atproto-record 0.9.0

AT Protocol record signature operations - cryptographic signing and verification for AT Protocol records
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93

# atproto-record

Cryptographic signature operations for AT Protocol records with IPLD DAG-CBOR serialization and AT-URI parsing.

## Overview

`atproto-record` provides comprehensive signature operations for AT Protocol records, including cryptographic signing, verification, AT-URI parsing, and proper IPLD DAG-CBOR serialization. This library implements the AT Protocol signature format with proper `$sig` object handling for secure record attestation.

## Features

- **Record signing**: Create cryptographic signatures on AT Protocol records
- **Signature verification**: Verify signatures against public keys and issuers
- **AT-URI parsing**: Parse and validate AT Protocol URIs into component parts
- **IPLD serialization**: Proper DAG-CBOR serialization for signature consistency
- **Multi-curve support**: Support for P-256, P-384, and K-256 elliptic curves
- **Structured errors**: Comprehensive error handling with detailed error types
- **CLI tools**: Command-line utilities for record operations (requires `clap` feature)

## Binaries

All CLI tools require the `clap` feature and use consistent command-line argument processing:

- **atproto-record-sign**: Sign AT Protocol records with cryptographic signatures
- **atproto-record-verify**: Verify AT Protocol record signatures

## Library Usage

### Creating Signatures

```rust
use atproto_record::signature;
use atproto_identity::key::identify_key;
use serde_json::json;

let key_data = identify_key("did:key:zQ3sh...")?;
let record = json!({"$type": "app.bsky.feed.post", "text": "Hello!"});
let signature_object = json!({"issuer": "did:plc:issuer", "issuedAt": "2024-01-01T00:00:00Z"});

let signed_record = signature::create(
    &key_data,
    &record,
    "did:plc:repo",
    "app.bsky.feed.post",
    signature_object
).await?;
```

### Verifying Signatures

```rust
let issuer_key = identify_key("did:key:zQ3sh...")?;

signature::verify(
    "did:plc:issuer",
    &issuer_key,
    signed_record,
    "did:plc:repo",
    "app.bsky.feed.post"
).await?;
```

### AT-URI Parsing

```rust
use atproto_record::aturi::ATURI;
use std::str::FromStr;

let aturi = ATURI::from_str("at://did:plc:abc123/app.bsky.feed.post/3k2k4j5h6g")?;
println!("Authority: {}", aturi.authority);
println!("Collection: {}", aturi.collection);
println!("Record Key: {}", aturi.record_key);
```

## Command Line Usage

All CLI tools require the `clap` feature:

```bash
# Build with CLI support
cargo build --features clap --bins

# Sign a record
cargo run --features clap --bin atproto-record-sign -- did:key:zQ3sh... did:plc:issuer record.json \
  repository=did:plc:repo collection=app.bsky.feed.post

# Verify a signature
cargo run --features clap --bin atproto-record-verify -- did:plc:issuer did:key:zQ3sh... signed.json \
  repository=did:plc:repo collection=app.bsky.feed.post
```

## License

MIT License