Authentication · Payments · Storage

ChargeScript The entire backend in a script tag.

Users, payments, and persistent storage — all from the frontend. One SDK. No servers. Ship tonight.

Scroll
Start here

One line.
You're live.

Import the SDK from CDN and initialize with your app ID. That's the entire setup. No package managers, no build steps, no environment variables.

Authentication

Passwordless.
Universal.

One function call opens a branded modal. Email and verification code — no passwords to leak, no OAuth configuration, no redirect URIs. The returned identity is portable across every ChargeScript-powered site.

Payments

Charge.
Get a receipt.

A payment modal with the card already on file. Buyers who've paid on any ChargeScript site arrive pre-credentialed — one tap to confirm. You get a cryptographically signed receipt that any system can verify.

Storage

Persistent.
Governed.

Key-value data structures that survive page reloads, sessions, and server outages — because there is no server. Role-based security policies keep it safe to call directly from the frontend.

app.js
The Network

Every site makes every other site faster.

A buyer who creates an account on one ChargeScript site carries that identity — and saved payment method — to all of them. The network grows with every integration.

1

Arrive recognized

Visitors who've authenticated on any ChargeScript site are already logged in. No signup friction. No "create account" wall between your product and your users.

2

Pay in one tap

Saved cards follow the buyer across the network. A returning user sees "Confirm $12" — not a sixteen-digit form. Impulse purchase conversion approaches zero friction.

3

Compound reach

Early adopters seed the buyer pool. As the network grows, a rising share of your visitors arrive pre-authenticated and pre-carded — before they've ever seen your site.

Buyer

cs.charge(12.34)

Confirms purchase in modal with saved card

Receipt

{ sig: "ed25519:..." }

Signed proof of payment lives in the browser

Fulfillment

CS.verify(receipt)

Your app, your server, or any third-party service

Storage Security

Frontend-safe by design.

Persistent data structures — maps, lists, counters, sets — secured by declarative role-based policies. Define who can read, write, and delete at the key level. The rules live alongside your data, not in a backend you have to maintain.

No server-side middleware. No API routes to lock down. The security model is the storage layer — not bolted on top of it.

policies.json
{
  "user:*": {
    "read": "owner",
    "write": "owner"
  },
  "posts:*": {
    "read": "public",
    "write": "role:editor",
    "delete": "role:admin"
  },
  "analytics:*": {
    "read": "role:admin",
    "write": "system"
  }
}

Ship it. The backend is handled.

Users. Revenue. Data. One script tag. Zero infrastructure.

<script src="https://cdn.chargescript.com/sdk.js"></script>