DBSC

Framework-agnostic TypeScript implementation of Device Bound Session Credentials.

This is a monorepo. The published packages live under packages/.

Package	Status
`@platform-sec/dbsc`	v0.1 — protocol core, in-memory store, framework-agnostic
`@platform-sec/dbsc-hono`	v0.1 — Hono adapter
`@platform-sec/dbsc-store-redis`	v0.1 — Redis-backed `SessionStore` (Lua CAS, cluster-safe)
`@platform-sec/dbsc-lint-rules`	v0.1 — ESLint + Opengrep rules enforcing `jose.jwtVerify` algorithm pinning

Documentation: https://platformsecurity.dev/dbsc

Repository: https://github.com/platform-sec/dbsc

Development

This repository uses pnpm workspaces.

pnpm install
pnpm lint
pnpm build
pnpm test

Security

Threat model and security posture — what we defend against and what we don't.
Assurance case — Claims-Arguments-Evidence: the top security claim, the assumptions it rests on, and a per-leaf mapping to source code and tests.
Security policy — how to report a vulnerability.

Project

A Platform Security project by AppSec Science LLC.

Technical support: support@platformsecurity.dev

Security contact: security@platformsecurity.dev

Business contact: contact@appsec.science

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
.github		.github
docs		docs
packages		packages
.gitignore		.gitignore
CHANGELOG.md		CHANGELOG.md
LICENSE		LICENSE
README.md		README.md
package.json		package.json
pnpm-lock.yaml		pnpm-lock.yaml
pnpm-workspace.yaml		pnpm-workspace.yaml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

DBSC

Development

Security

Project

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

DBSC

Development

Security

Project

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Packages