The KXCO developer programme is open to engineers building institutional financial infrastructure, post-quantum security tooling, or integrating with the Armature L1 chain.
Approved developers receive API credentials, chain RPC access, private documentation, and direct support from the KXCO engineering team.
| kxco-pq v1.0.0 Apache-2.0 |
Full stack in one install. Re-exports identity, HSM, audit log, attestation, encrypted channels, file encryption, and webhook signing from a single entry point. Start here unless you need only one module.
npm install kxco-pq
|
|
| kxco-post-quantum v1.1.11 MIT |
Core primitives — ML-DSA-65 (FIPS 204) signing, ML-KEM-768 (FIPS 203) key exchange, HKDF-SHA-512 derivation, kid fingerprinting. Production-tested. SLSA provenance. Cure53-audited foundation.
npm install kxco-post-quantum
|
|
| kxco-post-quantum-webhook v1.0.5 Apache-2.0 |
Drop-in webhook signing and verification. Hybrid HMAC-SHA-256 + ML-DSA-65. Adapters for Express, Fastify, Hono, Cloudflare Workers, Vercel Functions. Multi-key rotation, response signing, verifiedFetch.
npm install kxco-post-quantum-webhook
|
|
| kxco-pq-vault v1.0.6 Apache-2.0 |
Post-quantum file encryption CLI and library. ML-KEM-768 + AES-256-GCM. bech32m recipient strings. Multi-recipient envelopes. Authenticated header binding. Protects against harvest-now-decrypt-later.
npm install -g kxco-pq-vault
|
|
| kxco-pq-tls v1.0.6 Apache-2.0 |
Hybrid post-quantum secure channels. ML-KEM-768 + X25519 key exchange, AES-256-GCM data encryption. Mutual auth opt-in with ML-DSA-65. Wraps Node.js streams and Cloudflare Workers WebSockets.
npm install kxco-pq-tls
|
|
| kxco-pq-hsm v1.0.6 Apache-2.0 |
HSM-backed PQ key management. ML-DSA-65 signing and ML-KEM-768 decapsulation through a hardware boundary. Three backends: MemoryBackend (dev), FileBackend (Argon2id + AES-256-GCM), Pkcs11Backend (SoftHSM2 / Luna / Utimaco / YubiKey).
npm install kxco-pq-hsm
|
|
| kxco-pq-attest v1.0.6 Apache-2.0 |
ML-DSA-65 attestation for arbitrary payloads. Produces self-contained JSON envelopes any counterparty can verify. Works in Node.js and Cloudflare Workers. The signing primitive behind KXCO Verified.
npm install kxco-pq-attest
|
|
| kxco-pq-audit v1.0.6 Apache-2.0 |
Tamper-evident post-quantum audit log. ML-DSA-65-signed, SHA-256 hash-chained entries. verify() replays every signature and prevHash. Two backends: in-memory AuditLog and append-only FileAuditLog (NDJSON).
npm install kxco-pq-audit
|
|
| kxco-pq-cli v1.1.6 Apache-2.0 |
CLI tooling for the full KXCO PQ ecosystem. Deterministic ML-DSA-65 keygen, kid fingerprinting, signed RFC 8785 rotation manifests, attest sign/verify subcommands. Operational companion to the runtime libraries.
npx kxco-pq --help
|
|
| kxco-verify v1.0.4 Apache-2.0 |
Browser-safe verifier for ML-DSA-65 attestations. verifyUrl(), verifyManifest(). Three result states: valid / rotated / invalid. Zero server trust delegation. Powers verify.kxco.ai entirely client-side. Node 18+ and modern browsers.
npm install kxco-verify
|
|
| kxco-pq-sdk v1.0.2 Apache-2.0 |
Post-quantum identity SDK. Hierarchical ML-DSA-65 credentials — institution signs, user identity issued, user signs documents and transactions. Chain is offline-verifiable. KYC-gated issuance (Sumsub). Audited HSM signing. Follows the GLEIF vLEI pattern: KXCO → Institution → User.
npm install kxco-pq-sdk
|
The KXCO hybrid HMAC + ML-DSA-65 webhook signature scheme is implemented across JavaScript, Go, Python, and Rust. All four verify the same signatures. Interoperable by design.
View on GitHub ↗Full API integration specification. Webhook signing format, key derivation, kid fingerprinting, replay protection, and rotation procedures.
View Integration DocsComplete REST API reference for the KXCO Wallet platform. Endpoints, authentication, rate limits, and response schemas.
View API ReferenceDrop-in webhook receiver templates for Express, Next.js, AWS Lambda, Cloudflare Workers, Vercel Edge, and GitHub Actions.
View ExamplesAll KXCO repositories. Source code, issues, and contribution guidelines for the full post-quantum package ecosystem.
JackKXCO on GitHubFull documentation of every cryptographic control in the KXCO platform. Algorithm selection rationale, key lifecycle, and threat model.
View ArchitectureKXCO's live ML-DSA-65 production identity. Independently verifiable at any time. The proof that post-quantum is real and running.
View Production KeyKXCO does not ask you to trust our claims. Every signature is independently verifiable against a published public key. The math is the proof.
Apply for Developer Access