; max-width: 36rem; border-radius: 1rem; overflow: hidden; border: 1px solid rgba(0,255,178,0.2); background: rgba(10,15,20,0.85); box-shadow: 0 25px 50px -12px rgba(0, 0, 0, 0.25);">
+        <!-- Header -->
+        <div style="padding: 1.5rem; border-bottom: 1px solid rgba(0,255,178,0.2); display: flex; justify-content: space-between; align-items: center; background: rgba(5,10,15,0.9);">
+          <div>
+            <h3 style="font-size: 1.25rem; font-weight: 700; color: white; margin: 0;">Zero-Trust Identity Verification</h3>
+            <p style="font-size: 0.875rem; color: #94a3b8; margin: 0.25rem 0 0 0;">Subject: ${customerName || "Guest"}</p>
+          </div>
+          <button id="truvaxia-close-btn" style="background: none; border: none; color: #94a3b8; font-size: 1.5rem; cursor: pointer; padding: 0.5rem;">\u2715</button>
+        </div>
+        
+        <!-- Content -->
+        <div id="truvaxia-content" style="padding: 2rem; display: flex; flex-direction: column; align-items: center; justify-content: center; min-height: 400px;">
+           <!-- Dynamic Content Here -->
+        </div>
+      </div>
+    `;
+    document.body.appendChild(this.container);
+    const closeBtn = document.getElementById("truvaxia-close-btn");
+    if (closeBtn) {
+      closeBtn.onclick = () => {
+        this.unmount();
+        onClose();
+      };
+    }
+    this.contentBox = document.getElementById("truvaxia-content");
+    this.showInitializing();
+  }
+  showInitializing() {
+    if (!this.contentBox) return;
+    this.contentBox.innerHTML = `
+      <div style="display: flex; flex-direction: column; align-items: center; animation: pulse 2s cubic-bezier(0.4, 0, 0.6, 1) infinite;">
+        <div style="width: 4rem; height: 4rem; border-radius: 9999px; border-top: 2px solid transparent; border-right: 2px solid #00ffb2; border-bottom: 2px solid #00ffb2; border-left: 2px solid #00ffb2; animation: spin 1s linear infinite; margin-bottom: 1rem;"></div>
+        <p style="color: #00ffb2; font-weight: 500; text-shadow: 0 0 10px rgba(0,255,178,0.5);">Initializing...</p>
+      </div>
+      <style>
+        @keyframes spin { from { transform: rotate(0deg); } to { transform: rotate(360deg); } }
+        @keyframes pulse { 0%, 100% { opacity: 1; } 50% { opacity: .5; } }
+      </style>
+    `;
+  }
+  showScanning() {
+    if (!this.contentBox) throw new Error("Widget not mounted");
+    this.contentBox.innerHTML = `
+      <div style="display: flex; flex-direction: column; align-items: center; width: 100%;">
+        <div style="position: relative; width: 16rem; height: 16rem; border-radius: 9999px; border: 2px solid rgba(0,255,178,0.5); display: flex; align-items: center; justify-content: center; overflow: hidden; margin-bottom: 2rem;">
+          <div style="position: absolute; inset: 0; border-top: 4px solid #00ffb2; border-right: 4px solid transparent; border-bottom: 4px solid transparent; border-left: 4px solid transparent; border-radius: 9999px; animation: spin 2s linear infinite; opacity: 0.7; z-index: 10;"></div>
+          <video id="truvaxia-video" autoplay playsinline muted style="width: 100%; height: 100%; object-fit: cover; transform: scaleX(-1);"></video>
+        </div>
+        <div style="padding: 0.75rem 2rem; border-radius: 9999px; display: flex; align-items: center; gap: 0.75rem; background: rgba(5,10,15,0.9); border: 1px solid rgba(0,255,178,0.2);">
+          <div style="width: 0.5rem; height: 0.5rem; border-radius: 9999px; background: #00ffb2; box-shadow: 0 0 10px #00ffb2; animation: pulse 2s infinite;"></div>
+          <p id="truvaxia-instruction" style="color: white; font-weight: 500; letter-spacing: 0.025em; margin: 0;">Please wait...</p>
+        </div>
+      </div>
+    `;
+    this.videoElement = document.getElementById("truvaxia-video");
+    this.instructionText = document.getElementById("truvaxia-instruction");
+    return this.videoElement;
+  }
+  updateInstruction(text) {
+    if (this.instructionText) {
+      this.instructionText.innerText = text;
+    }
+  }
+  showProcessing() {
+    if (!this.contentBox) return;
+    this.contentBox.innerHTML = `
+      <div style="display: flex; flex-direction: column; align-items: center; animation: pulse 2s infinite;">
+        <div style="width: 4rem; height: 4rem; border-radius: 9999px; border-top: 2px solid transparent; border-right: 2px solid #00ffb2; border-bottom: 2px solid #00ffb2; border-left: 2px solid #00ffb2; animation: spin 1s linear infinite; margin-bottom: 1rem;"></div>
+        <p style="color: #00ffb2; font-weight: 600; letter-spacing: 0.1em;">ANALYZING...</p>
+      </div>
+    `;
+  }
+  unmount() {
+    if (this.container && this.container.parentNode) {
+      this.container.parentNode.removeChild(this.container);
+    }
+    this.container = null;
+    this.videoElement = null;
+    this.instructionText = null;
+    this.contentBox = null;
+  }
+};
+
+// src/modules/device/fingerprint.ts
+var DeviceFingerprint = class {
+  profile = {};
+  constructor() {
+    this.collectBasicTelemetry();
+  }
+  collectBasicTelemetry() {
+    if (typeof window === "undefined") return;
+    this.profile.userAgent = navigator.userAgent;
+    this.profile.language = navigator.language;
+    this.profile.platform = navigator.platform || "";
+    this.profile.hardwareConcurrency = navigator.hardwareConcurrency || 0;
+    this.profile.deviceMemory = navigator.deviceMemory || 0;
+    if (window.screen) {
+      this.profile.screenResolution = `${window.screen.width}x${window.screen.height}x${window.screen.colorDepth}`;
+    }
+    this.profile.timezoneOffset = (/* @__PURE__ */ new Date()).getTimezoneOffset();
+    this.profile.timezoneName = Intl.DateTimeFormat().resolvedOptions().timeZone;
+  }
+  /**
+   * Prompts the user for location access and returns the current coordinates.
+   * If denied, records that permission was refused.
+   */
+  async requestLocation() {
+    if (typeof navigator === "undefined" || !navigator.geolocation) {
+      this.profile.location = { lat: null, lng: null, permissionGranted: false };
+      return;
+    }
+    try {
+      const position = await new Promise((resolve, reject) => {
+        navigator.geolocation.getCurrentPosition(resolve, reject, {
+          enableHighAccuracy: true,
+          timeout: 5e3,
+          maximumAge: 0
+        });
+      });
+      this.profile.location = {
+        lat: position.coords.latitude,
+        lng: position.coords.longitude,
+        permissionGranted: true
+      };
+    } catch (error) {
+      console.warn("[Truvaxia] Location access denied or timed out.", error);
+      this.profile.location = { lat: null, lng: null, permissionGranted: false };
+    }
+  }
+  async collectIpTelemetry() {
+    if (typeof window === "undefined") return;
+    try {
+      const response = await fetch("https://ipapi.co/json/");
+      if (response.ok) {
+        const data = await response.json();
+        this.profile.ipData = {
+          ip: data.ip || "unknown",
+          city: data.city || "unknown",
+          region: data.region || "unknown",
+          country: data.country_name || "unknown",
+          org: data.org || "unknown"
+        };
+      }
+    } catch (e) {
+      console.warn("[Truvaxia] Could not fetch IP telemetry", e);
+    }
+  }
+  getProfile() {
+    return {
+      userAgent: this.profile.userAgent || "unknown",
+      language: this.profile.language || "unknown",
+      platform: this.profile.platform || "unknown",
+      hardwareConcurrency: this.profile.hardwareConcurrency || 0,
+      deviceMemory: this.profile.deviceMemory || 0,
+      screenResolution: this.profile.screenResolution || "unknown",
+      timezoneOffset: this.profile.timezoneOffset || 0,
+      timezoneName: this.profile.timezoneName || "unknown",
+      location: this.profile.location || { lat: null, lng: null, permissionGranted: false },
+      ipData: this.profile.ipData
+    };
+  }
+};
+
+// src/core/truvaxia.ts
+var Truvaxia = class _Truvaxia {
+  static instance = null;
+  config = null;
+  inputTracker;
+  livenessDetector;
+  policyClient;
+  widgetManager;
+  deviceFingerprint;
+  constructor() {
+    this.inputTracker = new InputTracker();
+    this.livenessDetector = new LivenessDetector();
+    this.policyClient = new PolicyClient();
+    this.widgetManager = new WidgetManager();
+    this.deviceFingerprint = new DeviceFingerprint();
+  }
+  static async init(config) {
+    if (!this.instance) {
+      this.instance = new _Truvaxia();
+      this.instance.config = config;
+      this.instance.livenessDetector.preload().catch(console.error);
+      await this.instance.policyClient.fetchPolicy(config.staffId);
+      this.instance.inputTracker.startTracking(config.staffId);
+      console.log(`[Truvaxia] SDK initialized for staff: ${config.staffId}`);
+    }
+    return this.instance;
+  }
+  static get liveness() {
+    if (!this.instance) throw new Error("Truvaxia must be initialized first");
+    return {
+      start: async (onProgress) => {
+        return await this.instance.livenessDetector.start(onProgress);
+      },
+      execute: async () => {
+        return await this.instance.livenessDetector.execute();
+      }
+    };
+  }
+  /**
+   * Universal drop-in widget for identity verification.
+   * Mounts the scanner UI, captures biometrics, and handles the backend verification automatically.
+   */
+  static async verifyOnboarding(data, callbacks) {
+    if (!this.instance) throw new Error("Truvaxia must be initialized first");
+    const widget = this.instance.widgetManager;
+    const liveness = this.instance.livenessDetector;
+    let isCancelled = false;
+    widget.mount(`${data.firstName || ""} ${data.lastName || ""}`.trim(), () => {
+      isCancelled = true;
+      callbacks.onFailure({ message: "User cancelled verification" });
+    });
+    try {
+      await new Promise((resolve, reject) => {
+        liveness.start((stage) => {
+          if (isCancelled) return;
+          switch (stage) {
+            case "BLINK":
+              widget.updateInstruction("Please Blink");
+              break;
+            case "TURN_LEFT":
+              widget.updateInstruction("Turn Head Left");
+              break;
+            case "TURN_RIGHT":
+              widget.updateInstruction("Turn Head Right");
+              break;
+            case "LOOK_STRAIGHT":
+              widget.updateInstruction("Look Straight Ahead");
+              break;
+            case "COMPLETED":
+              widget.updateInstruction("Capturing...");
+              resolve();
+              break;
+          }
+        }).then((stream) => {
+          if (isCancelled) return;
+          const videoElement = widget.showScanning();
+          videoElement.srcObject = stream;
+        }).catch(reject);
+      });
+      if (isCancelled) return;
+      await new Promise((r) => setTimeout(r, 400));
+      if (isCancelled) return;
+      const result = await liveness.execute();
+      if (!result.success || !result.frameBase64) {
+        throw new Error("Liveness capture failed");
+      }
+      widget.showProcessing();
+      await Promise.all([
+        this.instance.deviceFingerprint.requestLocation(),
+        this.instance.deviceFingerprint.collectIpTelemetry()
+      ]);
+      const deviceProfile = this.instance.deviceFingerprint.getProfile();
+      const behavioralLogs = this.instance.inputTracker.getSessionData();
+      const payload = {
+        actionType: "ONBOARDING",
+        businessData: { ...data, biometricFrame: result.frameBase64, biometricVideo: result.videoBase64 },
+        securityData: {
+          behavioral: behavioralLogs,
+          device: deviceProfile,
+          staffId: this.instance.config?.staffId
+        }
+      };
+      const response = await fetch("http://localhost:3001/verify", {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify(payload)
+      });
+      const backendResult = await response.json();
+      if (!isCancelled) {
+        widget.unmount();
+        if (response.ok && backendResult.status === "APPROVED") {
+          callbacks.onSuccess(backendResult);
+        } else {
+          callbacks.onFailure(backendResult);
+        }
+      }
+    } catch (e) {
+      if (!isCancelled) {
+        widget.unmount();
+        callbacks.onFailure({ message: e instanceof Error ? e.message : "Unknown error during onboarding" });
+      }
+    }
+  }
+  /**
+   * Dynamic Document Extraction
+   * Sends an image and a JSON schema to the backend, which parses the image using OCR + Groq LLM
+   * and returns perfectly structured JSON.
+   */
+  static async extractDocument(payload) {
+    if (!this.instance) throw new Error("Truvaxia must be initialized first");
+    try {
+      const response = await fetch("http://localhost:3001/api/v1/extract-document", {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify(payload)
+      });
+      const result = await response.json();
+      if (!response.ok) {
+        throw new Error(result.error || "Failed to extract document data");
+      }
+      return result.data;
+    } catch (e) {
+      console.error("[Truvaxia] Document extraction error:", e);
+      throw e;
+    }
+  }
+  static async process(actionType, data, callbacks) {
+    if (!this.instance) throw new Error("Truvaxia must be initialized first");
+    callbacks.onFailure({ message: "Use verifyOnboarding() for the full widget experience." });
+  }
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  Truvaxia
+});

package/dist/truvaxia.js

@@ -0,0 +1,621 @@
+// src/modules/behavioral/input-tracker.ts
+var InputTracker = class {
+  staffId = null;
+  sessionStartTime = 0;
+  keystrokeCount = 0;
+  pasteCount = 0;
+  trackingInterval = null;
+  startTracking(staffId) {
+    if (this.staffId) return;
+    this.staffId = staffId;
+    this.sessionStartTime = Date.now();
+    if (typeof document !== "undefined") {
+      document.addEventListener("keydown", this.handleKeyDown);
+      document.addEventListener("paste", this.handlePaste);
+    }
+    this.trackingInterval = setInterval(() => {
+      this.evaluateTelemetry();
+    }, 1e4);
+  }
+  stopTracking() {
+    if (typeof document !== "undefined") {
+      document.removeEventListener("keydown", this.handleKeyDown);
+      document.removeEventListener("paste", this.handlePaste);
+    }
+    if (this.trackingInterval) {
+      clearInterval(this.trackingInterval);
+      this.trackingInterval = null;
+    }
+    this.staffId = null;
+  }
+  handleKeyDown = (event) => {
+    if (["Shift", "Control", "Alt", "Meta", "CapsLock"].includes(event.key)) {
+      return;
+    }
+    this.keystrokeCount++;
+  };
+  handlePaste = (event) => {
+    const target = event.target;
+    if (target && (target.tagName === "INPUT" || target.tagName === "TEXTAREA")) {
+      this.pasteCount++;
+    }
+  };
+  evaluateTelemetry() {
+    if (!this.staffId) return;
+    const elapsedMinutes = (Date.now() - this.sessionStartTime) / 6e4;
+    const kpm = elapsedMinutes > 0 ? this.keystrokeCount / elapsedMinutes : 0;
+    const isAnomalous = kpm > 300 || this.pasteCount > 3;
+    const profile = {
+      staffId: this.staffId,
+      sessionStartTime: this.sessionStartTime,
+      keystrokesPerMinute: Math.round(kpm),
+      pasteEventsCount: this.pasteCount,
+      totalKeystrokes: this.keystrokeCount,
+      isAnomalous
+    };
+    if (isAnomalous) {
+      console.warn(`[Truvaxia:FraudAlert] Anomalous behavior detected for RO: ${this.staffId}`, profile);
+    }
+  }
+  getSessionData() {
+    const elapsedMinutes = (Date.now() - this.sessionStartTime) / 6e4;
+    const kpm = elapsedMinutes > 0 ? this.keystrokeCount / elapsedMinutes : 0;
+    return {
+      staffId: this.staffId || "",
+      sessionStartTime: this.sessionStartTime,
+      keystrokesPerMinute: Math.round(kpm),
+      pasteEventsCount: this.pasteCount,
+      totalKeystrokes: this.keystrokeCount,
+      isAnomalous: kpm > 300 || this.pasteCount > 3
+    };
+  }
+};
+
+// src/modules/biometrics/liveness.ts
+import { FaceLandmarker, FilesetResolver } from "@mediapipe/tasks-vision";
+var LivenessDetector = class {
+  faceLandmarker = null;
+  videoElement = null;
+  lastVideoTime = -1;
+  isDetecting = false;
+  animationFrameId = null;
+  mediaRecorder = null;
+  recordedChunks = [];
+  currentStage = "BLINK" /* BLINK */;
+  onProgressCallback;
+  preloaded = false;
+  preloadingPromise = null;
+  /**
+   * Preloads the heavy MediaPipe WASM models without requesting the camera.
+   */
+  async preload() {
+    if (this.preloaded) return;
+    if (this.preloadingPromise) return this.preloadingPromise;
+    console.log("[Truvaxia:Liveness] Preloading MediaPipe WASM in background...");
+    this.preloadingPromise = (async () => {
+      try {
+        const vision = await FilesetResolver.forVisionTasks(
+          "https://cdn.jsdelivr.net/npm/@mediapipe/tasks-vision@0.10.3/wasm"
+        );
+        this.faceLandmarker = await FaceLandmarker.createFromOptions(vision, {
+          baseOptions: {
+            modelAssetPath: "https://storage.googleapis.com/mediapipe-models/face_landmarker/face_landmarker/float16/latest/face_landmarker.task",
+            delegate: "GPU"
+          },
+          runningMode: "VIDEO",
+          numFaces: 1,
+          outputFaceBlendshapes: true,
+          outputFacialTransformationMatrixes: true
+        });
+        this.preloaded = true;
+        console.log("[Truvaxia:Liveness] MediaPipe WASM preloaded successfully.");
+      } catch (error) {
+        console.error("[Truvaxia:Liveness] Failed to preload MediaPipe WASM:", error);
+      }
+    })();
+    return this.preloadingPromise;
+  }
+  /**
+   * Initializes the camera and begins the actual detection loop.
+   * This should be called when the user opens the scanner.
+   */
+  async start(onProgress) {
+    console.log("[Truvaxia:Liveness] Starting Liveness module...");
+    this.onProgressCallback = onProgress;
+    this.currentStage = "BLINK" /* BLINK */;
+    if (this.onProgressCallback) this.onProgressCallback(this.currentStage);
+    try {
+      if (!this.preloaded) {
+        await this.preload();
+      }
+      this.videoElement = document.createElement("video");
+      this.videoElement.setAttribute("autoplay", "");
+      this.videoElement.setAttribute("playsinline", "");
+      const stream = await navigator.mediaDevices.getUserMedia({
+        video: { width: 1280, height: 720, facingMode: "user" }
+      });
+      this.videoElement.srcObject = stream;
+      this.recordedChunks = [];
+      try {
+        this.mediaRecorder = new MediaRecorder(stream, { mimeType: "video/webm" });
+        this.mediaRecorder.ondataavailable = (event) => {
+          if (event.data.size > 0) {
+            this.recordedChunks.push(event.data);
+          }
+        };
+        this.mediaRecorder.start();
+      } catch (e) {
+        console.error("[Truvaxia:Liveness] Failed to start MediaRecorder:", e);
+      }
+      this.videoElement.addEventListener("loadeddata", () => {
+        this.isDetecting = true;
+        this.detectLoop();
+      });
+      return stream;
+    } catch (error) {
+      console.error("[Truvaxia:Liveness] Failed to start camera or load model:", error);
+      throw error;
+    }
+  }
+  advanceStage(nextStage) {
+    this.currentStage = nextStage;
+    console.log(`[Truvaxia:Liveness] Advanced to stage: ${nextStage}`);
+    if (this.onProgressCallback) {
+      this.onProgressCallback(nextStage);
+    }
+  }
+  /**
+   * Continuously analyzes the video stream for liveness indicators (e.g., blinking).
+   */
+  detectLoop = () => {
+    if (!this.isDetecting || !this.videoElement || !this.faceLandmarker) return;
+    const startTimeMs = performance.now();
+    if (this.lastVideoTime !== this.videoElement.currentTime) {
+      this.lastVideoTime = this.videoElement.currentTime;
+      const results = this.faceLandmarker.detectForVideo(this.videoElement, startTimeMs);
+      if (results.faceBlendshapes && results.faceBlendshapes.length > 0 && results.faceLandmarks && results.faceLandmarks.length > 0) {
+        const blendshapes = results.faceBlendshapes[0].categories;
+        const landmarks = results.faceLandmarks[0];
+        const leftBlink = blendshapes.find((b) => b.categoryName === "eyeBlinkLeft")?.score || 0;
+        const rightBlink = blendshapes.find((b) => b.categoryName === "eyeBlinkRight")?.score || 0;
+        const noseX = landmarks[1].x;
+        const leftCheekX = landmarks[234].x;
+        const rightCheekX = landmarks[454].x;
+        const distLeft = Math.abs(noseX - leftCheekX);
+        const distRight = Math.abs(noseX - rightCheekX);
+        const ratio = distLeft / (distRight + 1e-4);
+        switch (this.currentStage) {
+          case "BLINK" /* BLINK */:
+            if (leftBlink > 0.4 && rightBlink > 0.4) {
+              this.advanceStage("TURN_LEFT" /* TURN_LEFT */);
+            }
+            break;
+          case "TURN_LEFT" /* TURN_LEFT */:
+            if (ratio < 0.35) {
+              this.advanceStage("TURN_RIGHT" /* TURN_RIGHT */);
+            }
+            break;
+          case "TURN_RIGHT" /* TURN_RIGHT */:
+            if (ratio > 2.5) {
+              this.advanceStage("LOOK_STRAIGHT" /* LOOK_STRAIGHT */);
+            }
+            break;
+          case "LOOK_STRAIGHT" /* LOOK_STRAIGHT */:
+            if (ratio > 0.7 && ratio < 1.3) {
+              this.advanceStage("COMPLETED" /* COMPLETED */);
+            }
+            break;
+          case "COMPLETED" /* COMPLETED */:
+            break;
+        }
+      }
+    }
+    if (this.currentStage !== "COMPLETED" /* COMPLETED */) {
+      this.animationFrameId = requestAnimationFrame(this.detectLoop);
+    }
+  };
+  /**
+   * Called upon form submission. Evaluates liveness status and captures the frame.
+   */
+  async execute() {
+    console.log("[Truvaxia:Liveness] Executing final validation...");
+    this.isDetecting = false;
+    if (this.animationFrameId) {
+      cancelAnimationFrame(this.animationFrameId);
+    }
+    if (this.currentStage !== "COMPLETED" /* COMPLETED */) {
+      return { success: false, reason: "Liveness check failed: Sequence not completed." };
+    }
+    if (!this.videoElement) {
+      return { success: false, reason: "Video stream unavailable." };
+    }
+    const canvas = document.createElement("canvas");
+    canvas.width = this.videoElement.videoWidth;
+    canvas.height = this.videoElement.videoHeight;
+    const ctx = canvas.getContext("2d");
+    let base64Image;
+    if (ctx) {
+      ctx.drawImage(this.videoElement, 0, 0, canvas.width, canvas.height);
+      base64Image = canvas.toDataURL("image/jpeg", 0.9);
+    }
+    let videoBase64;
+    if (this.mediaRecorder && this.mediaRecorder.state !== "inactive") {
+      videoBase64 = await new Promise((resolve) => {
+        this.mediaRecorder.onstop = () => {
+          const blob = new Blob(this.recordedChunks, { type: "video/webm" });
+          const reader = new FileReader();
+          reader.readAsDataURL(blob);
+          reader.onloadend = () => resolve(reader.result);
+          reader.onerror = () => resolve(void 0);
+        };
+        this.mediaRecorder.stop();
+      });
+    }
+    const stream = this.videoElement.srcObject;
+    if (stream) {
+      stream.getTracks().forEach((track) => track.stop());
+    }
+    this.videoElement.srcObject = null;
+    if (base64Image) {
+      return { success: true, frameBase64: base64Image, videoBase64 };
+    }
+    return { success: false, reason: "Failed to extract frame from canvas." };
+  }
+};
+
+// src/modules/policy/policy-client.ts
+var PolicyClient = class {
+  currentPolicy = {
+    requireBiometrics: true,
+    fraudScoreThreshold: 80,
+    enableGeofencing: false
+  };
+  /**
+   * Fetches the organization's current policy from the Truvaxia Backend.
+   * @param staffId The staff ID to fetch the specific branch/org policy for.
+   */
+  async fetchPolicy(staffId) {
+    try {
+      console.log(`[Truvaxia:Policy] Fetching policies for staff: ${staffId}...`);
+      await new Promise((resolve) => setTimeout(resolve, 500));
+      console.log("[Truvaxia:Policy] Policies loaded successfully.", this.currentPolicy);
+      return this.currentPolicy;
+    } catch (error) {
+      console.error("[Truvaxia:Policy] Failed to fetch policy. Falling back to strict defaults.", error);
+      return this.currentPolicy;
+    }
+  }
+  getPolicy() {
+    return this.currentPolicy;
+  }
+};
+
+// src/modules/ui/widget-manager.ts
+var WidgetManager = class {
+  container = null;
+  videoElement = null;
+  instructionText = null;
+  contentBox = null;
+  mount(customerName, onClose) {
+    if (this.container) return;
+    this.container = document.createElement("div");
+    this.container.id = "truvaxia-widget-root";
+    this.container.setAttribute("style", "position: fixed; top: 0; left: 0; width: 100vw; height: 100vh; z-index: 99999; display: flex; align-items: center; justify-content: center; padding: 1rem; background: rgba(0,0,0,0.8); backdrop-filter: blur(4px); font-family: ui-sans-serif, system-ui, sans-serif;");
+    this.container.innerHTML = `
+      <div style="width: 100%; max-width: 36rem; border-radius: 1rem; overflow: hidden; border: 1px solid rgba(0,255,178,0.2); background: rgba(10,15,20,0.85); box-shadow: 0 25px 50px -12px rgba(0, 0, 0, 0.25);">
+        <!-- Header -->
+        <div style="padding: 1.5rem; border-bottom: 1px solid rgba(0,255,178,0.2); display: flex; justify-content: space-between; align-items: center; background: rgba(5,10,15,0.9);">
+          <div>
+            <h3 style="font-size: 1.25rem; font-weight: 700; color: white; margin: 0;">Zero-Trust Identity Verification</h3>
+            <p style="font-size: 0.875rem; color: #94a3b8; margin: 0.25rem 0 0 0;">Subject: ${customerName || "Guest"}</p>
+          </div>
+          <button id="truvaxia-close-btn" style="background: none; border: none; color: #94a3b8; font-size: 1.5rem; cursor: pointer; padding: 0.5rem;">\u2715</button>
+        </div>
+        
+        <!-- Content -->
+        <div id="truvaxia-content" style="padding: 2rem; display: flex; flex-direction: column; align-items: center; justify-content: center; min-height: 400px;">
+           <!-- Dynamic Content Here -->
+        </div>
+      </div>
+    `;
+    document.body.appendChild(this.container);
+    const closeBtn = document.getElementById("truvaxia-close-btn");
+    if (closeBtn) {
+      closeBtn.onclick = () => {
+        this.unmount();
+        onClose();
+      };
+    }
+    this.contentBox = document.getElementById("truvaxia-content");
+    this.showInitializing();
+  }
+  showInitializing() {
+    if (!this.contentBox) return;
+    this.contentBox.innerHTML = `
+      <div style="display: flex; flex-direction: column; align-items: center; animation: pulse 2s cubic-bezier(0.4, 0, 0.6, 1) infinite;">
+        <div style="width: 4rem; height: 4rem; border-radius: 9999px; border-top: 2px solid transparent; border-right: 2px solid #00ffb2; border-bottom: 2px solid #00ffb2; border-left: 2px solid #00ffb2; animation: spin 1s linear infinite; margin-bottom: 1rem;"></div>
+        <p style="color: #00ffb2; font-weight: 500; text-shadow: 0 0 10px rgba(0,255,178,0.5);">Initializing...</p>
+      </div>
+      <style>
+        @keyframes spin { from { transform: rotate(0deg); } to { transform: rotate(360deg); } }
+        @keyframes pulse { 0%, 100% { opacity: 1; } 50% { opacity: .5; } }
+      </style>
+    `;
+  }
+  showScanning() {
+    if (!this.contentBox) throw new Error("Widget not mounted");
+    this.contentBox.innerHTML = `
+      <div style="display: flex; flex-direction: column; align-items: center; width: 100%;">
+        <div style="position: relative; width: 16rem; height: 16rem; border-radius: 9999px; border: 2px solid rgba(0,255,178,0.5); display: flex; align-items: center; justify-content: center; overflow: hidden; margin-bottom: 2rem;">
+          <div style="position: absolute; inset: 0; border-top: 4px solid #00ffb2; border-right: 4px solid transparent; border-bottom: 4px solid transparent; border-left: 4px solid transparent; border-radius: 9999px; animation: spin 2s linear infinite; opacity: 0.7; z-index: 10;"></div>
+          <video id="truvaxia-video" autoplay playsinline muted style="width: 100%; height: 100%; object-fit: cover; transform: scaleX(-1);"></video>
+        </div>
+        <div style="padding: 0.75rem 2rem; border-radius: 9999px; display: flex; align-items: center; gap: 0.75rem; background: rgba(5,10,15,0.9); border: 1px solid rgba(0,255,178,0.2);">
+          <div style="width: 0.5rem; height: 0.5rem; border-radius: 9999px; background: #00ffb2; box-shadow: 0 0 10px #00ffb2; animation: pulse 2s infinite;"></div>
+          <p id="truvaxia-instruction" style="color: white; font-weight: 500; letter-spacing: 0.025em; margin: 0;">Please wait...</p>
+        </div>
+      </div>
+    `;
+    this.videoElement = document.getElementById("truvaxia-video");
+    this.instructionText = document.getElementById("truvaxia-instruction");
+    return this.videoElement;
+  }
+  updateInstruction(text) {
+    if (this.instructionText) {
+      this.instructionText.innerText = text;
+    }
+  }
+  showProcessing() {
+    if (!this.contentBox) return;
+    this.contentBox.innerHTML = `
+      <div style="display: flex; flex-direction: column; align-items: center; animation: pulse 2s infinite;">
+        <div style="width: 4rem; height: 4rem; border-radius: 9999px; border-top: 2px solid transparent; border-right: 2px solid #00ffb2; border-bottom: 2px solid #00ffb2; border-left: 2px solid #00ffb2; animation: spin 1s linear infinite; margin-bottom: 1rem;"></div>
+        <p style="color: #00ffb2; font-weight: 600; letter-spacing: 0.1em;">ANALYZING...</p>
+      </div>
+    `;
+  }
+  unmount() {
+    if (this.container && this.container.parentNode) {
+      this.container.parentNode.removeChild(this.container);
+    }
+    this.container = null;
+    this.videoElement = null;
+    this.instructionText = null;
+    this.contentBox = null;
+  }
+};
+
+// src/modules/device/fingerprint.ts
+var DeviceFingerprint = class {
+  profile = {};
+  constructor() {
+    this.collectBasicTelemetry();
+  }
+  collectBasicTelemetry() {
+    if (typeof window === "undefined") return;
+    this.profile.userAgent = navigator.userAgent;
+    this.profile.language = navigator.language;
+    this.profile.platform = navigator.platform || "";
+    this.profile.hardwareConcurrency = navigator.hardwareConcurrency || 0;
+    this.profile.deviceMemory = navigator.deviceMemory || 0;
+    if (window.screen) {
+      this.profile.screenResolution = `${window.screen.width}x${window.screen.height}x${window.screen.colorDepth}`;
+    }
+    this.profile.timezoneOffset = (/* @__PURE__ */ new Date()).getTimezoneOffset();
+    this.profile.timezoneName = Intl.DateTimeFormat().resolvedOptions().timeZone;
+  }
+  /**
+   * Prompts the user for location access and returns the current coordinates.
+   * If denied, records that permission was refused.
+   */
+  async requestLocation() {
+    if (typeof navigator === "undefined" || !navigator.geolocation) {
+      this.profile.location = { lat: null, lng: null, permissionGranted: false };
+      return;
+    }
+    try {
+      const position = await new Promise((resolve, reject) => {
+        navigator.geolocation.getCurrentPosition(resolve, reject, {
+          enableHighAccuracy: true,
+          timeout: 5e3,
+          maximumAge: 0
+        });
+      });
+      this.profile.location = {
+        lat: position.coords.latitude,
+        lng: position.coords.longitude,
+        permissionGranted: true
+      };
+    } catch (error) {
+      console.warn("[Truvaxia] Location access denied or timed out.", error);
+      this.profile.location = { lat: null, lng: null, permissionGranted: false };
+    }
+  }
+  async collectIpTelemetry() {
+    if (typeof window === "undefined") return;
+    try {
+      const response = await fetch("https://ipapi.co/json/");
+      if (response.ok) {
+        const data = await response.json();
+        this.profile.ipData = {
+          ip: data.ip || "unknown",
+          city: data.city || "unknown",
+          region: data.region || "unknown",
+          country: data.country_name || "unknown",
+          org: data.org || "unknown"
+        };
+      }
+    } catch (e) {
+      console.warn("[Truvaxia] Could not fetch IP telemetry", e);
+    }
+  }
+  getProfile() {
+    return {
+      userAgent: this.profile.userAgent || "unknown",
+      language: this.profile.language || "unknown",
+      platform: this.profile.platform || "unknown",
+      hardwareConcurrency: this.profile.hardwareConcurrency || 0,
+      deviceMemory: this.profile.deviceMemory || 0,
+      screenResolution: this.profile.screenResolution || "unknown",
+      timezoneOffset: this.profile.timezoneOffset || 0,
+      timezoneName: this.profile.timezoneName || "unknown",
+      location: this.profile.location || { lat: null, lng: null, permissionGranted: false },
+      ipData: this.profile.ipData
+    };
+  }
+};
+
+// src/core/truvaxia.ts
+var Truvaxia = class _Truvaxia {
+  static instance = null;
+  config = null;
+  inputTracker;
+  livenessDetector;
+  policyClient;
+  widgetManager;
+  deviceFingerprint;
+  constructor() {
+    this.inputTracker = new InputTracker();
+    this.livenessDetector = new LivenessDetector();
+    this.policyClient = new PolicyClient();
+    this.widgetManager = new WidgetManager();
+    this.deviceFingerprint = new DeviceFingerprint();
+  }
+  static async init(config) {
+    if (!this.instance) {
+      this.instance = new _Truvaxia();
+      this.instance.config = config;
+      this.instance.livenessDetector.preload().catch(console.error);
+      await this.instance.policyClient.fetchPolicy(config.staffId);
+      this.instance.inputTracker.startTracking(config.staffId);
+      console.log(`[Truvaxia] SDK initialized for staff: ${config.staffId}`);
+    }
+    return this.instance;
+  }
+  static get liveness() {
+    if (!this.instance) throw new Error("Truvaxia must be initialized first");
+    return {
+      start: async (onProgress) => {
+        return await this.instance.livenessDetector.start(onProgress);
+      },
+      execute: async () => {
+        return await this.instance.livenessDetector.execute();
+      }
+    };
+  }
+  /**
+   * Universal drop-in widget for identity verification.
+   * Mounts the scanner UI, captures biometrics, and handles the backend verification automatically.
+   */
+  static async verifyOnboarding(data, callbacks) {
+    if (!this.instance) throw new Error("Truvaxia must be initialized first");
+    const widget = this.instance.widgetManager;
+    const liveness = this.instance.livenessDetector;
+    let isCancelled = false;
+    widget.mount(`${data.firstName || ""} ${data.lastName || ""}`.trim(), () => {
+      isCancelled = true;
+      callbacks.onFailure({ message: "User cancelled verification" });
+    });
+    try {
+      await new Promise((resolve, reject) => {
+        liveness.start((stage) => {
+          if (isCancelled) return;
+          switch (stage) {
+            case "BLINK":
+              widget.updateInstruction("Please Blink");
+              break;
+            case "TURN_LEFT":
+              widget.updateInstruction("Turn Head Left");
+              break;
+            case "TURN_RIGHT":
+              widget.updateInstruction("Turn Head Right");
+              break;
+            case "LOOK_STRAIGHT":
+              widget.updateInstruction("Look Straight Ahead");
+              break;
+            case "COMPLETED":
+              widget.updateInstruction("Capturing...");
+              resolve();
+              break;
+          }
+        }).then((stream) => {
+          if (isCancelled) return;
+          const videoElement = widget.showScanning();
+          videoElement.srcObject = stream;
+        }).catch(reject);
+      });
+      if (isCancelled) return;
+      await new Promise((r) => setTimeout(r, 400));
+      if (isCancelled) return;
+      const result = await liveness.execute();
+      if (!result.success || !result.frameBase64) {
+        throw new Error("Liveness capture failed");
+      }
+      widget.showProcessing();
+      await Promise.all([
+        this.instance.deviceFingerprint.requestLocation(),
+        this.instance.deviceFingerprint.collectIpTelemetry()
+      ]);
+      const deviceProfile = this.instance.deviceFingerprint.getProfile();
+      const behavioralLogs = this.instance.inputTracker.getSessionData();
+      const payload = {
+        actionType: "ONBOARDING",
+        businessData: { ...data, biometricFrame: result.frameBase64, biometricVideo: result.videoBase64 },
+        securityData: {
+          behavioral: behavioralLogs,
+          device: deviceProfile,
+          staffId: this.instance.config?.staffId
+        }
+      };
+      const response = await fetch("http://localhost:3001/verify", {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify(payload)
+      });
+      const backendResult = await response.json();
+      if (!isCancelled) {
+        widget.unmount();
+        if (response.ok && backendResult.status === "APPROVED") {
+          callbacks.onSuccess(backendResult);
+        } else {
+          callbacks.onFailure(backendResult);
+        }
+      }
+    } catch (e) {
+      if (!isCancelled) {
+        widget.unmount();
+        callbacks.onFailure({ message: e instanceof Error ? e.message : "Unknown error during onboarding" });
+      }
+    }
+  }
+  /**
+   * Dynamic Document Extraction
+   * Sends an image and a JSON schema to the backend, which parses the image using OCR + Groq LLM
+   * and returns perfectly structured JSON.
+   */
+  static async extractDocument(payload) {
+    if (!this.instance) throw new Error("Truvaxia must be initialized first");
+    try {
+      const response = await fetch("http://localhost:3001/api/v1/extract-document", {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify(payload)
+      });
+      const result = await response.json();
+      if (!response.ok) {
+        throw new Error(result.error || "Failed to extract document data");
+      }
+      return result.data;
+    } catch (e) {
+      console.error("[Truvaxia] Document extraction error:", e);
+      throw e;
+    }
+  }
+  static async process(actionType, data, callbacks) {
+    if (!this.instance) throw new Error("Truvaxia must be initialized first");
+    callbacks.onFailure({ message: "Use verifyOnboarding() for the full widget experience." });
+  }
+};
+export {
+  Truvaxia
+};

package/package.json

@@ -0,0 +1,38 @@
+{
+  "name": "truvaxia-ai-sdk",
+  "version": "1.0.0",
+  "type": "module",
+  "files": [
+    "dist"
+  ],
+  "main": "./dist/truvaxia.cjs",
+  "module": "./dist/truvaxia.js",
+  "exports": {
+    ".": {
+      "import": "./dist/truvaxia.js",
+      "require": "./dist/truvaxia.cjs"
+    }
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/AbdlKabeer/truvaxia-sdk.git"
+  },
+  "bugs": {
+    "url": "https://github.com/AbdlKabeer/truvaxia-sdk/issues"
+  },
+  "homepage": "https://github.com/AbdlKabeer/truvaxia-sdk#readme",
+  "scripts": {
+    "build": "tsup src/core/truvaxia.ts --format esm,cjs --clean"
+  },
+  "devDependencies": {
+    "@types/node": "^25.9.3",
+    "tsup": "^8.5.1",
+    "typescript": "^6.0.3"
+  },
+  "dependencies": {
+    "@mediapipe/tasks-vision": "^0.10.35"
+  }
+}