Expand description
VTA (Verifiable Trust Agent) service library.
This is the shared business logic used by both the vta binary
(local/dev/cloud) and the vta-enclave binary (Nitro Enclave).
Front-end binaries import this library and call server::run()
with the appropriate store backend and TEE context.
Modules§
- acl
- acl_
sweeper - Background pruning of expired ACL rows.
- audit
- Structured audit logging for security-relevant operations.
- auth
- backup_
bundle_ store - Fjall-backed storage for in-flight backup bundles.
- backup_
bundle_ sweeper - Background pruning of expired + terminal backup bundles.
- config
- contexts
- crypto_
init - Register the rustls
aws-lc-rsCryptoProvideras the process-wide default. - did_
templates - Server-side storage for DID templates.
- didcomm_
bridge - error
- keys
- keyspaces
- Central registry of the VTA’s keyspace names.
- messaging
- metrics
- Prometheus metrics for operational observability.
- operations
- routes
- seal
- VTA Seal — prevents offline CLI commands from modifying state.
- sealed_
nonce_ store - Persistent backing for the sealed-transfer
NonceStoretrait. - server
- status
- store
- trust_
tasks - Transport-neutral Trust-Task dispatch subsystem. Both the REST route
(
routes::trust_tasks-mounteddispatch_trust_task) and the DIDCommhandle_trust_taskhandler dispatch throughdispatch_trust_task_corehere, so it lives at the crate root rather than underroutes::(P2.4).POST /api/trust-tasks— the VTA-side trust-task dispatcher. - vault
- VTA credential vault — the format-agnostic credential store
(
docs/05-design-notes/vti-credential-architecture.md§5, task 1.1). - webvh_
auth - Daemon REST authentication for webvh hosting servers.
- webvh_
client - webvh_
didcomm - DIDComm transport for webvh server operations.
- webvh_
store
Functions§
- init_
tracing - Initialize tracing/logging from config. Call once at startup before any log output. Shared by all VTA front-end binaries.
- init_
tracing_ with_ writer - Initialize tracing with a custom
MakeWriter.