I recently needed a consistent way to sign content across environments - specifically in both Node and the browser.
Most existing approaches either rely on shelling out to system binaries or are tightly coupled to a particular runtime. I wanted something:
- JS-native
- Deterministic
- Portable
- With a clear, versioned proof format
So I ended up designing a small proof primitive and extracting it into its own tool.
The idea
Given:
- A file
- Some text
- Or a directory
The tool:
- Produces a deterministic representation
- Signs it locally
- Emits a versioned JSON proof
That proof can be published alongside the content and verified later. It’s self-contained and runtime-agnostic.
For directories, a stable manifest is generated first, so the proof reflects the structure and contents deterministically.
Why JSON?
The proof format is intentionally plain JSON.
That makes it:
- Inspectable
- Easy to store
- Easy to transport
- Easy to verify across environments
The same proof format is used in:
- A CLI
- A GitHub Action
- A JavaScript library
So the representation doesn’t change depending on where it’s generated.
What this isn’t
It’s not trying to replace existing signing ecosystems.
It’s just a minimal, consistent proof format that works natively in JavaScript across environments.
If this sounds useful, it’s here:
Top comments (0)