worldcoin · thereisnogabe · Oct 31, 2025 · Nov 3, 2025 · Nov 3, 2025 · Nov 3, 2025
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,96 @@
+name: CI
+
+on:
+    push:
+        branches: ['main']
+    pull_request:
+
+jobs:
+    rust-core:
+        name: Rust Core - Build & Test
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v4
+
+            - name: Setup Rust toolchain
+              uses: actions-rust-lang/setup-rust-toolchain@v1
+              with:
+                  toolchain: stable
+
+            - name: Cache Cargo dependencies
+              uses: actions/cache@v4
+              with:
+                  path: |
+                      ~/.cargo/bin/
+                      ~/.cargo/registry/index/
+                      ~/.cargo/registry/cache/
+                      ~/.cargo/git/db/
+                      target/
+                  key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
+                  restore-keys: |
+                      ${{ runner.os }}-cargo-
+
+            - name: Check formatting
+              run: cargo fmt --all -- --check
+
+            - name: Lint with Clippy
+              run: cargo clippy --all-targets --all-features -- -D warnings
+
+            - name: Build Rust core
+              run: cargo build --release --package idkit-core
+
+            - name: Run Rust tests
+              run: cargo test --package idkit-core
+
+    js-core:
+        name: JavaScript/WASM - Build & Test
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v4
+
+            - name: Setup Rust toolchain
+              uses: actions-rust-lang/setup-rust-toolchain@v1
+              with:
+                  toolchain: stable
+
+            - name: Install wasm-pack
+              run: curl https://rustwasm.github.io/wasm-pack/installer/init.sh -sSf | sh
+
+            - name: Cache Cargo dependencies
+              uses: actions/cache@v4
+              with:
+                  path: |
+                      ~/.cargo/bin/
+                      ~/.cargo/registry/index/
+                      ~/.cargo/registry/cache/
+                      ~/.cargo/git/db/
+                      target/
+                  key: ${{ runner.os }}-cargo-wasm-${{ hashFiles('**/Cargo.lock') }}
+                  restore-keys: |
+                      ${{ runner.os }}-cargo-wasm-
+
+            - name: Setup Node.js environment
+              uses: actions/setup-node@v4
+              with:
+                  node-version: 20
+                  cache: 'npm'
+                  cache-dependency-path: js/packages/core/package-lock.json
+
+            - name: Install JavaScript dependencies
+              working-directory: js/packages/core
+              run: npm ci
+
+            - name: Build WASM + TypeScript
+              working-directory: js/packages/core
+              run: npm run build
+
+            - name: Type check
+              working-directory: js/packages/core
+              run: npm run type-check
+
+            - name: Run JavaScript tests
+              working-directory: js/packages/core
+              run: npm run test
+
+            - name: Test WASM crypto functions
+              run: node rust/wasm/test-crypto.mjs
diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml
@@ -0,0 +1,20 @@
+name: Validate PR conventions
+
+on:
+    pull_request:
+        types:
+            - opened
+            - edited
+            - synchronize
+
+jobs:
+    lint-pr:
+        name: Ensure PR follows conventional commits
+        runs-on: ubuntu-latest
+        steps:
+            - uses: amannn/action-semantic-pull-request@v4
+              env:
+                  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+              with:
+                  validateSingleCommit: true
+                  validateSingleCommitMatchesPrTitle: true
diff --git a/Cargo.toml b/Cargo.toml
@@ -21,7 +21,7 @@ serde_json = "1.0"
 
 # Cryptography
 aes-gcm = "0.10"
-getrandom = "0.2"
+getrandom = { version = "0.2", features = ["js"] }
 tiny-keccak = { version = "2.0", features = ["keccak"] }
 
 # Encoding

diff --git a/README.md b/README.md
@@ -4,10 +4,13 @@ IDKit is the toolkit for identity online. With IDKit you can easily interact wit
 
 ## Packages
 
-### Rust Core
-- **`idkit-core`**: Core Rust types (Credential, Request, Proof)
-- **`idkit-uniffi`**: UniFFI bindings scaffolding for future Swift/Kotlin support
-- **`idkit-wasm`**: WebAssembly bindings scaffolding for future browser support
+### Core
+- **`rust/core`**: Core Rust library with shared types, credential handling, session management, and cryptography
+
+### Language Bindings
+- **`js/packages/core`**: ✅ JavaScript/TypeScript with WASM for browser & Node.js ([docs](./js/packages/core/README.md))
+- **`kotlin/`**: Kotlin bindings via UniFFI for Android/JVM
+- **`swift/`**: Swift bindings via UniFFI for iOS/macOS
 
 ## Documentation
 

@@ -0,0 +1,22 @@
+{
+  "name": "idkit-monorepo",
+  "version": "3.0.0",
+  "private": true,
+  "description": "World ID SDK for Relying Parties - JavaScript packages",
+  "scripts": {
+    "build": "pnpm -r build",
+    "dev": "pnpm -r dev",
+    "lint": "pnpm -r lint",
+    "test": "pnpm -r test"
+  },
+  "devDependencies": {
+    "@changesets/cli": "^2.27",
+    "prettier": "^3.3",
+    "typescript": "^5.6",
+    "turbo": "^2.2"
+  },
+  "packageManager": "pnpm@9.12.2",
+  "engines": {
+    "node": ">=18"
+  }
+}
@@ -0,0 +1,121 @@
+# @worldcoin/idkit-core
+
+Core bridge logic for IDKit (World ID SDK) powered by Rust/WASM.
+
+## Installation
+
+```bash
+npm install @worldcoin/idkit-core
+# or
+pnpm add @worldcoin/idkit-core
+```
+
+## Quick Start
+
+```typescript
+import {
+  useWorldBridgeStore,
+  VerificationLevel,
+} from '@worldcoin/idkit-core'
+
+// 1. Get store instance
+const store = useWorldBridgeStore()
+
+// 2. Create verification request (auto-initializes WASM on first call)
+await store.createClient({
+  app_id: 'app_staging_xxxxx',
+  action: 'my-action',
+  verification_level: VerificationLevel.Orb,
+  signal: 'user-id-123',
+})
+
+// 3. Get QR code URL for World App
+console.log('Scan this:', store.connectorURI)
+
+// 4. Poll for proof
+await store.pollForUpdates()
+
+// 5. Check result
+const { result, errorCode, verificationState } = store
+if (result) {
+  console.log('Proof received:', result)
+}
+```
+
+## API Reference
+
+### Store
+
+```typescript
+const store = useWorldBridgeStore()
+```
+
+**State:**
+- `verificationState: VerificationState` - Current verification state
+- `connectorURI: string | null` - QR code URL for World App
+- `result: ISuccessResult | null` - Proof data when verified
+- `errorCode: AppErrorCodes | null` - Error code if failed
+
+**Methods:**
+- `createClient(config: IDKitConfig): Promise<void>` - Start verification request
+- `pollForUpdates(): Promise<void>` - Check for proof (call repeatedly)
+- `reset(): void` - Clear state and start over
+
+### Types
+
+```typescript
+interface IDKitConfig {
+  app_id: `app_${string}`
+  action: string
+  signal?: string
+  verification_level?: VerificationLevel
+  bridge_url?: string
+  partner?: boolean
+}
+
+interface ISuccessResult {
+  proof: string
+  merkle_root: string
+  nullifier_hash: string
+  verification_level: VerificationLevel
+}
+
+enum VerificationLevel {
+  Orb = 'orb',
+  Face = 'face',
+  Device = 'device',
+  Document = 'document',
+  SecureDocument = 'secure_document',
+}
+```
+
+### Utilities
+
+```typescript
+// Signal hashing (keccak256)
+hashToField(input: string): HashFunctionOutput
+
+// ABI encoding
+solidityEncode(types: string[], values: unknown[]): AbiEncodedValue
+```
+
+## Examples
+
+See [examples/browser](./examples/browser) for a complete working example.
+
+## Building from Source
+
+```bash
+# Build WASM module
+npm run build:wasm
+
+# Build TypeScript
+npm run build:ts
+
+# Or both
+npm run build
+```
+
+## License
+
+MIT
@@ -0,0 +1,68 @@
+# IDKit Browser Example
+
+A simple browser example demonstrating World ID verification using IDKit 3.0.
+
+## Usage
+
+#### Local Development
+
+1. Build the core package:
+```bash
+cd ../../
+pnpm build
+```
+
+2. Serve the example:
+```bash
+cd examples/browser
+python3 -m http.server 8000
+# or
+npx serve
+```
+
+3. Open http://localhost:8000 in your browser
+
+#### Production
+
+Replace the import in `index.html`:
+
+```javascript
+// From:
+import { initIDKit, Session, Credential } from '../../dist/index.js';
+
+// To:
+import { initIDKit, Session, Credential } from '@worldcoin/idkit-core';
+```
+
+## Configuration
+
+Update these values in `index.html`:
+
+```javascript
+const APP_ID = 'app_staging_123'; // Your app ID from the Developer Portal
+const ACTION = 'demo-action';     // Your action identifier from the Developer Portal
+```
+
+## API Usage
+
+```javascript
+// 1. Initialize WASM
+await initIDKit();
+
+// 2. Create session
+const session = await Session.create({
+    app_id: 'app_xxx',
+    action: 'my-action',
+    requests: [{
+        type: Credential.Orb,
+        signal: 'my-signal',
+    }],
+});
+
+// 3. Get QR code URL
+const url = session.connectUrl();
+
+// 4. Wait for proof
+const proof = await session.waitForProof();
+console.log(proof);
+```