Skip to content

Quickstart

Get Waspada AI running in your app in under 5 minutes.

Installation

bash
pnpm add @waspada/react @waspada/sdk @waspada/types
bash
npm install @waspada/react @waspada/sdk @waspada/types
bash
yarn add @waspada/react @waspada/sdk @waspada/types

Prerequisites

RequirementWhy
React 18+Uses hooks, concurrent features
Modern BrowserRequires WebAssembly, Web Workers, CryptoSubtle
HTTPSWeb Crypto API requires secure context

The fastest way to integrate. Drop in the <WaspadaScanner /> component:

tsx
import { WaspadaScanner } from '@waspada/react';
import '@waspada/react/dist/style.css';

function SecurityCenter() {
  return (
    <WaspadaScanner
      config={{
        source_platform: 'YOUR_APP_ID',
        signPayload: async (data) => {
          // Call your backend to sign with your RS256 private key
          const res = await fetch('/api/sign', {
            method: 'POST',
            body: JSON.stringify({ data }),
          });
          return (await res.json()).signature;
        },
      }}
      onThreatDetected={(result, metrics) => {
        console.log('🚨 Threat detected!', result.indicators);
        console.log(`Extracted in ${metrics.latencyMs}ms`);
        // Submit to your FMS webhook
        sendToFMS(result);
      }}
      onError={(err) => console.error('SDK Error:', err)}
    />
  );
}

That's it. The component handles:

  • Model downloading and caching
  • File drag-and-drop UI
  • OCR, Regex, and NER extraction
  • PII stripping
  • Visual telemetry display

Option B: Vanilla TypeScript SDK

For non-React apps or custom UIs:

typescript
import { WaspadaSDK } from '@waspada/sdk';

const sdk = new WaspadaSDK({
  source_platform: 'YOUR_APP_ID',
  signPayload: async (data) => yourBackendSigner(data),
});

// 1. Initialize (downloads models in background)
const status = await sdk.initAndCache();
console.log(`Ready: ${status.ready}, Storage: ${status.storage_backend}`);

// 2. Process evidence
const result = await sdk.processEvidence(evidenceFile);

// 3. Check results
if (result.success) {
  console.log('Indicators:', result.indicators);
  console.log('Tier:', result.extraction_tier);
  console.log('Confidence:', result.confidence);
}

// 4. Submit to gateway (PII already stripped)
await sdk.submitTelemetry(result);

Key Signing

Partner Responsibility

Your app must provide a signPayload callback. This function signs the telemetry payload with your RS256 private key. The private key never touches the SDK or the client device.

Partner Backend → RS256 Private Key → JWT Signature
SDK             → Calls signPayload() → Receives JWT
Gateway         → Verifies with Partner Public Key

Your backend should expose a signing endpoint:

typescript
// Your backend (Express/Fastify/Next.js API route)
import jwt from 'jsonwebtoken';

app.post('/api/sign', (req, res) => {
  const token = jwt.sign(
    { data: req.body.data, iss: 'YOUR_APP_ID' },
    process.env.RSA_PRIVATE_KEY,
    { algorithm: 'RS256', expiresIn: '1h' }
  );
  res.json({ signature: token });
});

Server Headers (OPFS Support)

For optimal performance, configure your server to send these headers:

Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp

These enable OPFS (Origin Private File System) for high-performance local storage. If absent, the SDK gracefully falls back to IndexedDB.

Next Steps

Waspada AI: Enterprise infrastructure powering public defense.