XyPriss Plugin Ecosystem
Plugins in XyPriss are fully integrated, secure modules that hook deep into the framework's lifecycle, enabling modular extensions without compromising performance.
Execution Lifecycle Phases
Plugins execute in deterministic phases to ensure microsecond overhead.
Every plugin runs in a restricted proxy to prevent global state mutation.
Why XyPriss Plugins?
If you are wondering why you should build a plugin instead of just writing standard middleware, the answer lies in the Capability-Based Security and Deep Integration.
Full Lifecycle Access
Plugins can initialize database connections on server start, monitor real-time traffic, and handle graceful resource shutdowns.
Zero-Trust Sandbox
Each plugin runs in a sandboxed PluginServer proxy. They cannot read sensitive environment variables or configs without explicit permission.
Permission Control
Plugins must declare their intentions. You hold the final keys to their permissions via the Capability-Based security model.
XFPM Distribution
Official plugins can be published to the NPM/XFPM ecosystem and instantly integrated by the community.
Secure by Default
Get Started
Usage Tutorial
Learn how to install, trust, and authorize plugins in your server configuration.
Authoring Tutorial
Build your own plugins from scratch using TypeScript and the G3 signing protocol.
Plugin Usage Lifecycle
XyPriss enforces a strict sequence of steps to ensure that every plugin you use is verified, authorized, and audited.
Use XFPM to install and verify the author's Public Key (TOFU Flow).
Configure the $internal block with pinned signatures and capabilities.
Add the plugin to your server configuration or programmatic execution.
The XHSC core performs a deep startup audit to verify file integrity.
Next Steps
Explore our structured guides to integrate third-party plugins or build your own high-performance extensions.
Deep dive into the modular core (Registries, Interceptors, and Restricted Proxies).