Introduction

Secure Input is a lightweight, framework-agnostic library that uses WebAssembly encryption and Web Workers to protect sensitive input data from browser extensions and client-side scrapers.

The Problem

Modern browsers are filled with extensions that help users by scraping the DOM. While tools like Honey or Capital One Shopping are great for consumers, they act as automated bots that can scrape and leak exclusive discount codes, single-use coupons, or referral links right out of your checkout flow.

Standard input fields leave this data completely exposed in the DOM as plain text, allowing any extension with activeTab permissions to read it.

The Solution

Secure Input changes this by moving the sensitive data off the main thread. It intercepts keystrokes, sends them to a dedicated Web Worker, and uses a Rust-compiled WebAssembly module to encrypt the data instantly. Only the encrypted ciphertext is ever exposed to the React state or the DOM.