Expand description
Pod-git-root agent identity writer (ADR-124 §5.3 / Defect-3 NEW).
Melvin Carvalho’s create-agent design treats each per-user pod as a
full git repository whose ROOT carries two identity artefacts:
agent.did.json— the canonicaldid:nostrDID document (ADR-125 / §1: two-context, top-levelDIDNostr, singleMultikeyverification method withpublicKeyMultibase: "fe70102<hex>",#key1,service: []).git config nostr.privkey <hex>— the agent’s BIP-340 secret key, stored in the pod-repo’s local git config (never committed).
This module is the solid-pod-rs analogue of create-agent’s identity
bootstrap. It is net-new (Defect-3): the pre-pivot bootstrap wrote a
2019-shape did-nostr.json and an identity.env; neither
agent.did.json nor git config nostr.privkey existed. The canonical
DID doc is rendered by solid_pod_rs::did_nostr_types::render_did_document,
so the on-disk doc is byte-identical to every other emitter in the
ecosystem.
§Invariants
- I1 — the
did:nostr:<hex>identity string is unchanged; the pubkey is the canonical x-only hex. - I2 —
publicKeyMultibase == "fe70102" + <x-only-hex>, produced by the canonical renderer; no key bytes change. - I3 — this writer is provisioning only. It never participates in the NIP-98 auth path; the privkey it git-configs is the signing key, not an authentication oracle.
Structs§
- Agent
Identity Written - Result of writing the pod-git-root identity artefacts.
Constants§
- AGENT_
DID_ FILE - Filename of the canonical DID document at the pod-git root.
- NOSTR_
PRIVKEY_ KEY - The git-config key under which the agent’s BIP-340 secret key (hex) is stored in the pod-repo’s local config (create-agent parity).
Functions§
- write_
agent_ identity - Write the canonical
agent.did.jsontopod_rootand, when a secret key is supplied, rungit config --local nostr.privkey <privkey_hex>in the pod repo.