Skip to main content

Crate auths_id

Crate auths_id 

Source
Expand description

§auths-id

Identity management and attestation logic for Auths.

This crate provides:

  • Identity creation via did:key and did:keri derivation
  • Attestation management for device linking
  • Git storage for identity and attestation persistence

§Architecture

┌─────────────┐     ┌──────────────┐     ┌─────────────┐
│  Identity   │────▶│  Attestation │────▶│ Git Storage │
│ (did:keri)  │     │   (signed)   │     │  (refs/*)   │
└─────────────┘     └──────────────┘     └─────────────┘

§Usage

use auths_id::identity::Identity;
use auths_id::attestation::Attestation;

// Create an identity from a public key
let identity = Identity::from_public_key(&pubkey_bytes)?;

// Create an attestation linking a device
let attestation = Attestation::builder()
    .issuer(&identity.did)
    .subject("did:key:z6MkDevice...")
    .capability(Capability::SignCommit)
    .build()?;

§Git Storage Layout

RefContent
refs/auths/identityIdentity metadata
refs/auths/attestations/nodes/<did>Attestations keyed by subject DID
refs/auths/device-kel/<prefix>Per-device KEL state
refs/auths/shared-kel/<prefix>Shared identity KEL state
refs/did/keri/<prefix>/kelKERI Key Event Log
refs/did/keri/<prefix>/receipts/<said>Witness receipts

Modules§

agent_identity
Agent identity config + TOML preview types.
attestation
domain
domain_separation
HKDF info labels and signature-context tags used by the auths-id crate. Mirrors the shape of auths_pairing_protocol::domain_separation but scoped to identity-level constructions.
error
freeze
Identity freeze management.
identity
keri
KERI (Key Event Receipt Infrastructure) implementation.
policy
Policy engine for authorization decisions.
ports
Port traits for hexagonal architecture.
storage
trailer
Git trailer parsing and formatting utilities.
trust
Trust resolution implementation for auths-id.
witness
Witness type conversions for git2 integration.
witness_config
Identity-level witness configuration.