🚀. Socket Launch Week Day 3:Socket Firewall Now Blocks Malicious VS Code and Open VSX Extensions.Learn more
Sign In
o

ochk

npm

Packages

Current Co-maintainers

Former Co-maintainers

37 packages

@orangecheck/agent-anthropic

Wrap Anthropic Tool Use (Claude tool_use blocks) with OC Agent scope enforcement and emit a signed agent-action envelope per tool execution.

@orangecheck/agent-cli

Command-line tool for OC Agent — verify, inspect, and canonicalize delegation / action / revocation envelopes from your shell.

@orangecheck/agent-console-client

Tiny HTTP client for posting OC Agent envelopes (delegations, actions, revocations, sub-delegations) to console.ochk.io. Used by every framework adapter (@orangecheck/agent-anthropic, agent-openai, agent-vercel, agent-langgraph, agent-mcp).

@orangecheck/agent-core

OC Agent canonical messages, envelope formats (delegation/action/revocation), scope grammar, and verification. See https://github.com/orangecheck/oc-agent-protocol.

@orangecheck/agent-langgraph

Wrap LangGraph tool nodes with OC Agent scope enforcement and emit a signed agent-action envelope per execution. Binds the action to the graph-state hash so verifiers replay the audit against the persisted graph snapshot.

@orangecheck/agent-mcp

Wrap Model Context Protocol tool invocations in OC Agent envelopes — every call produces a signed, scope-constrained, verifiable agent-action stamp.

@orangecheck/agent-openai

Wrap OpenAI function-calling (Responses API + Chat Completions tool path) with OC Agent scope enforcement and emit a signed agent-action envelope per function invocation.

@orangecheck/agent-signer

OC Agent signer: createDelegation(), signAsAgent(), revoke(). Composes @orangecheck/agent-core with a wallet-adapter signing function and optional OTS anchoring.

@orangecheck/agent-vercel

Wrap Vercel AI SDK tool() invocations with OC Agent scope enforcement and emit a signed agent-action envelope per tool execution. Provider-agnostic — works under Anthropic, OpenAI, Cohere, etc.

@orangecheck/airdrop-gate

Sybil filter for token airdrops — turn a candidate list into a sybil-resistant allowlist backed by Bitcoin stake.

@orangecheck/auth-client

React hooks and components for the cross-subdomain oc_session. Drop-in sign-in button, account chip with dashboard link, session-aware address input, and useOcSession() hook.

@orangecheck/auth-core

OrangeCheck session JWT primitives. Verifies oc_session tokens against the auth host's published JWKS — no env vars, no JWK handling. Re-exported by @orangecheck/me-client for integrators; also used by family consumer subdomains directly.

@orangecheck/cli

Command-line tool for OrangeCheck — check, verify, create, challenge, discover from your shell.

@orangecheck/design

OrangeCheck design system — multi-theme tokens, primitives, and family composites for the .ochk.io sub-sites. Tailwind 4 + Next.js Pages Router. Not for third-party integration.

@orangecheck/gate

Drop-in sybil-resistance middleware for Express, Next.js, Fastify, and any Node HTTP framework. Built on OrangeCheck.

@orangecheck/insights-client

Server-side emit API for oc insights — first-party, protocol-aware event tracking for the OrangeCheck family. Fire-and-forget, never throws into the caller.

@orangecheck/legal

OrangeCheck family-internal legal document engine — composable Terms, Privacy, and Security pages for the .ochk.io sub-sites. Not for third-party use.

@orangecheck/lock-core

OC Lock envelope format, canonicalization, seal, and unseal. See https://github.com/orangecheck/oc-lock-protocol.

@orangecheck/lock-crypto

X25519 ECDH, HKDF-SHA256, and AES-256-GCM primitives for OC Lock. Narrow crypto surface used by @orangecheck/lock-core and @orangecheck/lock-device.

@orangecheck/lock-device

Device-key binding and Nostr kind-30078 directory publication for OC Lock.

@orangecheck/me-client

Drop-in client for me.ochk.io. Three entry points: React surface (OcSignInButton, useOcSession), server-side verification (withOcAuth for Next.js, ocAuthExpress, ocAuthHono — zero env vars, zero JWK handling), and a browser-only popup orchestrator (signIn

@orangecheck/nostr-core

Browser-compatible Nostr client used by every OrangeCheck family web app. Raw NIP-01 over WebSocket against a list of relays. publishEvent / queryEvents / DEFAULT_RELAYS.

@orangecheck/pledge-core

OC Pledge canonical messages, envelope format, create/verify, state machine, bond verification. Reference SDK for the OC Pledge v0.1 spec.

@orangecheck/react

React components for OrangeCheck — render proof-of-Bitcoin-stake badges and run identity checks from the browser.

@orangecheck/relay-filter

Sybil filter for Nostr relays — reject events from pubkeys without an OrangeCheck proof meeting configurable thresholds.