1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
// Copyright 2026 Exochain Foundation
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at:
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// SPDX-License-Identifier: Apache-2.0
//! 0dentity — sovereign identity scoring application.
//!
//! This module implements the 0dentity system as specified in
//! `docs/0DENTITY-APP-SPEC.md`. It is split across several sub-modules:
//!
//! - **types** — foundational types (claims, axes, scores, fingerprints)
//! - **scoring** — `ZerodentityScore::compute()` + 8 axis functions
//! - **store** — `ZerodentityStore` + `SharedZerodentityStore`
//! - **otp** — HMAC-SHA256 OTP challenge state machine
//! - **fingerprint** — Jaccard-similarity device consistency scoring
//! - **behavioral** — histogram baseline similarity
//! - **attestation** — peer attestation validation
//! - **onboarding** — POST /api/v1/0dentity/claims, /verify, /verify/resend
//! - **api** — GET /api/v1/0dentity/:did/score, /claims, /history
//! - **dashboard** — GET /0dentity/dashboard/:did
//! - **onboarding_ui**— GET /0dentity (onboarding flow HTML)
//!
//! # Audit status — Onyx-4 R3 (default-off axes)
//!
//! The device fingerprint and behavioral biometric modules are deterministic
//! and tested, and the score engine can consume stored samples. The public
//! onboarding write path does not persist those client-collected samples, so
//! `device_trust` and `behavioral_signature` are disabled by default behind
//! `unaudited-zerodentity-device-behavioral-axes`.
//!
//! The fingerprint timeline API is also disabled by default because it exposes
//! the same unaudited data surface. The R3 initiative is
//! `fix-onyx-4-r3-unwired-axes.md`.
// Core modules
pub
pub
// Feature modules
/// Feature flag required to score device and behavioral 0dentity axes.
pub const DEVICE_BEHAVIORAL_AXES_FEATURE: &str = "unaudited-zerodentity-device-behavioral-axes";
/// Initiative documenting the R3 unwired-axis finding.
pub const DEVICE_BEHAVIORAL_AXES_INITIATIVE: &str = "fix-onyx-4-r3-unwired-axes.md";
/// Whether the unaudited device/behavioral axes are compiled in.
pub const
// ---------------------------------------------------------------------------
// Re-exports — the public surface of the 0dentity module
// ---------------------------------------------------------------------------
pub use ;
pub use ;
pub use ;