
Security News
/Research
Compromised Injective SDK npm Package Exfiltrates Wallet Keys and Mnemonics
Compromised Injective SDK npm version 1.20.21 exfiltrates wallet private keys and mnemonics through fake telemetry functionality.
@sovrahq/agent
Advanced tools
@quarkid/agent es el SDK principal del ecosistema QuarkID que resuelve problemas de identidad autosoberana (SSI - Self-Sovereign Identity). Permite crear y gestionar DIDs (Decentralized Identifiers), configurar protocolos de intercambio de credenciales verificables (WACI), automatizar flujos de emisión/verificación de VCs y gestionar comunicación entre agentes mediante diferentes transportes (DWN, WebSocket).
Este agente orquesta todos los componentes del stack QuarkID: KMS para llaves criptográficas, registros y resolvers de DIDs, almacenamiento de credenciales y protocolos de comunicación.
npm install @quarkid/agent
yarn add @quarkid/agent
pnpm add @quarkid/agent
| Export | Descripción |
|---|---|
Agent | Clase principal del agente SSI |
IAgentStorage / IStorage | Interfaces para almacenamiento de datos |
AgentSecureStorage | Storage seguro para claves privadas |
IAgentResolver / AgentModenaResolver | Resolvers de DID Documents |
AgentModenaUniversalResolver | Universal resolver para múltiples métodos DID |
IAgentRegistry | Interfaz para registrar DIDs |
DID | Modelo de Decentralized Identifier |
ITransport | Interfaz base para transportes |
DWNTransport / DWNAmiTransport | Transportes basados en DWN |
WebsocketClientTransport / WebsocketServerTransport | Transportes WebSocket |
IVCStorage | Interfaz para almacenar credenciales verificables |
IAgentPlugin / IAgentPluginMessage | Sistema de plugins |
IStatusListAgentPlugin | Plugin para gestión de status lists |
VCProtocol / WACIProtocol / OpenIDProtocol | Protocolos de intercambio de VCs |
CredentialFlow | Enum de flujos (Issuance, Presentation) |
VerifiableCredential | Re-export de @quarkid/vc-core |
DataShareBehavior / IdentityDataShareBehavior | Comportamientos de exportación de identidad |
⚠️ No requiere variables de entorno obligatorias, pero depende de configuración runtime:
IAgentStorage y AgentSecureStorageConsultar el README original del paquete para ejemplos completos de configuración.
@types/node": "^17.0.27")⚠️ Nota: Requiere implementaciones de storage (filesystem, Vault, etc.) según el entorno de ejecución.
0.10.0-7npm run build antes de publicardist/index.js (CommonJS)prepublishOnly ejecuta automáticamente el buildApache-2.0
Ver archivo LICENSE en la raíz del monorepo.
Mantenido por: QuarkID Team
Repositorio: https://github.com/ssi-quarkid/Paquetes-NPMjs/tree/main
FAQs
Agent SDK
The npm package @sovrahq/agent receives a total of 20 weekly downloads. As such, @sovrahq/agent popularity was classified as not popular.
We found that @sovrahq/agent demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
/Research
Compromised Injective SDK npm version 1.20.21 exfiltrates wallet private keys and mnemonics through fake telemetry functionality.

Security News
npm v12 is generally available, turning install scripts off by default and beginning the deprecation of 2FA-bypass publishing tokens.

Research
/Security News
Socket tracks the activity as Operation “Muck and Load”: a threat actor uses commit-farming workflows, public dead drops, and protected archives to stage Windows RAT and infostealer malware.