Appearance
Quickstart
Get Waspada AI running in your app in under 5 minutes.
Installation
bash
pnpm add @waspada/react @waspada/sdk @waspada/typesbash
npm install @waspada/react @waspada/sdk @waspada/typesbash
yarn add @waspada/react @waspada/sdk @waspada/typesPrerequisites
| Requirement | Why |
|---|---|
| React 18+ | Uses hooks, concurrent features |
| Modern Browser | Requires WebAssembly, Web Workers, CryptoSubtle |
| HTTPS | Web Crypto API requires secure context |
Option A: React Component (Recommended)
The fastest way to integrate. Drop in the <WaspadaScanner /> component:
tsx
import { WaspadaScanner } from '@waspada/react';
import '@waspada/react/dist/style.css';
function SecurityCenter() {
return (
<WaspadaScanner
config={{
source_platform: 'YOUR_APP_ID',
signPayload: async (data) => {
// Call your backend to sign with your RS256 private key
const res = await fetch('/api/sign', {
method: 'POST',
body: JSON.stringify({ data }),
});
return (await res.json()).signature;
},
}}
onThreatDetected={(result, metrics) => {
console.log('🚨 Threat detected!', result.indicators);
console.log(`Extracted in ${metrics.latencyMs}ms`);
// Submit to your FMS webhook
sendToFMS(result);
}}
onError={(err) => console.error('SDK Error:', err)}
/>
);
}That's it. The component handles:
- Model downloading and caching
- File drag-and-drop UI
- OCR, Regex, and NER extraction
- PII stripping
- Visual telemetry display
Option B: Vanilla TypeScript SDK
For non-React apps or custom UIs:
typescript
import { WaspadaSDK } from '@waspada/sdk';
const sdk = new WaspadaSDK({
source_platform: 'YOUR_APP_ID',
signPayload: async (data) => yourBackendSigner(data),
});
// 1. Initialize (downloads models in background)
const status = await sdk.initAndCache();
console.log(`Ready: ${status.ready}, Storage: ${status.storage_backend}`);
// 2. Process evidence
const result = await sdk.processEvidence(evidenceFile);
// 3. Check results
if (result.success) {
console.log('Indicators:', result.indicators);
console.log('Tier:', result.extraction_tier);
console.log('Confidence:', result.confidence);
}
// 4. Submit to gateway (PII already stripped)
await sdk.submitTelemetry(result);Key Signing
Partner Responsibility
Your app must provide a signPayload callback. This function signs the telemetry payload with your RS256 private key. The private key never touches the SDK or the client device.
Partner Backend → RS256 Private Key → JWT Signature
SDK → Calls signPayload() → Receives JWT
Gateway → Verifies with Partner Public KeyYour backend should expose a signing endpoint:
typescript
// Your backend (Express/Fastify/Next.js API route)
import jwt from 'jsonwebtoken';
app.post('/api/sign', (req, res) => {
const token = jwt.sign(
{ data: req.body.data, iss: 'YOUR_APP_ID' },
process.env.RSA_PRIVATE_KEY,
{ algorithm: 'RS256', expiresIn: '1h' }
);
res.json({ signature: token });
});Server Headers (OPFS Support)
For optimal performance, configure your server to send these headers:
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corpThese enable OPFS (Origin Private File System) for high-performance local storage. If absent, the SDK gracefully falls back to IndexedDB.