Skip to main content

Crate atproto_attestation

Crate atproto_attestation 

Source
Expand description

AT Protocol record attestation utilities based on the CID-first specification.

This crate implements helpers for creating inline and remote attestations and verifying signatures against DID verification methods. It follows the requirements documented in bluesky-attestation-tee/documentation/spec/attestation.md.

§Inline Attestations

Use create_inline_attestation to create a signed record with an embedded signature:

use atproto_attestation::{create_inline_attestation, AnyInput};
use atproto_identity::key::{generate_key, KeyType};
use serde_json::json;

let key = generate_key(KeyType::P256Private)?;
let record = json!({"$type": "app.example.post", "text": "Hello!"});
let metadata = json!({"$type": "com.example.sig", "key": "did:key:..."});

let signed = create_inline_attestation(
    AnyInput::Serialize(record),
    AnyInput::Serialize(metadata),
    "did:plc:repository",
    &key
)?;

§Remote Attestations

Use create_remote_attestation to generate both the proof record and the attested record with strongRef in a single call.

Re-exports§

pub use errors::AttestationError;
pub use cid::create_dagbor_cid;
pub use input::AnyInput;
pub use input::AnyInputError;

Modules§

cid
CID (Content Identifier) generation for AT Protocol records.
errors
Errors that can occur during attestation preparation and verification.
input
Input types for attestation functions supporting multiple input formats.

Traits§

RecordResolver
Resolver trait for retrieving remote attestation records by AT URI.

Functions§

append_inline_attestation
Validates an inline attestation and appends it to a record’s signatures array.
append_remote_attestation
Validates an existing proof record and appends a strongRef to it in the record’s signatures array.
create_inline_attestation
Creates an inline attestation with signature embedded in the record.
create_remote_attestation
Creates a remote attestation with both the attested record and proof record.
create_signature
Creates a cryptographic signature for a record with attestation metadata.
normalize_signature
Normalize raw signature bytes to the required low-S form.
verify_record
Verify all signatures in a record with flexible input types.