Crate tap_agent 

TAP Agent implementation

This crate provides an agent implementation for the Transaction Authorization Protocol (TAP). The TAP Agent is responsible for sending and receiving TAP messages, managing keys, and applying policies.

Architecture Overview

The TAP Agent crate is designed to work both standalone and within a TAP Node environment:

• Standalone Usage: Agents can be used independently to send/receive messages
• Node Integration: Agents work with TAP Node for scalable multi-agent deployments

Message Processing Flow

For Encrypted Messages

1. Agent receives encrypted message via receive_encrypted_message()
2. Agent decrypts using its private keys
3. Agent processes the resulting PlainMessage

For Signed Messages

1. Signature verification happens at the node level using verify_jws()
2. Verified PlainMessage is passed to agent via receive_plain_message()
3. Agent processes the message

For Standalone Usage

1. Agent receives raw message via receive_message()
2. Agent determines message type (plain, signed, encrypted)
3. Agent handles verification/decryption and returns PlainMessage

Key Components

• Agent trait: Defines the interface for all TAP agents
• TapAgent: Main implementation using AgentKeyManager
• verify_jws: Standalone JWS verification using DID resolution
• AgentKeyManager: Manages cryptographic keys and operations

Examples

Creating a Standalone Agent

use tap_agent::{TapAgent, AgentConfig};

async fn create_agent() -> Result<(), Box<dyn std::error::Error>> {
    // Create agent with ephemeral key
    let (agent, did) = TapAgent::from_ephemeral_key().await?;
    println!("Created agent with DID: {}", did);
     
    // Agent can now send/receive messages
    Ok(())
}

Verifying Signed Messages

use tap_agent::{verify_jws, MultiResolver};

async fn verify_message() -> Result<(), Box<dyn std::error::Error>> {
    let resolver = MultiResolver::default();
    // let jws = ...; // Get JWS from somewhere
    // let plain_message = verify_jws(&jws, &resolver).await?;
    Ok(())
}

Re-exports

pub use agent_key_manager::AgentKeyManager;

pub use agent_key_manager::AgentKeyManagerBuilder;

pub use config::AgentConfig;

pub use did::DIDDoc;

pub use did::DIDGenerationOptions;

pub use did::DIDKeyGenerator;

pub use did::GeneratedKey;

pub use did::KeyResolver;

pub use did::KeyType;

pub use did::VerificationMaterial;

pub use did::VerificationMethod;

pub use did::VerificationMethodType;

pub use error::Error;

pub use error::Result;

pub use key_manager::extract_private_key_from_secret;

pub use key_manager::KeyManager;

pub use key_manager::Secret;

pub use key_manager::SecretMaterial;

pub use key_manager::SecretType;

pub use storage::KeyStorage;

pub use storage::StoredKey;

pub use agent_key::AgentKey;

pub use agent_key::DecryptionKey;

pub use agent_key::EncryptionKey;

pub use agent_key::JweAlgorithm;

pub use agent_key::JweEncryption;

pub use agent_key::JwsAlgorithm;

pub use agent_key::SigningKey;

pub use agent_key::VerificationKey;

pub use local_agent_key::LocalAgentKey;

pub use local_agent_key::PublicVerificationKey;

pub use message::Jwe;

pub use message::JweHeader;

pub use message::JweRecipient;

pub use message::Jws;

pub use message::JwsSignature;

pub use message::SecurityMode;

pub use message_packing::KeyManagerPacking;

pub use message_packing::PackOptions;

pub use message_packing::Packable;

pub use message_packing::UnpackOptions;

pub use message_packing::Unpackable;

pub use message_packing::UnpackedMessage;

pub use oob::OutOfBandBody;

pub use oob::OutOfBandBuilder;

pub use oob::OutOfBandInvitation;

pub use payment_link::PaymentLink;

pub use payment_link::PaymentLinkBuilder;

pub use payment_link::PaymentLinkConfig;

pub use payment_link::PaymentLinkInfo;

pub use payment_link::DEFAULT_PAYMENT_SERVICE_URL;

pub use secret_helper::SecretHelperConfig;

pub use secret_helper::SecretHelperOutput;

pub use did::MultiResolver;

pub use agent::Agent;

pub use agent::DeliveryResult;

pub use agent::EnhancedAgentInfo;

pub use agent::TapAgent;

pub use did::DIDMethodResolver;

pub use did::SyncDIDResolver;

pub use message::PRESENTATION_MESSAGE_TYPE;

pub use verification::verify_jws;

Modules

agent

Agent implementation

agent_key

Agent key abstraction Agent Key Abstraction for the TAP Agent

agent_key_manager

Agent key manager implementation Agent Key Manager for the TAP Agent

cli

Command-line interface for managing DIDs and keys CLI tool for managing DIDs and keys

config

Agent configuration Configuration for the TAP Agent

crypto

Cryptographic primitives (KDF, AES-KW) Cryptographic primitives for TAP Agent

did

DID utilities DID resolution and generation functionality for the TAP Agent.

error

Error types Error handling for TAP Agent

key_manager

Key management Key management functionality for the TAP Agent.

key_store

Key storage abstraction for future external key management Key Storage Abstraction Layer

local_agent_key

Local agent key implementation Local Agent Key implementation for the TAP Agent

message

Message types and utilities Message types and utilities for the TAP Agent.

message_packing

Message packing and unpacking utilities Message Packing and Unpacking Utilities

oob

Out-of-band message handling Out-of-Band (OOB) message support for TAP agents

payment_link

Payment link functionality Payment link functionality for TAP agents

secret_helper

Secret helper for external key management Secret helper for external key management integration

storage

Key storage utilities Key storage functionality for TAP Agent

verification

Message verification utilities

Structs

PlainMessage

Wrapper for plain message. Provides helpers for message building and packing/unpacking. Adapted from https://github.com/sicpa-dlab/didcomm-rust/blob/main/src/message/message.rs

Constants

VERSION

Version of the TAP Agent

Functions

is_running_tests

Utility function to detect if we’re running in test mode