Expand description
Self-signed proof verifier abstraction (Sprint 11 row 152).
Controlled Identifier (CID) authentication admits multiple proof
formats: did:key self-signed JWTs (Sprint 11 row 153), NIP-98
Nostr events (Sprint 3 auth::nip98), did:nostr bridged profiles
(Sprint 6 interop::did_nostr), and any future DID method that
publishes a verification-relationship-bearing controller document.
This module defines the transport-independent contract every
verifier implements, plus a fan-out CidVerifier that consults
each registered inner verifier in order and returns the first
success. Wiring is at the crate::wac::issuer layer: an
acl:IssuerCondition with acl:issuer <cid:Verifier> dispatches
through a dispatcher the consumer builds from a CidVerifier.
Reference: W3C Controlled Identifier Document 1.0 (https://www.w3.org/TR/cid/). WAC 2.0 profile: https://webacl.org/secure-access-conditions/.
Structs§
- CidVerifier
- Fan-out dispatcher — tries each inner verifier in order. The first
one returning
Ok(Some(_))wins. AnyErr(_)short-circuits with that error so a broken-but-matching proof surfaces a precise diagnostic rather than being masked asUnrecognisedFormat. - Proof
Envelope - Proof envelope passed to every
SelfSignedVerifierimplementation. - Verified
Subject - Output of a successful
SelfSignedVerifier::verifycall.
Enums§
- Self
Signed Error - Errors returned by any
SelfSignedVerifier.
Traits§
- Self
Signed Verifier - Verifier for a single self-signed proof format.