Event Horizon
The Future of Secure Event Ticketing.
Hybrid security architecture: JWT for speed, TOTP for fraud prevention.
- Hybrid JWT + TOTP
- Serverless Firebase Backend
- Offline JWT Scanning
Architecture
A lightweight, serverless flow designed for speed and security.
The Code
Client-side cryptographic verification using RSA-256 signatures.
// Format detection & JWT validation
if (format === 'JWT') {
// Validate required JWT fields
if (!ticket.signature) {
logger.error('JWT ticket missing required signature', {
format: ticket.format,
hasPrice: ticket.price !== undefined,
});
return /* render invalid-ticket UI */;
}
// Require plaintext email to reconstruct signed token
const attendeeEmail = (ticket as any).attendeeEmailPlaintext || '';
if (!attendeeEmail) {
logger.warn('JWT ticket missing plaintext email field', { format: 'JWT' });
return /* render incomplete-ticket UI */;
}
// Construct static token (must match server-side signature)
const staticToken: TicketToken = {
ticketId: ticket.id,
eventId: ticket.eventId,
attendeeName: ticket.attendeeName,
attendeeEmail, // Plaintext email from Firestore
signature: ticket.signature,
};
}
Use Case
Designed for both event organizers and attendees — toggle to explore benefits.
Real-time dashboard
Fraud-proof revenue protection with server-side TOTP validation and KMS-backed signing.
- Webhook notifications and real-time analytics
- Protect revenue with encrypted TOTP secrets
Offline-ready entry
One-tap Apple Wallet export and rotating JWT for screenshot-resistant access.
- Rotating offline QR tokens (JWT)
- Simple Apple Wallet passes with enforced rotation
Architecture notes: Firestore onCreate triggers a Cloud Function (secure_mint_ticket). The function uses Cloud KMS for RSA-256 signing (2048-bit) and Secret Manager / Vault for TOTP secret encryption. See project repo.