How Syphon ensures packages are authentic, credentials don't leak, and access is controlled.
Every package published to Syphon is signed with an ed25519 key unique to the publisher's account. The signing key lives on the publisher's machine and never leaves it. The public half is registered with the registry when you run syphon login.
When you publish, the CLI:
When you install, the CLI:
Your signing key is stored at ~/.syphon/keys/signing.key (a 32-byte hex seed). Back it up somewhere safe — if you lose it you'll need to rotate.
# login creates a local signing key and registers its public half$ syphon login# use syphon logout/login after rotating ~/.syphon/keys/signing.key
Key rotation
Re-run signature verification on any installed package at any time:
$ syphon verify github-tools# ✓ github-tools@1.0.0 signature valid (Misbah · a3f8b2c1)
This reads the cached tarball from the install directory and checks it against the author's current public key in the registry. If the tarball was modified on disk after install, verification fails.
Before packing or publishing, Syphon scans every file that would be included in the tarball for credentials. Hard-block patterns stop the operation immediately; soft-block patterns print a warning.
| Pattern | Severity | Example match |
|---|---|---|
| AWS access key | hard block | AKIAIOSFODNN7EXAMPLE |
| GitHub PAT | hard block | ghp_xxxxxxxxxx |
| Stripe secret key | hard block | sk_live_xxxxxxxxxx |
| Private key PEM block | hard block | -----BEGIN RSA PRIVATE KEY----- |
| Connection string with password | hard block | postgresql://user:pass@host/db |
| High-entropy string (40+ chars) | soft warn | ABCDEF1234567890ABCDEF1234567890ABCDEF12 |
To exclude a file from scanning (and from the tarball), add it to .syphonignore.
Interactive sessions use a bearer token saved by syphon login. For CI/CD, create a scoped API token instead:
$ syphon token create --name ci-deploy --expires 90 --scope publish# syph_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx# Store this in your CI secrets — it will not be shown again.
Set the SYPHON_TOKEN environment variable to authenticate the CLI non-interactively. API tokens can be revoked at any time:
$ syphon token revoke tok_abc123
The registry stores only the SHA-256 hash of the token — the plain-text value is never persisted server-side.
The registry maintains a security advisory database. Run syphon auditto check all installed packages:
$ syphon audit# Checking 3 packages against advisory database…# ✓ No vulnerabilities found$# or with a vulnerability:# ✗ github-tools@1.0.0 CVE-2026-1234 HIGH# fix: syphon upgrade github-tools
| Tier | Limit | Applies to |
|---|---|---|
| Unauthenticated | 100 / hour | Registry searches, package metadata |
| Authenticated | 1,000 / hour | All API calls with a valid token |
| Publish | 10 / hour | POST /v1/packages/:name/versions |
| Device poll | 900 / hour | OAuth device-code polling endpoint |
When rate-limited, the API returns 429 Too Many Requests with a Retry-After header (seconds until the window resets) and a X-RateLimit-Reset header (Unix timestamp).