Stop extensions like Honey from scraping and leaking your discount codes. A lightweight WebAssembly library that obfuscates sensitive e-commerce inputs from client-side bots.
Designed for performance and isolation. Plain text never exists in the main thread or DOM.
Utilizes ChaCha20Poly1305 authenticated encryption compiled from Rust to WebAssembly for maximum performance and a higher barrier to reverse-engineering.
Sensitive processing occurs entirely in a separate Web Worker thread. Only the encrypted payload is accessible to browser extensions inspecting the DOM.
Usable anywhere. Core library works in Vanilla JS, with first-class React hooks and components provided out of the box.
Modular design allows you to import exactly what you need.
Framework-agnostic core library + Web Worker.
npm i @secure-input/coreReact hooks and wrapper components.
npm i @secure-input/reactUnderlying ChaCha20 encryption module.
This library provides obfuscation, not absolute security. It defeats basic extensions, DOM inspection, and simple JS injection. It does not protect against low-level keyloggers, network traffic inspection, or determined reverse-engineering. Always pair with robust server-side validation and rate limiting.
import { SecureInput } from "@secure-input/react";
export function CouponForm() {
const handleSubmit = async (encryptedValue: string) => {
// Plain text is never exposed here.
await fetch("/api/validate", {
method: "POST",
body: encryptedValue,
});
};
return (
<SecureInput
placeholder="Enter coupon code"
onEncryptedSubmit={handleSubmit}
/>
);
}