Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions .dev.vars.example
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
INVISIBLE_COORDINATOR_WS_URL=wss://coordinator.example/ws-noise
INVISIBLE_REQUIRED_MODE=dev
INVISIBLE_RELEASE_MRTD=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
INVISIBLE_INTEL_ROOT_FINGERPRINT=0000000000000000000000000000000000000000000000000000000000000000
INVISIBLE_ALLOW_MISSING_DCAP_COLLATERAL=false
DEMO_DESTINATION_ADDRESS=11111111111111111111111111111111
INVISIBLE_WORKER_API_KEY=
29 changes: 29 additions & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
name: CI

on:
pull_request:
push:
branches:
- main

jobs:
verify:
runs-on: ubuntu-latest
permissions:
contents: read
packages: read
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v6
with:
node-version: "24"
cache: npm
- run: npm ci
- run: npm run typecheck
- run: npm run build
- run: npm run check:contract
- run: npm run simulate
- run: npm run verify:sdk
- run: npm run audit:high
5 changes: 5 additions & 0 deletions .npmrc
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
@invisible:registry=https://npm.pkg.github.com
@invisible-labs:registry=https://npm.pkg.github.com
//npm.pkg.github.com/:_authToken=${NPM_TOKEN}
save-exact=true
ignore-scripts=true
13 changes: 13 additions & 0 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
# Contributing

Keep this Worker example small and copy-pasteable.

```bash
npm ci
npm run typecheck
npm run build
npm run simulate
npm run audit:high
```

Do not commit secrets, wallet private keys, recovery codes, FROST material, nonces, signatures, or real user data.
52 changes: 50 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,53 @@
# Invisible Worker

Cloudflare Worker server example for Invisible private transfers.
Cloudflare Worker example for server-side Invisible private transfers.

Implementation lives in pull requests.
```bash
npm ci
npm run dev
```

Routes:

```txt
GET /health
GET /sdk
POST /private-transfer
POST /lp
```

Set secrets with Wrangler. Do not commit secrets.

Required runtime config:

```txt
INVISIBLE_COORDINATOR_WS_URL=
INVISIBLE_RELEASE_MRTD=
INVISIBLE_INTEL_ROOT_FINGERPRINT=
INVISIBLE_WORKER_API_KEY=
```

The SDK requires DCAP collateral by default. Production examples need a coordinator that emits `dcap_collateral` or a compatible attestation manifest. For legacy previews only, set `INVISIBLE_ALLOW_MISSING_DCAP_COLLATERAL=true`; this maps to `releasePin.allowMissingDcapCollateral` and is rejected in `prod` mode.

If the configured coordinator is still on an older wire contract, this preview can fail before a transfer is created. Once the matching coordinator and wire-contract rollout is live, the SDK package and coordinator will speak the same message names and payload shapes.

`POST /private-transfer` requires `Authorization: Bearer <INVISIBLE_WORKER_API_KEY>`.
`POST /lp` requires the same bearer token and accepts:

```json
{ "action": "create" }
```

For existing positions, pass `positionCode` with `recover`, `complete-dkg`,
`prepare-funding`, `reconcile-funding`, `refill`, or `withdraw`. `withdraw`
also requires `destinationAddress`.

When `@invisible/sdk` is available:

```bash
INVISIBLE_SDK_PACKAGE=npm:@invisible-labs/sdk@0.1.0-dev.1.2 npm run verify:sdk
npm run prepare:sdk
npm run deploy
```

`npm run verify:sdk` installs `@invisible/sdk@npm:@invisible-labs/sdk@0.1.0-dev.1.2` in a temporary consumer project when `INVISIBLE_SDK_PACKAGE` is unset. It allows freshly published private dev packages for that temporary install only, and must pass from the published or packaged SDK artifact, not from local monorepo paths or generated FROST files.
5 changes: 5 additions & 0 deletions SECURITY.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
# Security

Report security issues privately to the maintainers.

This example must never log or persist coordinator secrets, wallet private keys, recovery codes, FROST shares, nonces, signatures, or raw decrypted payloads.
Loading