Privacy Pass Issuer (Draft 16) within Cloudflare Workers. Keys are stored in R2.
Key rotation is manual by calling POST /admin/rotate
.
npm run deploy:production
Support:
- Public-Verifiable tokens (Blind-RSA)
All endpoints are public by default. Authentication should be a second layer. Internally, Cloudflare uses Access to protect /admin
and /token-request
endpoints.