Skip to main content

Crate ratify_protocol

Crate ratify_protocol 

Source
Expand description

Ratify Protocol v1 — Rust reference SDK.

A cryptographic trust protocol for human-agent and agent-agent interactions as agents start to transact. Every signature is hybrid Ed25519 + ML-DSA-65 (FIPS 204): quantum-safe by design.

See docs/EXPLAINED.md and docs/AGENT_TO_AGENT.md in the repository for architecture, threat model, and agent-to-agent patterns.

§no_std support

Disable the default std feature to use this crate without the standard library. An alloc crate is required. I/O, SystemTime, and serde_json support are only available with std.

Re-exports§

pub use canonical::base64_std_decode;
pub use canonical::base64_std_encode;
pub use canonical::hex_decode;
pub use canonical::hex_encode;
pub use canonical::canonical_json;
pub use crypto::chain_hash;
pub use crypto::challenge_sign_bytes;
pub use crypto::challenge_sign_bytes_with_session_context;
pub use crypto::challenge_sign_bytes_with_stream;
pub use crypto::delegation_sign_bytes;
pub use crypto::derive_id;
pub use crypto::generate_challenge;
pub use crypto::generate_hybrid_keypair;
pub use crypto::issue_delegation;
pub use crypto::issue_key_rotation_statement;
pub use crypto::issue_revocation_list;
pub use crypto::issue_revocation_push;
pub use crypto::issue_session_token;
pub use crypto::issue_witness_entry;
pub use crypto::key_rotation_sign_bytes;
pub use crypto::revocation_push_sign_bytes;
pub use crypto::revocation_sign_bytes;
pub use crypto::session_token_sign_bytes;
pub use crypto::sign_both;
pub use crypto::sign_challenge;
pub use crypto::sign_challenge_with_session_context;
pub use crypto::sign_challenge_with_stream;
pub use crypto::sign_transaction_receipt_party;
pub use crypto::transaction_receipt_sign_bytes;
pub use crypto::verify_both;
pub use crypto::verify_challenge_signature;
pub use crypto::verify_challenge_signature_with_session_context;
pub use crypto::verify_challenge_signature_with_stream;
pub use crypto::verify_delegation_signature;
pub use crypto::verify_delegation_signature_e;
pub use crypto::verify_key_rotation_statement;
pub use crypto::verify_revocation_list;
pub use crypto::verify_revocation_push;
pub use crypto::verify_session_token;
pub use crypto::verify_session_token_e;
pub use crypto::verify_witness_entry;
pub use crypto::witness_entry_sign_bytes;
pub use crypto::generate_agent;
pub use crypto::generate_human_root;
pub use scope::expand_scopes;
pub use scope::has_scope;
pub use scope::intersect_scopes;
pub use scope::is_sensitive;
pub use scope::validate_scopes;
pub use scope::CUSTOM_SCOPE_PREFIX;
pub use scope::SCOPE_COMMS_CALENDAR_READ;
pub use scope::SCOPE_COMMS_CALENDAR_WRITE;
pub use scope::SCOPE_COMMS_EMAIL_DELETE;
pub use scope::SCOPE_COMMS_EMAIL_READ;
pub use scope::SCOPE_COMMS_EMAIL_SEND;
pub use scope::SCOPE_COMMS_MESSAGE_DELETE;
pub use scope::SCOPE_COMMS_MESSAGE_READ;
pub use scope::SCOPE_COMMS_MESSAGE_SEND;
pub use scope::SCOPE_CONTRACT_READ;
pub use scope::SCOPE_CONTRACT_SIGN;
pub use scope::SCOPE_DATA_DELETE;
pub use scope::SCOPE_DATA_EXPORT;
pub use scope::SCOPE_DATA_READ;
pub use scope::SCOPE_DATA_SHARE;
pub use scope::SCOPE_DATA_WRITE;
pub use scope::SCOPE_EXECUTE_CODE;
pub use scope::SCOPE_EXECUTE_TOOL;
pub use scope::SCOPE_FILES_READ;
pub use scope::SCOPE_FILES_WRITE;
pub use scope::SCOPE_GENERATE_CONTENT;
pub use scope::SCOPE_GENERATE_DEEPFAKE;
pub use scope::SCOPE_IDENTITY_DELEGATE;
pub use scope::SCOPE_IDENTITY_PROVE;
pub use scope::SCOPE_MEETING_ATTEND;
pub use scope::SCOPE_MEETING_CHAT;
pub use scope::SCOPE_MEETING_RECORD;
pub use scope::SCOPE_MEETING_SHARE_SCREEN;
pub use scope::SCOPE_MEETING_SPEAK;
pub use scope::SCOPE_MEETING_VIDEO;
pub use scope::SCOPE_PAYMENTS_AUTHORIZE;
pub use scope::SCOPE_PAYMENTS_RECEIVE;
pub use scope::SCOPE_PAYMENTS_SEND;
pub use scope::SCOPE_TRANSACT_PURCHASE;
pub use scope::SCOPE_TRANSACT_SELL;
pub use receipts::bundle_hash;
pub use receipts::issue_policy_verdict;
pub use receipts::issue_verification_receipt;
pub use receipts::policy_verdict_sign_bytes_buf;
pub use receipts::receipt_hash;
pub use receipts::verification_receipt_sign_bytes_buf;
pub use receipts::verifier_context_hash;
pub use receipts::verify_policy_verdict;
pub use receipts::verify_verification_receipt;
pub use types::AgentIdentity;
pub use types::Anchor;
pub use types::AnchorResolver;
pub use types::AuditProvider;
pub use types::Constraint;
pub use types::ConstraintEvaluator;
pub use types::DelegationCert;
pub use types::HumanRoot;
pub use types::HybridPrivateKey;
pub use types::HybridPublicKey;
pub use types::HybridSignature;
pub use types::IdentityStatus;
pub use types::KeyRotationStatement;
pub use types::PolicyProvider;
pub use types::PolicyVerdict;
pub use types::ProofBundle;
pub use types::ReceiptParty;
pub use types::ReceiptPartySignature;
pub use types::RevocationList;
pub use types::RevocationProvider;
pub use types::RevocationPush;
pub use types::SessionToken;
pub use types::StreamContext;
pub use types::TransactionReceipt;
pub use types::TransactionReceiptResult;
pub use types::VerificationReceipt;
pub use types::VerifierContext;
pub use types::VerifyOptions;
pub use types::VerifyResult;
pub use types::WitnessEntry;
pub use types::CHALLENGE_WINDOW_SECONDS;
pub use types::ED25519_PUBLIC_KEY_SIZE;
pub use types::ED25519_SIGNATURE_SIZE;
pub use types::MAX_DELEGATION_CHAIN_DEPTH;
pub use types::MLDSA65_PUBLIC_KEY_SIZE;
pub use types::MLDSA65_SIGNATURE_SIZE;
pub use types::PROTOCOL_VERSION;
pub use verify::verify_bundle;
pub use verify::verify_streamed_turn;
pub use verify::verify_transaction_receipt;

Modules§

canonical
Canonical JSON serialization per Ratify Protocol SPEC §6.
constraints
Constraint evaluation — mirrors Go’s constraints.go exactly.
crypto
Ratify Protocol v1 — hybrid (Ed25519 + ML-DSA-65) crypto primitives.
receipts
Receipts and verdicts — SPEC §17.5–§17.6.
scope
Canonical scope vocabulary for Ratify Protocol v1.
types
Ratify Protocol v1 types.
verify
Verify — the core verifier. Mirrors the Go reference verify.go exactly.