Technical Reference (NPM)

Provncloud SDK#

The standard for privacy-preserving digital signatures and data anchoring. Provncloud SDK allows you to cryptographically sign data and anchor it to Arweave AO and Solana without revealing the raw content.

🚀 Quickstart#

Choose your language to get started in seconds.

🐍 Python#

Bash

pip install provn-sdk

PYTHON

import provn_sdk
import time

# 1. Generate Identity
keys = provn_sdk.generate_keypair()

# 2. Create & Sign Claim
claim = provn_sdk.create_claim("My Critical Data", int(time.time()), None)
signed = provn_sdk.sign_claim(claim, keys['private_key'])

# 3. Verify (Offline)
is_valid = provn_sdk.verify_claim(signed)
print(f"Verified: {is_valid}")

📘 TypeScript / Node.js#

Bash

npm install @provncloud/sdk

TYPESCRIPT

import { ProvnSDK, init } from '@provncloud/sdk';

async function main() {
  await init(); // Initialize WASM
  const sdk = new ProvnSDK();
  
  // 1. Generate Identity
  const identity = sdk.generateKeypair();
  
  // 2. Sign
  const claim = sdk.createClaimNow("My Critical Data");
  const signed = sdk.signClaim(claim);
  
  // 3. Verify
  const isValid = sdk.verifyClaim(signed);
  console.log("Verified:", isValid);
}
main();

🦀 Rust#

Bash

cargo add provn-sdk

Rust

use provn_sdk::{Claim, sign_claim, verify_claim, generate_keypair};

fn main() {
    let key = generate_keypair();
    let claim = Claim::new("My Critical Data".to_string());
    
    let signed = sign_claim(&claim, &key).unwrap();
    let is_valid = verify_claim(&signed).unwrap();
    println!("Verified: {}", is_valid);
}

🐹 Go#

Bash

go get github.com/provnai/provn-sdk/go

package main

import (
    "fmt"
    provnsdk "github.com/provnai/provn-sdk/go/pkg"
)

func main() {
    // 1. Generate Identity
    keypair, _ := provnsdk.GenerateKeypair()
    
    // 2. Create & Sign Claim
    claim := provnsdk.CreateClaim("My Critical Data", "")
    signed, _ := provnsdk.SignClaim(claim, keypair)
    
    // 3. Verify (Offline)
    isValid, _ := provnsdk.VerifyClaim(signed)
    fmt.Printf("Verified: %v\n", isValid)
}

🛡️ Security Best Practices#

When embedding the Provncloud SDK in your application, please observe the following security responsibilities:

Key Management: The SDK operates with ephemeral keys in memory. Managed languages (Python, Java, JS) do not guarantee immediate memory zeroization due to garbage collection. It is the embedding application's responsibility to handle private keys securely (e.g., using HSMs, secure enclaves, or secure storage).
Payload Limits: The SDK enforces a strict 2KB payload size limit. For larger datasets, hash the file locally and anchor the hash instead of the raw data.
Untrusted Input: When accepting SignedClaim JSON payloads from untrusted sources, always use strict parsing methods (like Go's ParseSignedClaimStrict or configuring Jackson FAIL_ON_UNKNOWN_PROPERTIES in Java) to reject injected unknown fields.

📚 Documentation#

Protocol Specification: Deep dive into the format.
Use Cases: Real-world application examples.
Contributing: How to build this monorepo from source.
Changelog: Version history and release notes.
Code of Conduct: Community guidelines.

🔗 Ecosystem#

⚖️ License#

MIT License - see LICENSE file