Skip to main content

typesec_integrations/
did.rs

1//! Decentralized identifier messaging helpers for Typesec.
2//!
3//! This module treats DIDs as identity, key-discovery, and routing handles.
4//! Runtime authorization still flows through [`typesec_core::PolicyEngine`]:
5//! a verified DID message identifies the subject, and a policy engine decides
6//! whether to mint the typed capability required to reveal or use the payload.
7//!
8//! [`Ed25519DidKeyStore`] is the production key store: Ed25519 signatures,
9//! X25519 key agreement, and ChaCha20-Poly1305 payload encryption. The
10//! deterministic, **non-cryptographic** `DemoDidKeyStore` is only compiled in
11//! tests or behind the `demo-crypto` feature — never enable that feature in
12//! production builds. Deployments with stronger requirements should implement
13//! [`DidKeyStore`] with JOSE/DIDComm, HPKE, or an HSM/KMS.
14
15mod crypto;
16mod document;
17mod envelope;
18mod error;
19mod gateway;
20mod identifier;
21mod keystore;
22#[cfg(any(test, feature = "demo-crypto"))]
23mod keystore_demo;
24mod ollama;
25mod typedid;
26
27pub use document::{DidDocument, DidResolver, DidService, StaticDidResolver, VerificationMethod};
28pub use envelope::{DidEnvelope, DidMessageBody, DidMessageReference, DidReplyBinding};
29pub use error::DidError;
30pub use gateway::{
31    DidMessageGateway, TypeDidAttestation, TypeDidGateway, VerifiedDidPrompt,
32    VerifiedTypeDidMessage,
33};
34pub use identifier::Did;
35pub use keystore::{DidKeyStore, Ed25519DidKey, Ed25519DidKeyStore};
36#[cfg(any(test, feature = "demo-crypto"))]
37pub use keystore_demo::{DemoDidKeyPair, DemoDidKeyStore};
38pub use ollama::DidOllamaClient;
39pub use typedid::{
40    A2aTypeDidAdapter, AcpTypeDidAdapter, BandSecureEnvelopeAdapter, HttpTypeDidAdapter,
41    SecureEnvelopeAdapter, StaticTypeDidProfileResolver, TypeDidConversation, TypeDidMode,
42    TypeDidProfile, TypeDidProfileResolver, TypeDidWrapRequest,
43};
44
45#[cfg(test)]
46mod tests;