Expand description
Cryptographic primitives for the agent-mesh.
This crate provides the identity layer the rest of the workspace builds on:
UserKey— root of trust, one ed25519 keypair per user.AgentKey— short-lived per-process sub-key, certified by aUserKeyvia aCertChain.GitHubBinding— cross-signature linking aUserKeyto the ed25519 SSH key GitHub already knows about.SignedEnvelope— the wire format every mesh message is wrapped in.Fingerprint— short BLAKE3 identifier for keys and content.
All wall-clock time in this crate is treated as a claim (e.g.
AgentMetadata::issued_at), never as a coordination primitive.
See the project CLAUDE.md for the rationale.
Re-exports§
pub use agent_key::AgentKey;pub use agent_key::AgentMetadata;pub use agent_key::CertChain;pub use agent_key::Issuer;pub use agent_key::SerdeSig;pub use caveats::Caveats;pub use caveats::CountBound;pub use caveats::Scope;pub use envelope::Recipient;pub use envelope::SignedEnvelope;pub use error::MeshError;pub use error::Result;pub use fingerprint::Fingerprint;pub use github_binding::ssh_pubkey_ed25519_bytes;pub use github_binding::GitHubBinding;pub use user_key::UserKey;pub use user_key::UserPublic;
Modules§
- agent_
key AgentKey— a short-lived per-agent ed25519 sub-key, certified by aUserKey.- caveats
Caveats— the authority lattice for attenuated agent capabilities.- envelope
- Signed wire envelope. Every message between mesh peers is wrapped in one of these — the cert chain proves the sender belongs to a user, the agent signature proves the message wasn’t tampered with, and the payload CID lets receivers reject mismatched bodies before paying for downstream parsing.
- error
- Crate-wide error type for
agent-mesh-protocol. - fingerprint
- BLAKE3-based fingerprint for keys and content-addressed payloads.
- github_
binding - Cross-signature binding an agent-mesh
UserKeyto a GitHub SSH ed25519 key. - user_
key UserKey— the per-user root of trust.