sm-arp 0.1.4__tar.gz

sm_arp-0.1.4/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 stellarminds.ai
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

sm_arp-0.1.4/PKG-INFO

@@ -0,0 +1,136 @@
+Metadata-Version: 2.4
+Name: sm-arp
+Version: 0.1.4
+Summary: Agency Receipt Protocol — receipt envelope spec + language-agnostic conformance harness. Points at sm-conformance for the signed badge.
+Author: stellarminds.ai
+License: MIT License
+        
+        Copyright (c) 2026 stellarminds.ai
+        
+        Permission is hereby granted, free of charge, to any person obtaining a copy
+        of this software and associated documentation files (the "Software"), to deal
+        in the Software without restriction, including without limitation the rights
+        to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+        copies of the Software, and to permit persons to whom the Software is
+        furnished to do so, subject to the following conditions:
+        
+        The above copyright notice and this permission notice shall be included in all
+        copies or substantial portions of the Software.
+        
+        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+        SOFTWARE.
+        
+Project-URL: Homepage, https://labs.stellarminds.ai/arp
+Project-URL: Repository, https://github.com/Sharathvc23/sm-arp
+Keywords: arp,agency-receipt,accountability,ed25519,did-key,agents,receipts
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Security :: Cryptography
+Requires-Python: >=3.11
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: cryptography>=42
+Requires-Dist: base58>=2.1
+Requires-Dist: jcs>=0.2
+Provides-Extra: conformance
+Requires-Dist: jsonschema>=4.21; extra == "conformance"
+Requires-Dist: referencing>=0.30; extra == "conformance"
+Requires-Dist: sm-conformance>=0.3.1; extra == "conformance"
+Provides-Extra: cli
+Requires-Dist: typer>=0.12; extra == "cli"
+Provides-Extra: dev
+Requires-Dist: pytest>=8.0; extra == "dev"
+Requires-Dist: ruff>=0.6; extra == "dev"
+Dynamic: license-file
+
+# sm-arp — Agency Receipt Protocol
+
+The portable, cryptographically signed receipt format AI agents emit when
+they act on behalf of humans. Runtime-agnostic, vendor-neutral, MIT-licensed.
+
+ARP sits above MCP (tool integration) and A2A (agent-to-agent transport)
+— the **human ↔ agent accountability layer** those standards deliberately
+do not address.
+
+## Status
+
+- **[WHITEPAPER.md](./WHITEPAPER.md)** — motivation, design choices, and how ARP fits the portfolio.
+- **[spec/arp/0.1/spec.md](./spec/arp/0.1/spec.md)** — the canonical normative document (RFC-style).
+
+## Use it as a library
+
+ARP ships one canonical Python implementation, `sm_arp`, so every runtime
+imports the *same* build/sign/verify/store code instead of vendoring its own — the
+receipt envelope cannot drift between them. The library needs nothing but
+`cryptography`, `base58`, and `jcs`.
+
+```python
+from sm_arp import Identity, build_action, issue_receipt, verify_receipt, IssuerLog
+
+me = Identity.generate()
+r = issue_receipt(me, principal_did=me.did,
+                  action=build_action(category="data_shared", human_summary="shared my calendar"))
+assert verify_receipt(r).ok                 # structure → signature → authority → hash chain
+IssuerLog("log.sqlite").append(r)           # SQLite Issuer/Agency Log, hash-chained per issuer
+```
+
+`sm_arp`'s verifier is tested against the canonical 22-vector corpus and asserted
+byte-for-byte equal to the conformance harness's verdict on every vector — so the
+library and the spec cannot disagree. [`sm-chapter`](https://github.com/Sharathvc23/sm-chapter)
+(Issuer Log) and [`sm-member-sdk`](https://github.com/Sharathvc23/sm-member-sdk)
+(Agency Log) both consume it.
+
+## Layout
+
+- `sm_arp/` — the consumable library: `identity` (Ed25519 + did:key), `receipts` (build/sign/verify/canonical/chain), `store` (SQLite Issuer/Agency Log).
+- `arp_cli/` — the `arp` command-line tool (`pip install 'sm-arp[cli]'`).
+- `WHITEPAPER.md` — design rationale and portfolio positioning.
+- `spec/arp/0.1/spec.md` — the canonical normative receipt spec (RFC-style).
+- `spec/arp/0.1/conformance.md` — ARP conformance criteria; points at `sm-conformance` for the badge.
+- `spec/arp/0.1/governance.md` — stewardship and the path to public publication.
+- `spec/arp/0.1/dat-companion.md` — the Delegated Authority Token sketch the authority chain references.
+- `schema/arp/0.1/` — JSON Schemas (Draft 2020-12) for the receipt envelope.
+- `vectors/arp/0.1/` — 22 language-agnostic receipt vectors.
+- `conformance/arp/` — framework-agnostic Python conformance harness for receipts.
+
+## The conformance badge lives in sm-conformance
+
+ARP owns *what a conformant runtime must do* (this repo) and the receipt vectors
+it is tested against. It does **not** own the signed-badge mechanism — that is a
+generic, protocol-neutral substrate that lives in its own primitive,
+[`sm-conformance`](https://github.com/Sharathvc23/sm-conformance). ARP is its
+first consumer.
+
+## How to claim ARP compliance
+
+1. Implement the spec in your runtime.
+2. Run `pytest conformance/` against the bundled vectors. Every positive vector
+   MUST pass; every negative vector MUST be rejected at the documented stage.
+3. Produce a signed conformance badge with
+   [`sm-conformance`](https://github.com/Sharathvc23/sm-conformance) and ship it
+   at your runtime's `.nanda/conformance.json` — and, if you serve it over HTTP,
+   at the canonical `/.well-known/conformance.json` (see sm-conformance SPEC §3.2).
+4. Submit your runtime to the conformance registry at
+   `labs.stellarminds.ai/conformance` for independent re-verification — lab
+   re-run, counter-signature, or attested CI (a self-signed badge alone is not
+   sufficient).
+
+## Implementing ARP
+
+ARP is runtime-agnostic — any agent stack can emit conformant receipts. Implement
+the spec, pass `conformance/`, and ship a signed
+[`sm-conformance`](https://github.com/Sharathvc23/sm-conformance) badge. The
+receipt format depends on nothing but Ed25519, JCS, and the W3C `did:key` method.
+
+## License
+
+MIT — see [LICENSE](./LICENSE).

sm_arp-0.1.4/README.md

@@ -0,0 +1,82 @@
+# sm-arp — Agency Receipt Protocol
+
+The portable, cryptographically signed receipt format AI agents emit when
+they act on behalf of humans. Runtime-agnostic, vendor-neutral, MIT-licensed.
+
+ARP sits above MCP (tool integration) and A2A (agent-to-agent transport)
+— the **human ↔ agent accountability layer** those standards deliberately
+do not address.
+
+## Status
+
+- **[WHITEPAPER.md](./WHITEPAPER.md)** — motivation, design choices, and how ARP fits the portfolio.
+- **[spec/arp/0.1/spec.md](./spec/arp/0.1/spec.md)** — the canonical normative document (RFC-style).
+
+## Use it as a library
+
+ARP ships one canonical Python implementation, `sm_arp`, so every runtime
+imports the *same* build/sign/verify/store code instead of vendoring its own — the
+receipt envelope cannot drift between them. The library needs nothing but
+`cryptography`, `base58`, and `jcs`.
+
+```python
+from sm_arp import Identity, build_action, issue_receipt, verify_receipt, IssuerLog
+
+me = Identity.generate()
+r = issue_receipt(me, principal_did=me.did,
+                  action=build_action(category="data_shared", human_summary="shared my calendar"))
+assert verify_receipt(r).ok                 # structure → signature → authority → hash chain
+IssuerLog("log.sqlite").append(r)           # SQLite Issuer/Agency Log, hash-chained per issuer
+```
+
+`sm_arp`'s verifier is tested against the canonical 22-vector corpus and asserted
+byte-for-byte equal to the conformance harness's verdict on every vector — so the
+library and the spec cannot disagree. [`sm-chapter`](https://github.com/Sharathvc23/sm-chapter)
+(Issuer Log) and [`sm-member-sdk`](https://github.com/Sharathvc23/sm-member-sdk)
+(Agency Log) both consume it.
+
+## Layout
+
+- `sm_arp/` — the consumable library: `identity` (Ed25519 + did:key), `receipts` (build/sign/verify/canonical/chain), `store` (SQLite Issuer/Agency Log).
+- `arp_cli/` — the `arp` command-line tool (`pip install 'sm-arp[cli]'`).
+- `WHITEPAPER.md` — design rationale and portfolio positioning.
+- `spec/arp/0.1/spec.md` — the canonical normative receipt spec (RFC-style).
+- `spec/arp/0.1/conformance.md` — ARP conformance criteria; points at `sm-conformance` for the badge.
+- `spec/arp/0.1/governance.md` — stewardship and the path to public publication.
+- `spec/arp/0.1/dat-companion.md` — the Delegated Authority Token sketch the authority chain references.
+- `schema/arp/0.1/` — JSON Schemas (Draft 2020-12) for the receipt envelope.
+- `vectors/arp/0.1/` — 22 language-agnostic receipt vectors.
+- `conformance/arp/` — framework-agnostic Python conformance harness for receipts.
+
+## The conformance badge lives in sm-conformance
+
+ARP owns *what a conformant runtime must do* (this repo) and the receipt vectors
+it is tested against. It does **not** own the signed-badge mechanism — that is a
+generic, protocol-neutral substrate that lives in its own primitive,
+[`sm-conformance`](https://github.com/Sharathvc23/sm-conformance). ARP is its
+first consumer.
+
+## How to claim ARP compliance
+
+1. Implement the spec in your runtime.
+2. Run `pytest conformance/` against the bundled vectors. Every positive vector
+   MUST pass; every negative vector MUST be rejected at the documented stage.
+3. Produce a signed conformance badge with
+   [`sm-conformance`](https://github.com/Sharathvc23/sm-conformance) and ship it
+   at your runtime's `.nanda/conformance.json` — and, if you serve it over HTTP,
+   at the canonical `/.well-known/conformance.json` (see sm-conformance SPEC §3.2).
+4. Submit your runtime to the conformance registry at
+   `labs.stellarminds.ai/conformance` for independent re-verification — lab
+   re-run, counter-signature, or attested CI (a self-signed badge alone is not
+   sufficient).
+
+## Implementing ARP
+
+ARP is runtime-agnostic — any agent stack can emit conformant receipts. Implement
+the spec, pass `conformance/`, and ship a signed
+[`sm-conformance`](https://github.com/Sharathvc23/sm-conformance) badge. The
+receipt format depends on nothing but Ed25519, JCS, and the W3C `did:key` method.
+
+## License
+
+MIT — see [LICENSE](./LICENSE).

sm_arp-0.1.4/arp_cli/__init__.py

@@ -0,0 +1,18 @@
+"""arp — ARP v0.1 command-line tool.
+
+Usage::
+
+    arp verify <file>            # verify a receipt or trace (array)
+    arp inspect <file>           # human-readable rendering
+    arp walk-authority <file>    # walk action.granted_by_receipt_id back to root
+    arp walk-chain <file>        # walk previous_receipt_hash back over time
+    arp vectors list             # list the in-repo golden vectors
+    arp vectors run <id>         # verify + explain one golden vector
+    arp demo                     # the canonical 5-step tour for new audiences
+
+Read-side only in this release. Issue/grant/revoke/keygen ship later.
+"""
+
+from arp_cli.cli import app, main
+
+__all__ = ["app", "main"]