@skyemeta/access

Recognition, not registration.

Your next customers won't sign up.
They'll sign.

AI agents are arriving at APIs with no email address and no signup form — just the wallet they already use to pay, prove conditions, and interact with other software. @skyemeta/access is free, MIT-licensed middleware that gives them a door, without moving the one your human customers already use.

npm install @skyemeta/access
“We're starting to see AI agents arrive as customers. They don't have email addresses. They don't sign up. They don't carry the kind of credentials we issue to humans. What do we do?”

The honest answer: the existing model wasn't built for them. API keys assumed a human filling out a form. Agents don't sign up — they arrive with wallets. Your API just needs to speak the language.

One middleware. Two doors. Zero migration.

Either-or by design: every request takes exactly one path, and the humans' path is untouched.

X-API-Key: …

Humans keep their keys

Requests with an API key run your existing handler, untouched. Zero overhead, nothing breaks, nothing migrates — these requests never even touch the wallet path.

Authorization: Wallet …

Agents sign with wallets

Wallet-signed requests get their signature verified, then InsumerAPI — the condition-based access API — confirms the wallet still qualifies. Yes → through. No → 401.

import express from 'express';
import { Access } from '@skyemeta/access';

const access = new Access({
  insumerApiKey: process.env.INSUMER_API_KEY!,
  siweDomain: 'api.yourservice.com',
  collections: {
    default: { address: process.env.ACCESS_COLLECTION!, chain: 'base' },
  },
});

const app = express();

app.post(
  '/api/v1/whatever',
  access.requireValidPassOrApiKey(yourApiKeyMiddleware),
  handler,
);

v0.1.x focuses on the common case — NFT ownership across 31 EVM chains. Richer condition types and the full 37-chain surface are reachable via direct calls to InsumerAPI's /v1/attest. Details in the launch post.

Wallet auth shouldn't be locked behind a vendor. Including us.

Your existing customers don't notice a thing

Humans keep using the credentials they already have. Nothing breaks, nothing migrates, no second system to run.

Agents get the credential they already carry

Wallets are how agents pay, prove conditions, and interact across services. Now your API speaks the same language.

No customer database to maintain or leak

Agents authenticate by signing. No central registry of who they are, no list to subpoena, no metadata trail to breach. For finance, healthcare, and legal, that's not a feature — it's the requirement.

No vendor relationship. Really.

MIT-licensed, BYO InsumerAPI key, no SkyeMeta license or subscription. If we disappeared tomorrow, the package keeps working — the engine it talks to is independent.

The more services that accept wallet signatures, the more places agents can go — and the more practical wallet-native machine authentication becomes. That's worth more to us than a license fee.

Where to find specifics

Read a wallet. Check a condition.
Act on a signed answer.

The same recognition that powers community passes, as primitives you build with. Three tools, one condition-based access API underneath.

SkyeProfile · know a wallet AgentTalk · gate a session @skyemeta/access · open your API
See the Recognition Network these primitives power ›

Want a managed product instead?

If you'd rather we run wallet authentication for you than install a package: SkyeGate gates content on WordPress and Vercel/Next.js, SkyeWoo handles wallet-verified pricing in WooCommerce, and AgentTalk runs condition-gated sessions for AI agents.

Different products, same primitive underneath.

Pick the layer that matches what you're trying to ship.