tenuo

Cryptographic authorization primitive for AI agents.

Overview

Tenuo implements capability tokens (Warrants) for AI agent authorization:

Offline verification in ~27μs - no network calls
Monotonic attenuation - delegated tokens can only shrink in scope
Proof-of-possession - stolen tokens are useless without the private key
Constraint types - Exact, Pattern, Range, OneOf, Regex, Wildcard

Quick Start

use tenuo::{SigningKey, Warrant, Constraint, ConstraintSet, Authorizer};

// Generate keys
let issuer_key = SigningKey::generate();
let holder_key = SigningKey::generate();

// Issue a warrant
let warrant = Warrant::builder()
    .capability("read_file", ConstraintSet::new().insert("path", Constraint::pattern("/data/*")))
    .holder(holder_key.public_key())
    .ttl_secs(300)
    .build(&issuer_key)?;

// Verify and authorize
let authorizer = Authorizer::new(vec![issuer_key.public_key()]);
authorizer.verify_and_authorize(
    &warrant,
    "read_file",
    &[("path", "/data/report.txt")],
    Some(&holder_key.create_pop(&warrant, "read_file", &args)?),
)?;

Features

Feature	Description
`control-plane`	Warrant issuance (default)
`data-plane`	Warrant verification (default)
`python`	PyO3 bindings
`server`	HTTP server dependencies

Use Cases

Sidecar authorizer - Verify warrants at the edge
Gateway integration - Envoy/Istio external authorization
Embedded verification - In-process authorization checks

Documentation

tenuo.ai - Full documentation
docs.rs/tenuo - API reference
GitHub - Source code

License

MIT OR Apache-2.0

tenuo 0.1.0-alpha.7

tenuo

Overview

Quick Start

Features

Use Cases

Documentation

License