[AVAILABLE].
packages/envelope-verifier. Zero third-party runtime dependencies, only @parmana/shared and @parmana/crypto.Purpose
Lets a receiving system verify a signed execution authorization without trusting Parmana’s runtime process or database, only Parmana’s public key and the envelope itself. This is what The gateway composes and adds exactly one more check to (businessTransactionHash).
Install
Key exports
| Export | Stability |
|---|---|
EnvelopeVerifier | [AVAILABLE]. new EnvelopeVerifier({ publicKey, nonceStore }), .verify(authorization): Promise<VerificationResult>. Checks version, signature, expiry, TTL policy, and nonce, in that order, side-effect-free checks first. Does not check businessTransactionHash, that’s the gateway’s job. |
NonceStore (interface) | [AVAILABLE]. { hasSeen(nonce), markSeen(nonce) }. |
MemoryNonceStore | [AVAILABLE]. The only implementation shipped. Scoped to one process, loses state on restart, multiple independent instances each accept the same nonce once (CLAIMS.md 3.2). |
requireParmanaAuthorization(verifier) | [AVAILABLE]. Express middleware, @parmana/envelope-verifier/express entry point (kept separate so consumers who don’t use Express never pull in Express types). Reads req.body.authorization, verifies it, calls next() or responds 401/403. |
VerificationResult shape
false, verified live in Detect tampering.
Minimal example
Next
Detect tampering
A forged signature and a reused nonce, both caught, run live.
@parmana/execution-gateway
What composes this package and adds the content-hash check.