Expand description
Ratify Protocol v1 types.
Every public key and every signature is a hybrid pair: one Ed25519 component and one ML-DSA-65 (FIPS 204) component. Both must verify.
Structs§
- Agent
Identity - An AI agent’s identity.
- Anchor
- Optional external binding for higher-assurance identity.
- Constraint
- First-class bound on when/where/how much an agent may exercise its scopes.
- Delegation
Cert - Signed authorization from a principal to an agent.
- Human
Root - Master identity for a human (or tenant admin).
- Hybrid
Private Key - Both component private keys. Never serialized to the wire.
- Hybrid
Public Key - Ed25519 + ML-DSA-65 public key pair.
- Hybrid
Signature - Ed25519 + ML-DSA-65 signature pair over the same canonical bytes.
- KeyRotation
Statement - Signed continuity statement from an old root key to a new root key.
- Policy
Verdict - HMAC-bound cached policy decision (SPEC §17.6). The policy equivalent
of
SessionToken: issued once by a commercial policy backend, accepted locally by the verifier for the rest ofvalid_untilwithout re-calling the backend. - Proof
Bundle - Proof an agent presents to a verifier.
- Receipt
Party - One party to a TransactionReceipt.
- Receipt
Party Signature - Hybrid signature by a party over the canonical receipt signable.
- Revocation
List - Signed list of revoked cert IDs, served by the issuer.
- Revocation
Push - v1.1 signed push notification of newly revoked cert IDs.
- Session
Token - v1.1 verifier-issued credential that caches a verified chain. MAC = HMAC-SHA256(session_secret, session_token_sign_bytes(token)). The session secret is private to the verifier and never leaves its trust boundary.
- Stream
Context - Verifier state tracked per stream_id for v1.1 stream-bound bundles.
- Transaction
Receipt - v1.1 canonical envelope for a multi-party, atomic transaction.
- Transaction
Receipt Result - Outcome of verify_transaction_receipt.
- Verification
Receipt - Verifier-signed attestation that a specific ProofBundle was verified at a specific moment with a specific outcome (SPEC §17.5).
- Verifier
Context - Application-supplied inputs for evaluating first-class constraints.
A cert bearing a constraint whose required context field is absent will
be rejected with
constraint_unverifiable(fail-closed). - Verify
Options - Options passed to
verify_bundle. - Verify
Result - Deterministic output of
verify_bundle. Always checkvalidfirst. - Witness
Entry - v1.1 element in a hash-chain append-only witness log.
Enums§
- Identity
Status - Identity status values in a VerifyResult (SPEC §5.9). Granular failure statuses (scope_denied, constraint_denied, etc) let callers route on the enum directly — they do not have to parse error_reason text.
Constants§
- CHALLENGE_
WINDOW_ SECONDS - ED25519_
PUBLIC_ KEY_ SIZE - ED25519_
SIGNATURE_ SIZE - MAX_
DELEGATION_ CHAIN_ DEPTH - MLDS
A65_ PUBLIC_ KEY_ SIZE - MLDS
A65_ SIGNATURE_ SIZE - PROTOCOL_
VERSION
Traits§
- Anchor
Resolver - Resolves a verified
human_idto its external-identity binding (SPEC §17.8). Errors are non-fatal: the verifier MUST NOT fail the bundle because the resolver errored — it silently leavesVerifyResult.anchorNoneand continues. - Audit
Provider - Pluggable audit-receipt persistence (SPEC §17.3).
- Constraint
Evaluator - Pluggable evaluator for extension constraint types (SPEC §17.7).
- Policy
Provider - Pluggable evaluator for verifier-local policy (SPEC §17.2).
- Revocation
Provider - Pluggable provider for revocation state (SPEC §17.1).