Express Middleware

npm install @cred-protocol/express @cred-protocol/sdk

import express from 'express'
import { credGates } from '@cred-protocol/express'

const app = express()

app.use('/api', credGates({
  apiKey: process.env.CRED_API_KEY,
  policy: 'standard',
}))

app.get('/api/resource', (req, res) => {
  const trust = req.credTrust!
  res.json({ data: '...', tier: trust.trustTier })
})

app.listen(3000)

credGates({
  // Required
  apiKey: process.env.CRED_API_KEY,

  // Policy (pick one)
  policy: 'standard',              // Named template
  // gates: ['human', 'verified'], // Or custom gates
  // operator: 'AND',

  // Dynamic pricing
  pricing: {
    enabled: true,
    curve: 'step',
    basePriceUsdc: 0.01,
  },

  // Failure handling
  on402: 'challenge',              // 'challenge' (402), 'deny' (403), 'pass'

  // Response headers
  headers: true,                   // X-Cred-Trust-Score, X-Cred-Trust-Tier

  // Custom wallet extraction
  extractWallet: (req) => req.headers['x-agent-wallet'] as string,
})

credGates({
  apiKey: process.env.CRED_API_KEY,
  policy: 'standard',
  extractWallet: (req) => {
    // From a JWT, session, or custom header
    return req.headers['x-agent-wallet'] as string || null
  },
})

app.get('/api/profile', (req, res) => {
  const trust = req.credTrust!

  res.json({
    wallet: trust.walletAddress,
    score: trust.trustScore,
    tier: trust.trustTier,
    confidence: trust.confidence,
    gates: trust.gateResults,
  })
})

// Errors from the Cred API are forwarded via next(err)
app.use((err, req, res, next) => {
  console.error('Trust evaluation error:', err)
  res.status(500).json({ error: 'Internal server error' })
})