@phantom/client No license 7 versions

@phantom/client

npm Repository Homepage

HTTP client for Phantom Wallet API

7

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

joe-phantomfragostiphantom-security-bot

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
publish-pattern	dormant-publish	AI (publish-pattern): SLSA provenance from official repo; dormancy is a normal release cadence gap, not a takeover signal.	ai	2026/05/16
phantom-deps	phantom-dep:bs58	AI (phantom-deps): bs58 is a declared runtime dep; likely used transitively or via re-export pattern in this SDK package.	ai	2026/04/30
phantom-deps	phantom-dep:@phantom/base64url	AI (phantom-deps): Same-org dep; used as external in build config, stable false positive for this package.	ai	2026/04/30
phantom-deps	phantom-dep:@phantom/api-key-stamper	AI (phantom-deps): Same-org dep; consistent with SDK client pattern, stable false positive for this package.	ai	2026/04/30

Versions (showing 7 of 7)

Version	Deps	Published
2.0.2	10 / 9	2026-04-27
2.0.1	10 / 9	2026-04-13
2.0.0	10 / 9	2026-04-10
1.0.7	10 / 9	2026-03-13
1.0.5	10 / 9	2026-03-04
1.0.2	10 / 9	2026-01-15
1.0.0	10 / 9	2025-12-12

v2.0.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.0.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.0.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.7

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.0.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.