Skip to main content

Module statements

Module statements 

Source

Re-exports§

pub use invitation::GrantedCapabilities;
pub use invitation::InvitationError;
pub use invitation::InvitationStatement;
pub use invitation::InviteeRestriction;
pub use invitation::TYPE_INVITATION;
pub use invitation::DEFAULT_INVITATION_LIFETIME_SECS;
pub use invitation::MAX_INVITATION_LIFETIME_SECS;
pub use session_participant::ParticipantVerifyError;
pub use session_participant::SessionParticipantStatement;
pub use session_participant::TYPE_SESSION_PARTICIPANT;
pub use session_participant::verify_participant_envelope;

Modules§

invitation
Agent invitation statement – Phase 1 of the agent-invitations spec.
session_participant
Session-participant statement – Phase 1 of the agent-invitations spec.

Structs§

ActionStatement
Records that an actor performed an action.
ApprovalRevocation
Records that an approver revoked a previously-signed grant. Replayed from the journal, this short-circuits any subsequent consume attempt against the revoked grant – “wrong actor / action / subject” fails in scope, “grant revoked” fails in journal lookup.
ApprovalScope
Scope constraints on an approval — who may perform what against which subject, how many times, and until when.
ApprovalStatement
Records that an approver authorised an intent or action.
ApprovalUse
Records that a specific Approval Grant was consumed by a specific Action. One record per use; an approval with max_actions = 3 produces up to three of these (subject to the journal’s max_uses enforcement).
ArtifactRef
A reference to one artifact within a bundle.
BundleStatement
Groups a set of artifacts into a named, signed bundle.
DecisionStatement
Records an agent’s reasoning and decision context.
EndorsementStatement
Records that a signer asserts confidence about an existing artifact.
HandoffStatement
Records that work moved from one actor/domain to another.
JournalCheckpoint
A signed Merkle commitment to a contiguous range of journal records. Lets a verifier check journal continuity (and, with a Hub-signed variant, replay across machines) without reading every record.
ReceiptStatement
Records that an external system observed or confirmed an event.
ReplayCheck
Result of the replay check that verify ran. Carries the level that was achieved plus enough context for printers / reports to render “use 1/1” without re-resolving state.
SubjectRef
A reference to content being attested, approved, or receipted. At least one field should be set.

Enums§

CheckpointKind
What a JournalCheckpoint is committing to. The discriminator lets a verifier physically distinguish a local-journal record from a Hub/org checkpoint, so a checkpoint can never accidentally promote replay-hub-org just because the on-disk shape happens to match.
HubCheckpointVerification
Outcome of verify_hub_checkpoint_signature.
ReplayCheckLevel
Replay-check level surfaced by verify. Lets the printer say exactly what was checked, instead of overclaiming or underclaiming.

Constants§

TYPE_ACTION
TYPE_APPROVAL
TYPE_APPROVAL_REVOCATION
TYPE_APPROVAL_USE
TYPE_BUNDLE
TYPE_DECISION
TYPE_ENDORSEMENT
TYPE_HANDOFF
TYPE_JOURNAL_CHECKPOINT
TYPE_RECEIPT

Functions§

approval_revocation_record_digest
approval_use_record_digest
Compute record_digest for an ApprovalUse. The record’s own record_digest field is excluded from the hash so the value is idempotent: digest_of(record_with_digest_cleared) == record.record_digest.
journal_checkpoint_record_digest
nonce_digest
sha256 over a raw approval nonce, prefixed sha256:. Used everywhere the journal needs to reference a grant’s nonce without storing it.
payload_type
Returns the canonical MIME payloadType for a statement type suffix.
unix_to_rfc3339
verify_hub_checkpoint_signature
Verify the embedded Hub signature on a JournalCheckpoint. Does NOT check coverage (covered_use_ids) – that’s the caller’s job, since it depends on which uses the package contains.