Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
OpenPAYGO is an Open Source ecosystem to enable pay-as-you-go functionality in new devices and products.
OpenPAYGO - JavaScript library
This repository contains the JavaScript implementions of different OpenPAYGO technologies to run on your server or device.
Server-side tasks include
- generating OpenPAYGO tokens (normal and extended)
- decoding OpenPAYGO metrics payloads
Device side tasks
- decoding OpenPAYGO tokens (normal and extended)
- generating OpenPAYGO metrics payloads
Installation
Install via NPM (browser/nodejs)
npm i openpaygo
Usage
Generate normal or extended tokens
// initialize token encoder
const encoder = new require("openpaygo").Encoder()
// generate normal or extended token using generateToken function
const { finalToken, newCount } = encoder.generateToken({
tokenType: 1,
secretKeyHex: "bc41ec9530f6dac86b1a29ab82edc5fb",
count: 3,
startingCode: 516959010,
restrictDigitSet: false,
value: 1,
extendToken: false,
})
console.log("generated token ", finalToken)
console.log("next token count ", newCount)
Decode tokens using token decoder
// initialize token decoder
const decoder = new require("openpaygo").Decoder()
// decord token (type, value, count, updated_counts) using decodeToken function
const { value, tokenType, count, updatedCounts } = decoder.decodeToken({
token: "380589011",
secretKeyHex: "bc41ec9530f6dac86b1a29ab82edc5fb",
count: 3,
usedCounts: [],
startingCode: 516959010,
restrictedDigitSet: false,
})
console.log(value) // decoded token value
console.log(count) // decoded token count
console.log(tokenType) // decoded token type
console.log(updatedCounts) // decoder token update count
Documentation
OpenPAYGO documentation is hosted on https://enaccess.github.io/OpenPAYGO-docs/.
OpenPAYGO ecosystem feature availabilties
The OpenPAYGO ecosystem offers a range of feautres to implement pay-as-you-go services. These features are implemented in different programming language libraries individually. Not all libraries have implemented the full range of features yet.
The OpenPAYGO JavaScript library supports the following features:
| Feature | Status |
|---|---|
| OpenPAYGO Token | ✅ (stable) |
| OpenPAYGO Metrics | ❌ (not implemented) |
Support
- OSEA Discord (
#openpaygochannel) - EnAccess
FAQs
OpenPAYGO Javascript library
We found that openpaygo demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 12 Nov 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026