arsia-protocol 1.0.0__tar.gz

arsia_protocol-1.0.0/.gitignore

@@ -0,0 +1 @@
+src/arsia_protocol/_data/

arsia_protocol-1.0.0/LICENSE

@@ -0,0 +1,140 @@
+# Business Source License 1.1
+
+## Parameters
+
+```
+Licensor:             Arsia Tecnologia Unipessoal Lda
+
+Licensed Work:        ARSIA Protocol SDK, including all Python source code,
+                      tests, examples, documentation, conformance runner,
+                      build configuration, and automation code contained
+                      in this repository, whether distributed as part of
+                      this repository or otherwise by the Licensor.
+
+                      The Licensed Work does not include the contents of
+                      the shared/ directory, which contains technical
+                      interoperability artifacts licensed separately under
+                      the Apache License 2.0. See shared/LICENSE-ARTIFACTS.md.
+
+Copyright:            Copyright 2025-2026 Arsia Labs
+                      (Arsia Tecnologia Unipessoal Lda)
+
+Additional Use Grant: You may make production use of the Licensed Work,
+                      provided that your use does not include offering
+                      the Licensed Work, modified or unmodified, to third
+                      parties on a hosted, embedded, managed, packaged, or
+                      substantially similar basis in order to provide a
+                      product or service that competes with the Licensor's
+                      paid products or services.
+
+                      For purposes of this License, a "Competitive Offering"
+                      means a product, service, SDK, API, platform, hosted
+                      service, managed service, packaged distribution, or
+                      substantially similar offering, made available to
+                      third parties, that substantially overlaps with the
+                      capabilities of the Licensor's paid products or
+                      services.
+
+                      Internal use within your organization, including use
+                      in production systems, is not considered a Competitive
+                      Offering.
+
+                      For purposes of this License, "your organization"
+                      includes your company, institution, or legal entity,
+                      together with entities that control, are controlled by,
+                      or are under common control with that entity.
+
+                      Contractors, subcontractors, consultants, and service
+                      providers may use the Licensed Work on your behalf,
+                      solely for your organization's internal use and subject
+                      to this License.
+
+                      Development, testing, evaluation, research,
+                      interoperability, conformance testing, and
+                      non-production use are permitted.
+
+Change Date:          Four years from the date of each release
+
+Change License:       Mozilla Public License Version 2.0 (MPL-2.0),
+                      without the Exhibit B "Incompatible With Secondary
+                      Licenses" notice
+
+Contact:              licensing@arsialabs.ai
+```
+
+---
+
+License text copyright (c) 2024 MariaDB plc, All Rights Reserved.
+"Business Source License" is a trademark of MariaDB plc.
+
+## Terms
+
+The Licensor hereby grants you the right to copy, modify, create derivative
+works, redistribute, and make non-production use of the Licensed Work. The
+Licensor may make an Additional Use Grant, above, permitting limited
+production use.
+
+Effective on the Change Date, or the fourth anniversary of the first publicly
+available distribution of a specific version of the Licensed Work under this
+License, whichever comes first, the Licensor hereby grants you rights under
+the terms of the Change License, and the rights granted in the paragraph
+above terminate.
+
+If your use of the Licensed Work does not comply with the requirements
+currently in effect as described in this License, you must purchase a
+commercial license from the Licensor, its affiliated entities, or authorized
+resellers, or you must refrain from using the Licensed Work.
+
+All copies of the original and modified Licensed Work, and derivative works
+of the Licensed Work, are subject to this License. This License applies
+separately for each version of the Licensed Work and the Change Date may vary
+for each version of the Licensed Work released by Licensor.
+
+You must conspicuously display this License on each original or modified copy
+of the Licensed Work. If you receive the Licensed Work in original or
+modified form from a third party, the terms and conditions set forth in this
+License apply to your use of that work.
+
+Any use of the Licensed Work in violation of this License will automatically
+terminate your rights under this License for the current and all other
+versions of the Licensed Work.
+
+This License does not grant you any right in any trademark or logo of
+Licensor or its affiliates (provided that you may use a trademark or logo of
+Licensor as expressly required by this License).
+
+TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
+AN "AS IS" BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
+EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
+TITLE.
+
+MariaDB hereby grants you permission to use this License's text to license
+your works, and to refer to it using the trademark "Business Source License",
+as long as you comply with the Covenants of Licensor below.
+
+## Covenants of Licensor
+
+In consideration of the right to use this License's text and the "Business
+Source License" name and trademark, Licensor covenants to MariaDB, and to all
+other recipients of the licensed work to be provided by Licensor:
+
+To specify as the Change License the GPL Version 2.0 or any later version,
+or a license that is compatible with GPL Version 2.0 or a later version,
+where "compatible" means that software provided under the Change License can
+be included in a program with software provided under GPL Version 2.0 or a
+later version. Licensor may specify additional Change Licenses without
+limitation.
+
+To either: (a) specify an additional grant of rights to use that does not
+impose any additional restriction on the right granted in this License, as
+the Additional Use Grant; or (b) insert the text "None" to specify a Change
+Date.
+
+Not to modify this License in any other way.
+
+## Notice
+
+The Business Source License (this document, or the "License") is not an Open
+Source license. However, the Licensed Work will eventually be made available
+under an Open Source License, as stated in this License.

arsia_protocol-1.0.0/NOTICE

@@ -0,0 +1,14 @@
+ARSIA Protocol SDK
+Copyright 2025-2026 Arsia Labs (Arsia Tecnologia Unipessoal Lda)
+
+This product includes technical interoperability artifacts (schemas,
+compliance profiles, and test vectors) from the ARSIA Protocol specification,
+licensed under the Apache License 2.0.
+
+  Source: https://github.com/arsialabs/arsia-protocol
+  Copyright 2025-2026 Arsia Labs (Arsia Tecnologia Unipessoal Lda)
+  Licensed under the Apache License, Version 2.0
+  https://www.apache.org/licenses/LICENSE-2.0
+
+These artifacts are located in the _data/ directory of the installed package
+and in the shared/ directory of the source repository.

arsia_protocol-1.0.0/PKG-INFO

@@ -0,0 +1,254 @@
+Metadata-Version: 2.4
+Name: arsia-protocol
+Version: 1.0.0
+Summary: ARSIA Protocol SDK — EdDSA signing, message types, compliance profiles for autonomous AI agent infrastructure
+Project-URL: Homepage, https://arsiaprotocol.org
+Project-URL: Documentation, https://arsiaprotocol.org
+Project-URL: Repository, https://github.com/arsialabs/arsia-protocol-sdk
+Project-URL: Specification, https://github.com/arsialabs/arsia-protocol
+Project-URL: Changelog, https://github.com/arsialabs/arsia-protocol-sdk/blob/main/CHANGELOG.md
+Project-URL: Issues, https://github.com/arsialabs/arsia-protocol-sdk/issues
+Author-email: Kirk Patrick <kirk@arsialabs.ai>, Greici Savoldi <greici@arsialabs.ai>
+License-Expression: BUSL-1.1
+License-File: LICENSE
+License-File: NOTICE
+Keywords: agents,ai-agents,arsia,arsia-protocol,audit,autonomous-agents,compliance,dora,ed25519,eddsa,eu-ai-act,gdpr,jcs,mifid
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: Intended Audience :: Financial and Insurance Industry
+Classifier: Intended Audience :: Information Technology
+Classifier: Intended Audience :: Legal Industry
+Classifier: License :: Other/Proprietary License
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: Implementation :: CPython
+Classifier: Topic :: Security
+Classifier: Topic :: Security :: Cryptography
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Classifier: Topic :: System :: Distributed Computing
+Classifier: Typing :: Typed
+Requires-Python: >=3.12
+Requires-Dist: cryptography>=43.0
+Requires-Dist: jsonschema>=4.21.0
+Requires-Dist: pydantic>=2.6.0
+Requires-Dist: rfc8785>=0.1.4
+Provides-Extra: cli
+Requires-Dist: click>=8.0; extra == 'cli'
+Provides-Extra: dev
+Requires-Dist: build>=1.0; extra == 'dev'
+Requires-Dist: click>=8.0; extra == 'dev'
+Requires-Dist: httpx>=0.27.0; extra == 'dev'
+Requires-Dist: hypothesis>=6.100.0; extra == 'dev'
+Requires-Dist: mypy>=1.10.0; extra == 'dev'
+Requires-Dist: pytest-asyncio>=0.23.0; extra == 'dev'
+Requires-Dist: pytest-cov>=5.0.0; extra == 'dev'
+Requires-Dist: pytest>=8.0.0; extra == 'dev'
+Requires-Dist: pyyaml>=6.0; extra == 'dev'
+Requires-Dist: ruff>=0.5.0; extra == 'dev'
+Requires-Dist: types-jsonschema>=4.21.0; extra == 'dev'
+Provides-Extra: docs
+Requires-Dist: mkdocs-material>=9.5; extra == 'docs'
+Requires-Dist: mkdocs<2,>=1.6; extra == 'docs'
+Requires-Dist: mkdocstrings[python]>=0.27; extra == 'docs'
+Description-Content-Type: text/markdown
+
+# arsia-protocol — Python SDK
+
+Reference Python implementation of the
+[ARSIA Protocol](https://arsiaprotocol.org): the compliance-enforced
+communication layer for autonomous AI agents. The SDK builds, signs,
+verifies, and validates ARSIA message envelopes. It is
+**transport-agnostic** — you choose HTTP, WebSocket, gRPC, MCP, A2A,
+stdio, or anything else.
+
+- **License:** BSL 1.1
+- **Python:** ≥ 3.12
+- **Status:** `1.0.0`
+- **Specification:** <https://github.com/arsialabs/arsia-protocol>
+
+## Install
+
+```bash
+pip install arsia-protocol                # core SDK
+pip install "arsia-protocol[cli]"         # plus the `arsia` CLI
+pip install "arsia-protocol[dev]"         # development (tests, mypy, ruff)
+```
+
+## Quickstart
+
+```python
+from arsia_protocol import (
+    create_request, generate_ed25519_keypair, sign_message, verify_message,
+)
+
+# 1. Generate an Ed25519 keypair (developer convenience — use an HSM / KMS
+#    in production).
+priv, pub = generate_ed25519_keypair()
+kid = "agent:acme.bot#k1"
+
+# 2. Build a signed request envelope.
+envelope = create_request(
+    from_agent="agent:acme.bot",
+    to_agent="agent:other.svc",
+    payload_type="com.arsiaprotocol.echo",
+    capabilities=["com.arsiaprotocol.echo"],
+    args={"msg": "hello"},
+)
+signed = sign_message(envelope, priv, kid)
+
+# 3. On the recipient side — verify the signature.
+assert verify_message(signed, pub) is True
+```
+
+### Validate against schema + semantics
+
+```python
+from arsia_protocol import validate_schema, validate_semantic
+
+l1_errors = validate_schema(signed)       # L1: JSON Schema (Draft 2020-12)
+l2_errors = validate_semantic(signed)     # L2: timestamps, kid match, etc.
+assert l1_errors == [] and l2_errors == []
+```
+
+### Apply a compliance profile
+
+```python
+from arsia_protocol import apply_profile
+
+# The envelope must declare compliance.profile — apply_profile reads it
+# from there and inherits the profile's defaults (retention, jurisdiction, …).
+envelope["compliance"] = {"profile": "GDPR-STANDARD"}
+enriched = apply_profile(envelope)         # strict=False by default
+```
+
+## Documentation
+
+| Resource | Description |
+|----------|-------------|
+| [Learning Path](docs/learning-path.md) | Step-by-step guide from install to production |
+| [Concepts](docs/concepts.md) | Mental model: envelopes, lifecycle, naming, profiles |
+| [Cookbook](docs/cookbook.md) | 22 copy-pasteable recipes for common tasks |
+| [Examples](examples/) | 14 runnable scripts (10 basic + 4 regulated use cases) |
+| [API Reference](docs/api/) | Full API documentation (run `mkdocs serve`) |
+
+## Key Concepts
+
+### verify vs. validate
+
+| Function | What it checks | Question it answers |
+|----------|---------------|---------------------|
+| `verify_message(envelope, pub_key)` | Ed25519/ES256 signature | "Was this signed by the claimed sender?" |
+| `validate_schema(envelope)` | JSON Schema (Draft 2020-12) | "Does this match the ARSIA envelope structure?" |
+| `validate_semantic(envelope)` | Cross-field rules (timestamps, kid prefix, capabilities) | "Is this envelope internally consistent?" |
+| `validate_envelope(envelope)` | Both schema + semantic (convenience) | "Is this well-formed and consistent?" |
+
+A typical receiver calls both: `verify_message()` to trust the sender, then
+`validate_envelope()` to trust the content.
+
+### build_* vs. create_* naming
+
+- **`create_*`** (7 functions) — envelope-level factories that produce a
+  complete, signable ARSIA envelope: `create_request`, `create_response`,
+  `create_error`, `create_event`, `create_pending_approval`,
+  `create_approval_decision`, `create_rollback_request`.
+
+- **`build_*`** (49 functions) — sub-component builders that produce parts of
+  envelopes: audit records, error details, JWKs, state operation arguments,
+  discovery documents, etc.
+
+Rule of thumb: if it returns a complete envelope ready to sign, it's `create_*`.
+If it returns a component or record, it's `build_*`.
+
+## `arsia` command-line tool
+
+Installed with the `cli` extra.
+
+```bash
+arsia --version
+arsia keygen --kid agent:acme.bot#k1        # generate Ed25519 key material
+arsia verify envelope.json --jwk sender.jwk # verify a signed envelope
+arsia canonicalize doc.json                 # emit RFC 8785 canonical bytes
+arsia inspect envelope.json                 # pretty-print with diagnostics
+arsia schemas                               # list bundled JSON Schemas
+arsia vectors                               # list bundled test vectors
+arsia profiles GDPR-STANDARD                # print a compliance profile
+```
+
+The CLI is a thin operator-ergonomics wrapper around the public SDK API.
+It is not a configuration surface for production agents — import the
+SDK directly.
+
+## Module map
+
+| Module | Layer | Purpose |
+|--------|-------|---------|
+| `hazmat.canonicalization` | 0 | RFC 8785 JCS (use `rfc8785`; never `json.dumps(sort_keys=True)`) |
+| `hazmat.primitives.ed25519` | 0 | Raw Ed25519 sign / verify / JWK helpers |
+| `version`, `identity` | 0 | Semver parsing, `agent:org.name` validation |
+| `types` | 1 | Pydantic v2 envelope / payload / audit models |
+| `message` | 2 | Envelope factories (`create_request`, …), `sign_message`, `verify_message` |
+| `errors` | 2 | Error-code registry, retry policy, error-envelope builders |
+| `compliance` | 2 | Profile loading (GDPR, EU AI Act, MiFID II, DORA, …), retention floor |
+| `validation` | 3 | L1 schema + L2 semantic validation |
+| `actions` | 4 | Capability model, reserved prefixes, oversight, explainability |
+| `state` | 4 | State operations, scope taxonomy, GDPR retention |
+| `assets` | 4 | Transfer lifecycle, escrow, MiFID II, DORA, PSD2 SCA |
+| `routing` | 4 | Topology determination, broker discovery, retry / lifecycle |
+| `discovery` | 4 | Discovery document + JWKS builders |
+| `authorization` | 4 | JWT + DPoP, scope coverage, JWK thumbprint |
+| `certificates` | 4 | X.509 trust levels L1 / L2 / L3 |
+| `onboarding` | 4 | External agent onboarding flow |
+| `audit` | 5 | Audit record builders, payload hash, immutability |
+| `idempotency` | 5 | Store protocol, duplicate detection, scope helpers |
+| `__main__` | 6 | `arsia` CLI (optional dep) |
+
+Primitive modules never import transport libraries (`httpx`, `fastapi`,
+`websockets`). Boundary rules are enforced by
+`tests/unit/test_module_boundaries.py`.
+
+## What the SDK does NOT do
+
+- Transport (HTTP, WebSocket, MCP, A2A) — that's
+  `arsiactl`, not the SDK.
+- Agent execution, planning, tool use — that's the agent framework.
+- Audit trail storage — that's the server (`arsiactl`). The SDK
+  builds audit records; it does not persist them.
+- OAuth2 issuance — the SDK validates tokens, does not issue them.
+- Payload interpretation — the SDK signs and verifies envelopes; it
+  never inspects payload content beyond routing-relevant fields.
+
+## Development
+
+```bash
+cd python
+pip install -e ".[dev]"
+pytest tests/ -v
+mypy src/arsia_protocol/
+ruff check src/
+ruff format src/
+python -m build
+```
+
+Cross-language conformance lives at
+`../conformance/runners/python/` and is installed separately:
+
+```bash
+cd ../conformance/runners/python
+pip install -e .
+python -m arsia_conformance
+```
+
+## Links
+
+- **Specification:** <https://github.com/arsialabs/arsia-protocol>
+- **SDKs repo:** <https://github.com/arsialabs/arsia-protocol-sdk>
+- **Website:** <https://arsiaprotocol.org>
+- **Issues:** <https://github.com/arsialabs/arsia-protocol-sdk/issues>
+- **Changelog:** [`CHANGELOG.md`](../CHANGELOG.md)
+
+---
+
+ARSIA Protocol ([arsiaprotocol.org](https://arsiaprotocol.org)) ·
+by [Arsia Labs](https://arsialabs.ai) · BSL 1.1

arsia_protocol-1.0.0/README.md

@@ -0,0 +1,198 @@
+# arsia-protocol — Python SDK
+
+Reference Python implementation of the
+[ARSIA Protocol](https://arsiaprotocol.org): the compliance-enforced
+communication layer for autonomous AI agents. The SDK builds, signs,
+verifies, and validates ARSIA message envelopes. It is
+**transport-agnostic** — you choose HTTP, WebSocket, gRPC, MCP, A2A,
+stdio, or anything else.
+
+- **License:** BSL 1.1
+- **Python:** ≥ 3.12
+- **Status:** `1.0.0`
+- **Specification:** <https://github.com/arsialabs/arsia-protocol>
+
+## Install
+
+```bash
+pip install arsia-protocol                # core SDK
+pip install "arsia-protocol[cli]"         # plus the `arsia` CLI
+pip install "arsia-protocol[dev]"         # development (tests, mypy, ruff)
+```
+
+## Quickstart
+
+```python
+from arsia_protocol import (
+    create_request, generate_ed25519_keypair, sign_message, verify_message,
+)
+
+# 1. Generate an Ed25519 keypair (developer convenience — use an HSM / KMS
+#    in production).
+priv, pub = generate_ed25519_keypair()
+kid = "agent:acme.bot#k1"
+
+# 2. Build a signed request envelope.
+envelope = create_request(
+    from_agent="agent:acme.bot",
+    to_agent="agent:other.svc",
+    payload_type="com.arsiaprotocol.echo",
+    capabilities=["com.arsiaprotocol.echo"],
+    args={"msg": "hello"},
+)
+signed = sign_message(envelope, priv, kid)
+
+# 3. On the recipient side — verify the signature.
+assert verify_message(signed, pub) is True
+```
+
+### Validate against schema + semantics
+
+```python
+from arsia_protocol import validate_schema, validate_semantic
+
+l1_errors = validate_schema(signed)       # L1: JSON Schema (Draft 2020-12)
+l2_errors = validate_semantic(signed)     # L2: timestamps, kid match, etc.
+assert l1_errors == [] and l2_errors == []
+```
+
+### Apply a compliance profile
+
+```python
+from arsia_protocol import apply_profile
+
+# The envelope must declare compliance.profile — apply_profile reads it
+# from there and inherits the profile's defaults (retention, jurisdiction, …).
+envelope["compliance"] = {"profile": "GDPR-STANDARD"}
+enriched = apply_profile(envelope)         # strict=False by default
+```
+
+## Documentation
+
+| Resource | Description |
+|----------|-------------|
+| [Learning Path](docs/learning-path.md) | Step-by-step guide from install to production |
+| [Concepts](docs/concepts.md) | Mental model: envelopes, lifecycle, naming, profiles |
+| [Cookbook](docs/cookbook.md) | 22 copy-pasteable recipes for common tasks |
+| [Examples](examples/) | 14 runnable scripts (10 basic + 4 regulated use cases) |
+| [API Reference](docs/api/) | Full API documentation (run `mkdocs serve`) |
+
+## Key Concepts
+
+### verify vs. validate
+
+| Function | What it checks | Question it answers |
+|----------|---------------|---------------------|
+| `verify_message(envelope, pub_key)` | Ed25519/ES256 signature | "Was this signed by the claimed sender?" |
+| `validate_schema(envelope)` | JSON Schema (Draft 2020-12) | "Does this match the ARSIA envelope structure?" |
+| `validate_semantic(envelope)` | Cross-field rules (timestamps, kid prefix, capabilities) | "Is this envelope internally consistent?" |
+| `validate_envelope(envelope)` | Both schema + semantic (convenience) | "Is this well-formed and consistent?" |
+
+A typical receiver calls both: `verify_message()` to trust the sender, then
+`validate_envelope()` to trust the content.
+
+### build_* vs. create_* naming
+
+- **`create_*`** (7 functions) — envelope-level factories that produce a
+  complete, signable ARSIA envelope: `create_request`, `create_response`,
+  `create_error`, `create_event`, `create_pending_approval`,
+  `create_approval_decision`, `create_rollback_request`.
+
+- **`build_*`** (49 functions) — sub-component builders that produce parts of
+  envelopes: audit records, error details, JWKs, state operation arguments,
+  discovery documents, etc.
+
+Rule of thumb: if it returns a complete envelope ready to sign, it's `create_*`.
+If it returns a component or record, it's `build_*`.
+
+## `arsia` command-line tool
+
+Installed with the `cli` extra.
+
+```bash
+arsia --version
+arsia keygen --kid agent:acme.bot#k1        # generate Ed25519 key material
+arsia verify envelope.json --jwk sender.jwk # verify a signed envelope
+arsia canonicalize doc.json                 # emit RFC 8785 canonical bytes
+arsia inspect envelope.json                 # pretty-print with diagnostics
+arsia schemas                               # list bundled JSON Schemas
+arsia vectors                               # list bundled test vectors
+arsia profiles GDPR-STANDARD                # print a compliance profile
+```
+
+The CLI is a thin operator-ergonomics wrapper around the public SDK API.
+It is not a configuration surface for production agents — import the
+SDK directly.
+
+## Module map
+
+| Module | Layer | Purpose |
+|--------|-------|---------|
+| `hazmat.canonicalization` | 0 | RFC 8785 JCS (use `rfc8785`; never `json.dumps(sort_keys=True)`) |
+| `hazmat.primitives.ed25519` | 0 | Raw Ed25519 sign / verify / JWK helpers |
+| `version`, `identity` | 0 | Semver parsing, `agent:org.name` validation |
+| `types` | 1 | Pydantic v2 envelope / payload / audit models |
+| `message` | 2 | Envelope factories (`create_request`, …), `sign_message`, `verify_message` |
+| `errors` | 2 | Error-code registry, retry policy, error-envelope builders |
+| `compliance` | 2 | Profile loading (GDPR, EU AI Act, MiFID II, DORA, …), retention floor |
+| `validation` | 3 | L1 schema + L2 semantic validation |
+| `actions` | 4 | Capability model, reserved prefixes, oversight, explainability |
+| `state` | 4 | State operations, scope taxonomy, GDPR retention |
+| `assets` | 4 | Transfer lifecycle, escrow, MiFID II, DORA, PSD2 SCA |
+| `routing` | 4 | Topology determination, broker discovery, retry / lifecycle |
+| `discovery` | 4 | Discovery document + JWKS builders |
+| `authorization` | 4 | JWT + DPoP, scope coverage, JWK thumbprint |
+| `certificates` | 4 | X.509 trust levels L1 / L2 / L3 |
+| `onboarding` | 4 | External agent onboarding flow |
+| `audit` | 5 | Audit record builders, payload hash, immutability |
+| `idempotency` | 5 | Store protocol, duplicate detection, scope helpers |
+| `__main__` | 6 | `arsia` CLI (optional dep) |
+
+Primitive modules never import transport libraries (`httpx`, `fastapi`,
+`websockets`). Boundary rules are enforced by
+`tests/unit/test_module_boundaries.py`.
+
+## What the SDK does NOT do
+
+- Transport (HTTP, WebSocket, MCP, A2A) — that's
+  `arsiactl`, not the SDK.
+- Agent execution, planning, tool use — that's the agent framework.
+- Audit trail storage — that's the server (`arsiactl`). The SDK
+  builds audit records; it does not persist them.
+- OAuth2 issuance — the SDK validates tokens, does not issue them.
+- Payload interpretation — the SDK signs and verifies envelopes; it
+  never inspects payload content beyond routing-relevant fields.
+
+## Development
+
+```bash
+cd python
+pip install -e ".[dev]"
+pytest tests/ -v
+mypy src/arsia_protocol/
+ruff check src/
+ruff format src/
+python -m build
+```
+
+Cross-language conformance lives at
+`../conformance/runners/python/` and is installed separately:
+
+```bash
+cd ../conformance/runners/python
+pip install -e .
+python -m arsia_conformance
+```
+
+## Links
+
+- **Specification:** <https://github.com/arsialabs/arsia-protocol>
+- **SDKs repo:** <https://github.com/arsialabs/arsia-protocol-sdk>
+- **Website:** <https://arsiaprotocol.org>
+- **Issues:** <https://github.com/arsialabs/arsia-protocol-sdk/issues>
+- **Changelog:** [`CHANGELOG.md`](../CHANGELOG.md)
+
+---
+
+ARSIA Protocol ([arsiaprotocol.org](https://arsiaprotocol.org)) ·
+by [Arsia Labs](https://arsialabs.ai) · BSL 1.1

arsia_protocol-1.0.0/hatch_build.py

@@ -0,0 +1,64 @@
+"""Hatch build hook — stage shared/ artifacts into src/arsia_protocol/_data/.
+
+The SDK's schemas, test vectors, and compliance profiles live in
+``/shared/`` at the monorepo root so that the Python and TypeScript
+packages share a single source of truth (see CONTRIBUTING.md "Data artifacts").
+Hatchling's ``force-include`` used to pull them into the wheel, but
+that only works when building the wheel directly from source —
+``python -m build`` chains sdist→wheel, and the extracted sdist has
+no ``../shared/`` to reach.
+
+This hook resolves the artifacts at build start and stages them
+inside the Python package tree:
+
+* **Source build** (``python -m build --sdist`` or ``--wheel`` run
+  from the monorepo): ``../shared/`` exists; copy into ``_data/``.
+  The staged copy is included in both targets.
+* **Sdist-extracted build** (second stage of ``python -m build``):
+  ``../shared/`` is absent because the sdist root is what used to be
+  the ``python/`` directory. The sdist already carries ``_data/``
+  from the first-stage copy, so the hook is a no-op.
+
+``_data/`` is git-ignored and recreated on every build — never
+commit it.
+"""
+
+from __future__ import annotations
+
+import shutil
+from pathlib import Path
+
+from hatchling.builders.hooks.plugin.interface import BuildHookInterface
+
+_SUBDIRS = ("schemas", "test-vectors", "profiles")
+
+
+class StageSharedHook(BuildHookInterface):
+    PLUGIN_NAME = "stage-shared"
+
+    def initialize(self, version: str, build_data: dict) -> None:
+        root = Path(self.root)
+        data_dir = root / "src" / "arsia_protocol" / "_data"
+        shared_dir = root.parent / "shared"
+
+        if shared_dir.is_dir():
+            if data_dir.exists():
+                shutil.rmtree(data_dir)
+            data_dir.mkdir(parents=True, exist_ok=True)
+            for sub in _SUBDIRS:
+                src = shared_dir / sub
+                if not src.is_dir():
+                    raise FileNotFoundError(
+                        f"Expected shared artifacts at {src}; "
+                        f"monorepo layout may have changed."
+                    )
+                shutil.copytree(src, data_dir / sub)
+            return
+
+        missing = [sub for sub in _SUBDIRS if not (data_dir / sub).is_dir()]
+        if missing:
+            raise FileNotFoundError(
+                f"Cannot build: neither ../shared/ nor src/arsia_protocol/_data/ "
+                f"contains the required artifacts ({missing}). Run from a source "
+                f"checkout or use a complete sdist."
+            )