All recipes

npm Verification

How keytrace verifies npm identity claims

Claim URI Format

https://www.npmjs.com/package/keytrace-alice

Pattern: ^https:\/\/(?:www\.)?npmjs\.com\/package\/(keytrace-[a-z0-9_-]+)\/?$

Create Your Proof

  1. 1Create a new folder with a package.json containing the verification content below
  2. 2Run npm publish --access public to publish
  3. 3Paste the npm package URL below

Proof Text

You need to include this text in your npm proof location:

{ "name": "keytrace-[your-handle]", "version": "0.0.1", "keytrace": "[claim-id]", "did": "did:plc:example123456789012345678" }

Where to put it: Publish an npm package named keytrace-[your-handle] with your DID in the keytrace field of package.json

Verification Steps

  1. 1

    Fetch proof data

    Using the http fetcher

    https://registry.npmjs.org/keytrace-alice
  2. 2

    Search for DID in response

    The runner checks the following locations for your DID:

    • versions.*.didcontains

      Check if versions → * → did contains the DID

  3. 3

    Attestation

    If the DID is found, keytrace signs an attestation linking your identity to your ATProto DID and stores it in your repo.

Try Verification

Test verification with your own claim URI and DID: