Filling the PASETO gap in JavaScript: paseto-kit (v3/v4 + full PASERK)
The gap
PASETO is a "secure alternative to JWT" - no algorithm-confusion footguns, versioned protocols, sensible defaults. On Node, the reference implementation was panva/paseto. In March 2025 it was archived read-only. The maintained libraries that remain are v4-only and don't implement PASERK - the companion standard for serializing, wrapping, and sealing keys.
So there was no maintained JS library that covered both PASETO and full PASERK. That's the gap paseto-kit fills.
What's in it
- PASETO v4 - XChaCha20 + BLAKE2b (local), Ed25519 (public)
- PASETO v3 - the NIST/FIPS-friendly profile: P-384 / AES-256-CTR / HMAC-SHA384
- Full PASERK (all 11 types, per version):
local/public/secretserialization,lid/pid/sidkey IDs,local-wrap/secret-wrap, password wrapping with Argon2id (v4) and PBKDF2 (v3), andseal(X25519 / P-384 ECDH) - Registered-claims validation (
exp,nbf,iss,aud,sub) with clock tolerance - Runtime-agnostic - one build for Node, Deno, Bun, browsers, edge. No
node:imports, noBuffer; justUint8Array+ WebCrypto's CSPRNG, on the audited@noble/*primitives
Using it
import { generateKeyPair, sign, verify } from 'paseto-kit';
const { secretKey, publicKey } = generateKeyPair();
const token = sign(secretKey, { role: 'admin' });
const { payload } = verify(publicKey, token);
Need the NIST profile? Everything's mirrored under a v3 namespace, with distinct key types so a v4 key can never be used on a v3 token:
import { v3 } from 'paseto-kit';
const key = v3.generateLocalKey();
v3.decrypt(key, v3.encrypt(key, { sub: 'u1' }), { validate: { exp: true } });
On correctness
Crypto libraries earn trust by being boring and verifiable. paseto-kit implements no novel cryptography - it assembles audited primitives per spec, and it's tested against the official PASETO and PASERK test vectors, including the expect-fail cases (e.g. non-canonical base64url, which must be rejected to prevent token malleability).
Honest caveat: it's pre-1.0 and has not had an independent third-party security audit. Review it before production use, and file issues - especially on the crypto.
- npm:
npm install paseto-kit - repo: https://github.com/Elalitareq/paseto-kit
Comments
No comments yet. Start the discussion.