v3.0

API Reference

Complete developer documentation

API Sections

Authentication

Initialize Device

Connect and initialize a QuantumShield device. This must be called before any other operations.

Code Example

JavaScript

import QuantumShield from '@quantumshield/sdk';

const device = await QuantumShield.init({
  transport: 'usb',
  timeout: 5000,
  debug: false
});

console.log('Device ID:', device.id);
console.log('Firmware:', device.version);

Parameters

Parameter	Type	Required	Description
transport	string	Yes	Connection type: "usb", "nfc", or "bluetooth"
timeout	number	No	Connection timeout in milliseconds (default: 5000)
debug	boolean	No	Enable debug logging (default: false)

Returns

Promise<QuantumShieldDevice>

Authenticate User (FIDO2/WebAuthn)

Perform FIDO2 authentication with quantum-safe signatures.

Code Example

JavaScript

const result = await device.authenticate({
  challenge: challengeBytes,
  rpId: 'mycompany.in',
  userVerification: 'required',
  algorithm: 'ML-DSA-65'
});

console.log('Signature:', result.signature);
console.log('Public Key:', result.publicKey);
console.log('Credential ID:', result.credentialId);

Parameters

Parameter	Type	Required	Description
challenge	Uint8Array	Yes	Random challenge from server (32-64 bytes)
rpId	string	Yes	Relying party identifier (domain)
userVerification	string	No	"required", "preferred", or "discouraged"
algorithm	string	No	Signature algorithm: "ML-DSA-65" or "ML-DSA-87"

Returns

Promise<AuthenticationResult>

Register New Credential

Create a new FIDO2 credential for user registration.

Code Example

JavaScript

const credential = await device.register({
  challenge: challengeBytes,
  rpId: 'mycompany.in',
  rpName: 'My Application',
  userId: userIdBytes,
  userName: 'rahul.sharma@mycompany.in',
  userDisplayName: 'Rahul Sharma',
  requireResidentKey: false
});

console.log('Credential ID:', credential.id);
console.log('Public Key:', credential.publicKey);

Parameters

Parameter	Type	Required	Description
challenge	Uint8Array	Yes	Random challenge from server
rpId	string	Yes	Relying party identifier
rpName	string	Yes	Human-readable RP name
userId	Uint8Array	Yes	Unique user identifier
userName	string	Yes	User account name
userDisplayName	string	Yes	User display name
requireResidentKey	boolean	No	Store credential on device

Returns

Promise<RegistrationResult>