vouch-protocol 1.6.1__tar.gz → 2.0.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {vouch_protocol-1.6.1/vouch_protocol.egg-info → vouch_protocol-2.0.0}/PKG-INFO +56 -29
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/README.md +53 -28
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/pyproject.toml +6 -1
- vouch_protocol-2.0.0/tests/test_accountability.py +371 -0
- vouch_protocol-2.0.0/tests/test_audit_trail.py +158 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_auditor.py +44 -34
- vouch_protocol-2.0.0/tests/test_autosign.py +452 -0
- vouch_protocol-2.0.0/tests/test_budget.py +102 -0
- vouch_protocol-2.0.0/tests/test_cli_init.py +63 -0
- vouch_protocol-2.0.0/tests/test_conformance.py +35 -0
- vouch_protocol-2.0.0/tests/test_credential_gate.py +126 -0
- vouch_protocol-2.0.0/tests/test_dx_sugar.py +481 -0
- vouch_protocol-2.0.0/tests/test_fastapi_credential_gate.py +106 -0
- vouch_protocol-2.0.0/tests/test_fleet.py +261 -0
- vouch_protocol-2.0.0/tests/test_grade.py +66 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_hasura_integration.py +42 -58
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_hybrid.py +13 -13
- vouch_protocol-2.0.0/tests/test_liveness_conformance.py +234 -0
- vouch_protocol-2.0.0/tests/test_proof_of_integration.py +161 -0
- vouch_protocol-2.0.0/tests/test_receipts.py +122 -0
- vouch_protocol-2.0.0/tests/test_recovery.py +113 -0
- vouch_protocol-2.0.0/tests/test_reputation_aggregate.py +99 -0
- vouch_protocol-2.0.0/tests/test_reputation_disputes.py +93 -0
- vouch_protocol-2.0.0/tests/test_reputation_ledger.py +105 -0
- vouch_protocol-2.0.0/tests/test_reputation_policy.py +81 -0
- vouch_protocol-2.0.0/tests/test_reputation_portability.py +106 -0
- vouch_protocol-2.0.0/tests/test_robot_conformance.py +169 -0
- vouch_protocol-2.0.0/tests/test_robot_custody.py +159 -0
- vouch_protocol-2.0.0/tests/test_robot_embodiment.py +197 -0
- vouch_protocol-2.0.0/tests/test_robot_handshake_blackbox_passport.py +186 -0
- vouch_protocol-2.0.0/tests/test_robot_identity.py +78 -0
- vouch_protocol-2.0.0/tests/test_robot_lease_quorum.py +231 -0
- vouch_protocol-2.0.0/tests/test_robot_lifecycle.py +160 -0
- vouch_protocol-2.0.0/tests/test_robot_liveness_revocation.py +356 -0
- vouch_protocol-2.0.0/tests/test_robot_perception.py +158 -0
- vouch_protocol-2.0.0/tests/test_robot_pq.py +112 -0
- vouch_protocol-2.0.0/tests/test_robot_provenance_capability.py +159 -0
- vouch_protocol-2.0.0/tests/test_robot_safety_record.py +161 -0
- vouch_protocol-2.0.0/tests/test_secure_key_custody.py +187 -0
- vouch_protocol-2.0.0/tests/test_security_hardening.py +65 -0
- vouch_protocol-2.0.0/tests/test_shield_guard.py +107 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_signer_vc.py +35 -47
- vouch_protocol-2.0.0/tests/test_threshold.py +168 -0
- vouch_protocol-2.0.0/tests/test_tool_registry.py +105 -0
- vouch_protocol-2.0.0/tests/test_transport.py +247 -0
- vouch_protocol-2.0.0/tests/test_transport_http_rendezvous.py +219 -0
- vouch_protocol-2.0.0/tests/test_transport_rendezvous.py +157 -0
- vouch_protocol-2.0.0/tests/test_transport_udna_sdk.py +139 -0
- vouch_protocol-2.0.0/tests/test_trifecta.py +80 -0
- vouch_protocol-2.0.0/tests/test_trust_check.py +114 -0
- vouch_protocol-2.0.0/tests/test_validator_server.py +126 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_verifier_vc.py +54 -61
- vouch_protocol-2.0.0/vouch/__init__.py +529 -0
- vouch_protocol-2.0.0/vouch/accountability.py +592 -0
- vouch_protocol-2.0.0/vouch/agent.py +358 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/async_verifier.py +5 -177
- vouch_protocol-2.0.0/vouch/audit_trail.py +310 -0
- vouch_protocol-2.0.0/vouch/auditor.py +121 -0
- vouch_protocol-2.0.0/vouch/autosign.py +479 -0
- vouch_protocol-2.0.0/vouch/budget.py +211 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/cli.py +212 -31
- vouch_protocol-2.0.0/vouch/conformance.py +502 -0
- vouch_protocol-2.0.0/vouch/credential.py +181 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/data_integrity.py +21 -6
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/did_web.py +8 -2
- vouch_protocol-2.0.0/vouch/fleet.py +291 -0
- vouch_protocol-2.0.0/vouch/gate.py +119 -0
- vouch_protocol-2.0.0/vouch/grade.py +221 -0
- vouch_protocol-2.0.0/vouch/integrations/_common.py +61 -0
- vouch_protocol-2.0.0/vouch/integrations/autogen/__init__.py +50 -0
- vouch_protocol-2.0.0/vouch/integrations/autogpt/__init__.py +17 -0
- vouch_protocol-2.0.0/vouch/integrations/autogpt/commands.py +42 -0
- vouch_protocol-2.0.0/vouch/integrations/crewai/__init__.py +17 -0
- vouch_protocol-2.0.0/vouch/integrations/crewai/tool.py +90 -0
- vouch_protocol-2.0.0/vouch/integrations/fastapi.py +75 -0
- vouch_protocol-2.0.0/vouch/integrations/google.py +24 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/integrations/hasura/webhook.py +60 -26
- vouch_protocol-2.0.0/vouch/integrations/langchain/__init__.py +17 -0
- vouch_protocol-2.0.0/vouch/integrations/langchain/tool.py +95 -0
- vouch_protocol-2.0.0/vouch/integrations/mcp/__init__.py +5 -0
- vouch_protocol-2.0.0/vouch/integrations/mcp/server.py +267 -0
- vouch_protocol-2.0.0/vouch/integrations/vertex_ai/__init__.py +22 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/keys.py +34 -10
- vouch_protocol-2.0.0/vouch/keystore.py +217 -0
- vouch_protocol-2.0.0/vouch/liveness_conformance.py +409 -0
- vouch_protocol-2.0.0/vouch/mcp_guard.py +265 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/onboard.py +22 -4
- vouch_protocol-2.0.0/vouch/proof_of_integration.py +337 -0
- vouch_protocol-2.0.0/vouch/receipts.py +277 -0
- vouch_protocol-2.0.0/vouch/recovery.py +218 -0
- vouch_protocol-2.0.0/vouch/reputation_aggregate.py +161 -0
- vouch_protocol-2.0.0/vouch/reputation_disputes.py +150 -0
- vouch_protocol-2.0.0/vouch/reputation_ledger.py +209 -0
- vouch_protocol-2.0.0/vouch/reputation_policy.py +147 -0
- vouch_protocol-2.0.0/vouch/reputation_portability.py +178 -0
- vouch_protocol-2.0.0/vouch/robotics/__init__.py +253 -0
- vouch_protocol-2.0.0/vouch/robotics/_signing.py +29 -0
- vouch_protocol-2.0.0/vouch/robotics/blackbox.py +228 -0
- vouch_protocol-2.0.0/vouch/robotics/capability.py +170 -0
- vouch_protocol-2.0.0/vouch/robotics/conformance.py +405 -0
- vouch_protocol-2.0.0/vouch/robotics/custody.py +231 -0
- vouch_protocol-2.0.0/vouch/robotics/embodiment.py +221 -0
- vouch_protocol-2.0.0/vouch/robotics/handshake.py +215 -0
- vouch_protocol-2.0.0/vouch/robotics/identity.py +258 -0
- vouch_protocol-2.0.0/vouch/robotics/lease.py +169 -0
- vouch_protocol-2.0.0/vouch/robotics/lifecycle.py +312 -0
- vouch_protocol-2.0.0/vouch/robotics/liveness.py +369 -0
- vouch_protocol-2.0.0/vouch/robotics/passport.py +174 -0
- vouch_protocol-2.0.0/vouch/robotics/perception.py +232 -0
- vouch_protocol-2.0.0/vouch/robotics/physical_quorum.py +159 -0
- vouch_protocol-2.0.0/vouch/robotics/pq.py +146 -0
- vouch_protocol-2.0.0/vouch/robotics/provenance.py +130 -0
- vouch_protocol-2.0.0/vouch/robotics/revocation.py +126 -0
- vouch_protocol-2.0.0/vouch/robotics/safety_record.py +259 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/shield/shield.py +87 -0
- vouch_protocol-2.0.0/vouch/signer.py +566 -0
- vouch_protocol-2.0.0/vouch/ssrf.py +85 -0
- vouch_protocol-2.0.0/vouch/threshold.py +361 -0
- vouch_protocol-2.0.0/vouch/tool_registry.py +149 -0
- vouch_protocol-2.0.0/vouch/transport/__init__.py +137 -0
- vouch_protocol-2.0.0/vouch/transport/base.py +146 -0
- vouch_protocol-2.0.0/vouch/transport/did_key.py +77 -0
- vouch_protocol-2.0.0/vouch/transport/envelope.py +194 -0
- vouch_protocol-2.0.0/vouch/transport/http_rendezvous.py +332 -0
- vouch_protocol-2.0.0/vouch/transport/http_transport.py +160 -0
- vouch_protocol-2.0.0/vouch/transport/manager.py +188 -0
- vouch_protocol-2.0.0/vouch/transport/rendezvous.py +271 -0
- vouch_protocol-2.0.0/vouch/transport/udna.py +441 -0
- vouch_protocol-2.0.0/vouch/trifecta.py +219 -0
- vouch_protocol-2.0.0/vouch/trust_check.py +166 -0
- vouch_protocol-2.0.0/vouch/validator_server.py +193 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/verifier.py +150 -169
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0/vouch_protocol.egg-info}/PKG-INFO +56 -29
- vouch_protocol-2.0.0/vouch_protocol.egg-info/SOURCES.txt +213 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch_protocol.egg-info/requires.txt +3 -0
- vouch_protocol-1.6.1/tests/test_async_verifier.py +0 -196
- vouch_protocol-1.6.1/tests/test_delegation_chain.py +0 -195
- vouch_protocol-1.6.1/tests/test_signer.py +0 -142
- vouch_protocol-1.6.1/tests/test_signer_reputation.py +0 -122
- vouch_protocol-1.6.1/tests/test_verifier.py +0 -204
- vouch_protocol-1.6.1/vouch/__init__.py +0 -255
- vouch_protocol-1.6.1/vouch/auditor.py +0 -140
- vouch_protocol-1.6.1/vouch/integrations/autogen/__init__.py +0 -5
- vouch_protocol-1.6.1/vouch/integrations/autogen/tool.py +0 -59
- vouch_protocol-1.6.1/vouch/integrations/autogpt/__init__.py +0 -5
- vouch_protocol-1.6.1/vouch/integrations/autogpt/commands.py +0 -78
- vouch_protocol-1.6.1/vouch/integrations/crewai/__init__.py +0 -5
- vouch_protocol-1.6.1/vouch/integrations/crewai/tool.py +0 -68
- vouch_protocol-1.6.1/vouch/integrations/google.py +0 -108
- vouch_protocol-1.6.1/vouch/integrations/langchain/__init__.py +0 -5
- vouch_protocol-1.6.1/vouch/integrations/langchain/tool.py +0 -122
- vouch_protocol-1.6.1/vouch/integrations/mcp/__init__.py +0 -5
- vouch_protocol-1.6.1/vouch/integrations/mcp/server.py +0 -265
- vouch_protocol-1.6.1/vouch/integrations/vertex_ai/__init__.py +0 -5
- vouch_protocol-1.6.1/vouch/integrations/vertex_ai/tool.py +0 -42
- vouch_protocol-1.6.1/vouch/signer.py +0 -424
- vouch_protocol-1.6.1/vouch_protocol.egg-info/SOURCES.txt +0 -119
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/LICENSE +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/MANIFEST.in +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/setup.cfg +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_attribution.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_audio_bridge.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_behavioral_attestation.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_bridge.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_c2pa_formats.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_cache.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_canary.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_data_integrity.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_git_workflow.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_heartbeat.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_hybrid_interop.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_jcs.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_jcs_interop.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_media_badge.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_media_native.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_merkle.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_multikey.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_nonce.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_quorum.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_reputation.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_revocation.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_scan.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_status_list.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_trust_entropy.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/tests/test_vc.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/attribution.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/attribution_cli.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/audio.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/behavioral_attestation.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/bridge/__init__.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/bridge/audio_routes.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/bridge/config.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/bridge/server.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/cache.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/canary.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/config.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/data_integrity_hybrid.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/heartbeat.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/integrations/adk.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/integrations/amnesia.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/integrations/claude-code/settings.hooks.json +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/integrations/hasura/__init__.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/integrations/n8n.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/integrations/streamlit/__init__.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/integrations/streamlit/seal.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/jcs.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/kms.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/media/__init__.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/media/badge.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/media/c2pa.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/media/native.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/merkle.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/metrics.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/multikey.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/nonce.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/quorum.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/ratelimit.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/registry.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/reputation.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/revocation.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/scan/__init__.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/scan/detector.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/scan/patterns.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/seal.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/shield/__init__.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/shield/demo.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/shield/flight_recorder.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/shield/permissions.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/shield/trust_registry.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/status_list.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/status_list_fetcher.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/trust_entropy.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/vc.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch/verification.py +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch_protocol.egg-info/dependency_links.txt +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch_protocol.egg-info/entry_points.txt +0 -0
- {vouch_protocol-1.6.1 → vouch_protocol-2.0.0}/vouch_protocol.egg-info/top_level.txt +0 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: vouch-protocol
|
|
3
|
-
Version:
|
|
3
|
+
Version: 2.0.0
|
|
4
4
|
Summary: The Identity & Reputation Standard for AI Agents
|
|
5
5
|
Author-email: Vouch Protocol Contributors <hello@vouch-protocol.com>
|
|
6
6
|
License: Apache License 2.0
|
|
@@ -250,6 +250,8 @@ Requires-Dist: google-cloud-kms>=2.0.0; extra == "gcp"
|
|
|
250
250
|
Provides-Extra: azure
|
|
251
251
|
Requires-Dist: azure-keyvault-keys>=4.0.0; extra == "azure"
|
|
252
252
|
Provides-Extra: pq
|
|
253
|
+
Provides-Extra: udna
|
|
254
|
+
Requires-Dist: sirraya-udna-sdk>=1.0.3; extra == "udna"
|
|
253
255
|
Provides-Extra: tracing
|
|
254
256
|
Requires-Dist: opentelemetry-api>=1.20.0; extra == "tracing"
|
|
255
257
|
Requires-Dist: opentelemetry-sdk>=1.20.0; extra == "tracing"
|
|
@@ -299,6 +301,10 @@ Dynamic: license-file
|
|
|
299
301
|
<a href="https://discord.gg/mMqx5cG9Y"><img src="https://img.shields.io/badge/Discord-Join_Community-7289da?logo=discord&logoColor=white" alt="Discord"></a>
|
|
300
302
|
</p>
|
|
301
303
|
|
|
304
|
+
<p align="center">
|
|
305
|
+
<a href="https://codespaces.new/vouch-protocol/vouch"><img src="https://github.com/codespaces/badge.svg" alt="Open in GitHub Codespaces" height="28"></a>
|
|
306
|
+
</p>
|
|
307
|
+
|
|
302
308
|
<p align="center">
|
|
303
309
|
<a href="https://github.com/vouch-protocol/vouch/blob/main/LICENSE"><img src="https://img.shields.io/badge/License-Apache_2.0-blue.svg" alt="Apache 2.0 License"></a>
|
|
304
310
|
</p>
|
|
@@ -307,6 +313,16 @@ Dynamic: license-file
|
|
|
307
313
|
|
|
308
314
|
## Quick Start
|
|
309
315
|
|
|
316
|
+
```bash
|
|
317
|
+
# Install (Linux and macOS). On Windows, use: pip install vouch-protocol
|
|
318
|
+
curl -fsSL https://vouch-protocol.com/install.sh | sh
|
|
319
|
+
|
|
320
|
+
# Run vouch with no arguments and pick what you want to do
|
|
321
|
+
vouch
|
|
322
|
+
```
|
|
323
|
+
|
|
324
|
+
Prefer to do it by hand? It is three commands:
|
|
325
|
+
|
|
310
326
|
```bash
|
|
311
327
|
pip install vouch-protocol
|
|
312
328
|
|
|
@@ -317,6 +333,8 @@ vouch git init
|
|
|
317
333
|
git commit -m "Secure commit"
|
|
318
334
|
```
|
|
319
335
|
|
|
336
|
+
Setting up an agent instead of git signing? `vouch onboard --quick` generates a working identity, allow-list, verifier, and heartbeat config in one command.
|
|
337
|
+
|
|
320
338
|
---
|
|
321
339
|
|
|
322
340
|
## What's New in v1.0
|
|
@@ -329,7 +347,7 @@ Vouch Protocol v1.0 aligns directly with the open standard:
|
|
|
329
347
|
- **Hybrid post-quantum profile** (`hybrid-eddsa-mldsa44-jcs-2026`) as an optional add-on for regulated deployments aligning with NIST CNSA 2.0 / NSM-10 timelines.
|
|
330
348
|
- **Three-way cross-implementation interop** verified across Python, TypeScript, and Go.
|
|
331
349
|
|
|
332
|
-
|
|
350
|
+
Credentials are issued with `Signer.sign()` and checked with `Verifier.verify()`. See the Specification at [vouch-protocol.com/specs/SPEC/](https://vouch-protocol.com/specs/SPEC/) for the full specification.
|
|
333
351
|
|
|
334
352
|
---
|
|
335
353
|
|
|
@@ -356,11 +374,21 @@ Vouch is not one tool, it is a set of them. Here is the whole map.
|
|
|
356
374
|
- **Vouch Shield** a runtime check that inspects every tool call against your rules, like a customs officer at the door.
|
|
357
375
|
- **Continuous trust** heartbeats and session vouchers, so trust is a live signal that has to be renewed, not a badge that is issued once and trusted forever.
|
|
358
376
|
|
|
377
|
+
### Framework integrations (new in v1.6.2)
|
|
378
|
+
Standalone packages that drop Vouch into the agent framework you already use. Each one issues a verifiable credential for a tool call, with optional delegation back to a human principal.
|
|
379
|
+
- **`vouch-langchain`** a LangChain tool that signs each tool call before it leaves the agent.
|
|
380
|
+
- **`vouch-crewai`** a CrewAI tool, with supervisor-to-worker delegation that can only narrow authority, never widen it.
|
|
381
|
+
- **`vouch-a2a`** binds an A2A (Agent2Agent) Agent Card to a Vouch identity, so two agents can verify each other before they collaborate.
|
|
382
|
+
- **`vouch-mlflow`** signs an MLflow model artifact at registration time, bound to a content digest so any change to the weights breaks the signature.
|
|
383
|
+
- **`vouch-safetensors`** embeds a credential in a `.safetensors` header, complementary to OpenSSF Model Signing, so a model carries who produced it.
|
|
384
|
+
|
|
385
|
+
The standalone **`vouch-mcp`** package above ships alongside these in v1.6.2.
|
|
386
|
+
|
|
359
387
|
### SDKs, in the language you use
|
|
360
388
|
Python, TypeScript, and Go are the full reference implementations. A Rust core with idiomatic Swift, JVM (Java and Kotlin), .NET, and C wrappers shares one codebase, so every language produces byte-identical output, verified against shared test vectors. A WebAssembly build is included for the browser and the edge. See the table further down for status per language.
|
|
361
389
|
|
|
362
390
|
### Robots and embodied agents
|
|
363
|
-
A robot is an agent with a body, so the same
|
|
391
|
+
A robot is an agent with a body, so identity and accountability matter even more once it can cause physical harm. The `vouch.robotics` module ships six capabilities on the same `eddsa-jcs-2022` credentials as the rest of Vouch: hardware-rooted identity (bound to a TPM or secure element, so it cannot be cloned to other hardware), model and config provenance (re-signable on every OTA update), physical capability scope (force, speed, a tighter cap near humans, allowed zones, and shift windows, checked before each actuation, with narrow-only delegation), a robot-to-robot trust handshake, an encrypted tamper-evident black box with a verifiable kill switch, and a scannable offline passport. All six are implemented in Python, TypeScript, Go, and the Rust core, which flows to the Swift, Kotlin/JVM, .NET, C/C++, and WebAssembly wrappers, so a robotics credential signed in one language verifies in every other. Eleven further capabilities round out the set: a living-trust heartbeat (a signed per-interval motion summary whose trust decays unless it is renewed in-envelope), two-level credential revocation (per-credential status lists and whole-DID kill), an accountable safety record (a tamper-evident incident ledger summarized into a portable signed record), signed perception provenance (each captured sensor frame's hash bound to the robot's key and hash-linked, so a robot can prove what its sensors saw and a substituted frame is detectable), an offline delegation lease (a short-lived, scope-bounded grant a disconnected robot verifies and acts on with no network call, nesting across vendors), a physical quorum (a cryptographic two-person rule requiring M of N attested approvers for a high-consequence action), lifecycle credentials (ownership transfer that chains into a verifiable chain of custody, key rotation that forms a key history, and a signed decommission that retires the robot), a regulatory conformance profile (a machine-checkable mapping from a robot's credentials to the clauses of ISO 10218 and 15066, the EU Machinery Regulation, the EU AI Act, and UL 3300, with a deterministic checker and a signed conformance attestation), post-quantum signing by default (robot credentials sign with the hybrid classical-plus-ML-DSA-44 cryptosuite, with backward-compatible verification, so a robot stays unforgeable across its decade-long life), and cross-embodiment identity continuity (an agent identity that moves between robot bodies, with an embodiment credential re-binding to each body's hardware root and a continuity chain that proves the same accountable agent persisted, plus a fork check), and a physical custody handoff chain (a signed record of who accepted custody of a task or object at each hop across human and robot actors, so an incident traces to the exact hop and an attested condition localizes damage to the holder responsible), implemented across the same languages and pinned by the shared interop vector. See [docs/robotics.md](docs/robotics.md) and the defensive disclosures PAD-064 through PAD-070 and PAD-076 through PAD-084.
|
|
364
392
|
|
|
365
393
|
### Inside your AI tools
|
|
366
394
|
- **Claude Skill**, **OpenAI Custom GPT**, and **Gemini Gem** packages that teach your AI assistant how to add Vouch to your code, running on your own AI subscription.
|
|
@@ -410,7 +438,6 @@ AI agents are making real-world API calls with **ZERO cryptographic proof** of:
|
|
|
410
438
|
- **Human-readable JSON** (proof attaches as a sibling object, no Base64-wrapped opaque payload)
|
|
411
439
|
- **Framework-agnostic** (works with MCP, LangChain, CrewAI, AutoGPT, AutoGen, Vertex AI)
|
|
412
440
|
- **Cross-language interop** (Python, TypeScript, Go, byte-identical canonical form)
|
|
413
|
-
- **Backward-compatible** (legacy v0.x JWS API still supported during deprecation window)
|
|
414
441
|
- **Open source** (Apache 2.0 license, CC0 prior-art portfolio)
|
|
415
442
|
|
|
416
443
|
**Think of it as:**
|
|
@@ -432,9 +459,9 @@ flowchart LR
|
|
|
432
459
|
V{"✅ Verified"}
|
|
433
460
|
|
|
434
461
|
P -->|"Delegation VC"| A
|
|
435
|
-
A -->|"
|
|
462
|
+
A -->|"sign(intent)"| C
|
|
436
463
|
C -->|"HTTP body<br/>application/vc+vouch"| API
|
|
437
|
-
API -->|"
|
|
464
|
+
API -->|"verify()"| V
|
|
438
465
|
```
|
|
439
466
|
|
|
440
467
|
**4 Simple Steps:**
|
|
@@ -492,6 +519,10 @@ flowchart TB
|
|
|
492
519
|
|
|
493
520
|
### 1. Install
|
|
494
521
|
```bash
|
|
522
|
+
# Linux and macOS: one line
|
|
523
|
+
curl -fsSL https://vouch-protocol.com/install.sh | sh
|
|
524
|
+
|
|
525
|
+
# Or with pip (any platform)
|
|
495
526
|
pip install vouch-protocol
|
|
496
527
|
```
|
|
497
528
|
|
|
@@ -512,19 +543,13 @@ signer = Signer(
|
|
|
512
543
|
did=os.environ['VOUCH_DID']
|
|
513
544
|
)
|
|
514
545
|
|
|
515
|
-
credential = signer.
|
|
546
|
+
credential = signer.sign(intent={
|
|
516
547
|
'action': 'read_database',
|
|
517
548
|
'target': 'users_table',
|
|
518
549
|
'resource': 'https://api.example.com/v1/users',
|
|
519
550
|
})
|
|
520
551
|
# Send credential as the JSON body of the API request, content-type
|
|
521
|
-
# application/vc+vouch
|
|
522
|
-
```
|
|
523
|
-
|
|
524
|
-
**Legacy v0.x path (JWS, still supported):**
|
|
525
|
-
```python
|
|
526
|
-
token = signer.sign({'action': 'read_database', 'target': 'users'})
|
|
527
|
-
# Include token in Vouch-Token header
|
|
552
|
+
# application/vc+vouch
|
|
528
553
|
```
|
|
529
554
|
|
|
530
555
|
### 4. Verify (API Side)
|
|
@@ -541,7 +566,7 @@ async def protected_route(request: Request):
|
|
|
541
566
|
credential = await request.json()
|
|
542
567
|
public_key = '{"kty":"OKP", ...}' # Resolved from did:web or trusted root
|
|
543
568
|
|
|
544
|
-
is_valid, passport = Verifier.
|
|
569
|
+
is_valid, passport = Verifier.verify(credential, public_key=public_key)
|
|
545
570
|
if not is_valid:
|
|
546
571
|
raise HTTPException(status_code=401, detail="Untrusted Agent")
|
|
547
572
|
|
|
@@ -552,18 +577,6 @@ async def protected_route(request: Request):
|
|
|
552
577
|
}
|
|
553
578
|
```
|
|
554
579
|
|
|
555
|
-
**Legacy v0.x path:**
|
|
556
|
-
```python
|
|
557
|
-
from vouch import Verifier
|
|
558
|
-
|
|
559
|
-
@app.post("/api/legacy")
|
|
560
|
-
def legacy_route(vouch_token: str = Header(alias="Vouch-Token")):
|
|
561
|
-
is_valid, passport = Verifier.verify(vouch_token, public_key_jwk=public_key)
|
|
562
|
-
if not is_valid:
|
|
563
|
-
raise HTTPException(status_code=401, detail="Untrusted Agent")
|
|
564
|
-
return {"status": "Verified", "agent": passport.sub}
|
|
565
|
-
```
|
|
566
|
-
|
|
567
580
|
**That's it.** A few lines to sign, a few to verify, on either path.
|
|
568
581
|
|
|
569
582
|
---
|
|
@@ -599,7 +612,7 @@ Works with all major AI frameworks out-of-the-box:
|
|
|
599
612
|
|
|
600
613
|
```python
|
|
601
614
|
# Optional v1.0 profile, requires `pip install pqcrypto`
|
|
602
|
-
credential = signer.
|
|
615
|
+
credential = signer.sign_hybrid(intent={
|
|
603
616
|
'action': 'submit_clinical_finding',
|
|
604
617
|
'target': 'trial:NCT00000001',
|
|
605
618
|
'resource': 'https://fda-submissions.example.com/api/findings',
|
|
@@ -730,7 +743,7 @@ Built by [Ramprasad Gaddam](https://www.linkedin.com/in/rampy) ([Twitter/X](http
|
|
|
730
743
|
|
|
731
744
|
## Contributing
|
|
732
745
|
|
|
733
|
-
Contributions welcome. See [CONTRIBUTING.md](https://github.com/vouch-protocol/vouch/blob/main/CONTRIBUTING.md).
|
|
746
|
+
Contributions welcome. See [CONTRIBUTING.md](https://github.com/vouch-protocol/vouch/blob/main/CONTRIBUTING.md). Looking for a place to start? Browse our [good first issues](https://github.com/vouch-protocol/vouch/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22), and open a ready-made dev environment with one click using the [Open in GitHub Codespaces](https://codespaces.new/vouch-protocol/vouch) badge above.
|
|
734
747
|
|
|
735
748
|
**Areas where help is most useful:**
|
|
736
749
|
- [ ] Additional framework integrations (Haystack, Semantic Kernel, LlamaIndex, others)
|
|
@@ -739,6 +752,20 @@ Contributions welcome. See [CONTRIBUTING.md](https://github.com/vouch-protocol/v
|
|
|
739
752
|
- [ ] Independent security review and audit
|
|
740
753
|
- [ ] Reference implementations in additional languages (Rust, Java, .NET)
|
|
741
754
|
|
|
755
|
+
## Contributors
|
|
756
|
+
|
|
757
|
+
Thanks goes to these wonderful people. This section is maintained automatically by the [all-contributors](https://allcontributors.org/) bot.
|
|
758
|
+
|
|
759
|
+
<!-- ALL-CONTRIBUTORS-BADGE:START - Do not remove or modify this section -->
|
|
760
|
+
<!-- ALL-CONTRIBUTORS-BADGE:END -->
|
|
761
|
+
|
|
762
|
+
<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
|
|
763
|
+
<!-- prettier-ignore-start -->
|
|
764
|
+
<!-- markdownlint-disable -->
|
|
765
|
+
<!-- markdownlint-restore -->
|
|
766
|
+
<!-- prettier-ignore-end -->
|
|
767
|
+
<!-- ALL-CONTRIBUTORS-LIST:END -->
|
|
768
|
+
|
|
742
769
|
---
|
|
743
770
|
|
|
744
771
|
**Star this repo if you find it useful.**
|
|
@@ -23,6 +23,10 @@
|
|
|
23
23
|
<a href="https://discord.gg/mMqx5cG9Y"><img src="https://img.shields.io/badge/Discord-Join_Community-7289da?logo=discord&logoColor=white" alt="Discord"></a>
|
|
24
24
|
</p>
|
|
25
25
|
|
|
26
|
+
<p align="center">
|
|
27
|
+
<a href="https://codespaces.new/vouch-protocol/vouch"><img src="https://github.com/codespaces/badge.svg" alt="Open in GitHub Codespaces" height="28"></a>
|
|
28
|
+
</p>
|
|
29
|
+
|
|
26
30
|
<p align="center">
|
|
27
31
|
<a href="https://github.com/vouch-protocol/vouch/blob/main/LICENSE"><img src="https://img.shields.io/badge/License-Apache_2.0-blue.svg" alt="Apache 2.0 License"></a>
|
|
28
32
|
</p>
|
|
@@ -31,6 +35,16 @@
|
|
|
31
35
|
|
|
32
36
|
## Quick Start
|
|
33
37
|
|
|
38
|
+
```bash
|
|
39
|
+
# Install (Linux and macOS). On Windows, use: pip install vouch-protocol
|
|
40
|
+
curl -fsSL https://vouch-protocol.com/install.sh | sh
|
|
41
|
+
|
|
42
|
+
# Run vouch with no arguments and pick what you want to do
|
|
43
|
+
vouch
|
|
44
|
+
```
|
|
45
|
+
|
|
46
|
+
Prefer to do it by hand? It is three commands:
|
|
47
|
+
|
|
34
48
|
```bash
|
|
35
49
|
pip install vouch-protocol
|
|
36
50
|
|
|
@@ -41,6 +55,8 @@ vouch git init
|
|
|
41
55
|
git commit -m "Secure commit"
|
|
42
56
|
```
|
|
43
57
|
|
|
58
|
+
Setting up an agent instead of git signing? `vouch onboard --quick` generates a working identity, allow-list, verifier, and heartbeat config in one command.
|
|
59
|
+
|
|
44
60
|
---
|
|
45
61
|
|
|
46
62
|
## What's New in v1.0
|
|
@@ -53,7 +69,7 @@ Vouch Protocol v1.0 aligns directly with the open standard:
|
|
|
53
69
|
- **Hybrid post-quantum profile** (`hybrid-eddsa-mldsa44-jcs-2026`) as an optional add-on for regulated deployments aligning with NIST CNSA 2.0 / NSM-10 timelines.
|
|
54
70
|
- **Three-way cross-implementation interop** verified across Python, TypeScript, and Go.
|
|
55
71
|
|
|
56
|
-
|
|
72
|
+
Credentials are issued with `Signer.sign()` and checked with `Verifier.verify()`. See the Specification at [vouch-protocol.com/specs/SPEC/](https://vouch-protocol.com/specs/SPEC/) for the full specification.
|
|
57
73
|
|
|
58
74
|
---
|
|
59
75
|
|
|
@@ -80,11 +96,21 @@ Vouch is not one tool, it is a set of them. Here is the whole map.
|
|
|
80
96
|
- **Vouch Shield** a runtime check that inspects every tool call against your rules, like a customs officer at the door.
|
|
81
97
|
- **Continuous trust** heartbeats and session vouchers, so trust is a live signal that has to be renewed, not a badge that is issued once and trusted forever.
|
|
82
98
|
|
|
99
|
+
### Framework integrations (new in v1.6.2)
|
|
100
|
+
Standalone packages that drop Vouch into the agent framework you already use. Each one issues a verifiable credential for a tool call, with optional delegation back to a human principal.
|
|
101
|
+
- **`vouch-langchain`** a LangChain tool that signs each tool call before it leaves the agent.
|
|
102
|
+
- **`vouch-crewai`** a CrewAI tool, with supervisor-to-worker delegation that can only narrow authority, never widen it.
|
|
103
|
+
- **`vouch-a2a`** binds an A2A (Agent2Agent) Agent Card to a Vouch identity, so two agents can verify each other before they collaborate.
|
|
104
|
+
- **`vouch-mlflow`** signs an MLflow model artifact at registration time, bound to a content digest so any change to the weights breaks the signature.
|
|
105
|
+
- **`vouch-safetensors`** embeds a credential in a `.safetensors` header, complementary to OpenSSF Model Signing, so a model carries who produced it.
|
|
106
|
+
|
|
107
|
+
The standalone **`vouch-mcp`** package above ships alongside these in v1.6.2.
|
|
108
|
+
|
|
83
109
|
### SDKs, in the language you use
|
|
84
110
|
Python, TypeScript, and Go are the full reference implementations. A Rust core with idiomatic Swift, JVM (Java and Kotlin), .NET, and C wrappers shares one codebase, so every language produces byte-identical output, verified against shared test vectors. A WebAssembly build is included for the browser and the edge. See the table further down for status per language.
|
|
85
111
|
|
|
86
112
|
### Robots and embodied agents
|
|
87
|
-
A robot is an agent with a body, so the same
|
|
113
|
+
A robot is an agent with a body, so identity and accountability matter even more once it can cause physical harm. The `vouch.robotics` module ships six capabilities on the same `eddsa-jcs-2022` credentials as the rest of Vouch: hardware-rooted identity (bound to a TPM or secure element, so it cannot be cloned to other hardware), model and config provenance (re-signable on every OTA update), physical capability scope (force, speed, a tighter cap near humans, allowed zones, and shift windows, checked before each actuation, with narrow-only delegation), a robot-to-robot trust handshake, an encrypted tamper-evident black box with a verifiable kill switch, and a scannable offline passport. All six are implemented in Python, TypeScript, Go, and the Rust core, which flows to the Swift, Kotlin/JVM, .NET, C/C++, and WebAssembly wrappers, so a robotics credential signed in one language verifies in every other. Eleven further capabilities round out the set: a living-trust heartbeat (a signed per-interval motion summary whose trust decays unless it is renewed in-envelope), two-level credential revocation (per-credential status lists and whole-DID kill), an accountable safety record (a tamper-evident incident ledger summarized into a portable signed record), signed perception provenance (each captured sensor frame's hash bound to the robot's key and hash-linked, so a robot can prove what its sensors saw and a substituted frame is detectable), an offline delegation lease (a short-lived, scope-bounded grant a disconnected robot verifies and acts on with no network call, nesting across vendors), a physical quorum (a cryptographic two-person rule requiring M of N attested approvers for a high-consequence action), lifecycle credentials (ownership transfer that chains into a verifiable chain of custody, key rotation that forms a key history, and a signed decommission that retires the robot), a regulatory conformance profile (a machine-checkable mapping from a robot's credentials to the clauses of ISO 10218 and 15066, the EU Machinery Regulation, the EU AI Act, and UL 3300, with a deterministic checker and a signed conformance attestation), post-quantum signing by default (robot credentials sign with the hybrid classical-plus-ML-DSA-44 cryptosuite, with backward-compatible verification, so a robot stays unforgeable across its decade-long life), and cross-embodiment identity continuity (an agent identity that moves between robot bodies, with an embodiment credential re-binding to each body's hardware root and a continuity chain that proves the same accountable agent persisted, plus a fork check), and a physical custody handoff chain (a signed record of who accepted custody of a task or object at each hop across human and robot actors, so an incident traces to the exact hop and an attested condition localizes damage to the holder responsible), implemented across the same languages and pinned by the shared interop vector. See [docs/robotics.md](docs/robotics.md) and the defensive disclosures PAD-064 through PAD-070 and PAD-076 through PAD-084.
|
|
88
114
|
|
|
89
115
|
### Inside your AI tools
|
|
90
116
|
- **Claude Skill**, **OpenAI Custom GPT**, and **Gemini Gem** packages that teach your AI assistant how to add Vouch to your code, running on your own AI subscription.
|
|
@@ -134,7 +160,6 @@ AI agents are making real-world API calls with **ZERO cryptographic proof** of:
|
|
|
134
160
|
- **Human-readable JSON** (proof attaches as a sibling object, no Base64-wrapped opaque payload)
|
|
135
161
|
- **Framework-agnostic** (works with MCP, LangChain, CrewAI, AutoGPT, AutoGen, Vertex AI)
|
|
136
162
|
- **Cross-language interop** (Python, TypeScript, Go, byte-identical canonical form)
|
|
137
|
-
- **Backward-compatible** (legacy v0.x JWS API still supported during deprecation window)
|
|
138
163
|
- **Open source** (Apache 2.0 license, CC0 prior-art portfolio)
|
|
139
164
|
|
|
140
165
|
**Think of it as:**
|
|
@@ -156,9 +181,9 @@ flowchart LR
|
|
|
156
181
|
V{"✅ Verified"}
|
|
157
182
|
|
|
158
183
|
P -->|"Delegation VC"| A
|
|
159
|
-
A -->|"
|
|
184
|
+
A -->|"sign(intent)"| C
|
|
160
185
|
C -->|"HTTP body<br/>application/vc+vouch"| API
|
|
161
|
-
API -->|"
|
|
186
|
+
API -->|"verify()"| V
|
|
162
187
|
```
|
|
163
188
|
|
|
164
189
|
**4 Simple Steps:**
|
|
@@ -216,6 +241,10 @@ flowchart TB
|
|
|
216
241
|
|
|
217
242
|
### 1. Install
|
|
218
243
|
```bash
|
|
244
|
+
# Linux and macOS: one line
|
|
245
|
+
curl -fsSL https://vouch-protocol.com/install.sh | sh
|
|
246
|
+
|
|
247
|
+
# Or with pip (any platform)
|
|
219
248
|
pip install vouch-protocol
|
|
220
249
|
```
|
|
221
250
|
|
|
@@ -236,19 +265,13 @@ signer = Signer(
|
|
|
236
265
|
did=os.environ['VOUCH_DID']
|
|
237
266
|
)
|
|
238
267
|
|
|
239
|
-
credential = signer.
|
|
268
|
+
credential = signer.sign(intent={
|
|
240
269
|
'action': 'read_database',
|
|
241
270
|
'target': 'users_table',
|
|
242
271
|
'resource': 'https://api.example.com/v1/users',
|
|
243
272
|
})
|
|
244
273
|
# Send credential as the JSON body of the API request, content-type
|
|
245
|
-
# application/vc+vouch
|
|
246
|
-
```
|
|
247
|
-
|
|
248
|
-
**Legacy v0.x path (JWS, still supported):**
|
|
249
|
-
```python
|
|
250
|
-
token = signer.sign({'action': 'read_database', 'target': 'users'})
|
|
251
|
-
# Include token in Vouch-Token header
|
|
274
|
+
# application/vc+vouch
|
|
252
275
|
```
|
|
253
276
|
|
|
254
277
|
### 4. Verify (API Side)
|
|
@@ -265,7 +288,7 @@ async def protected_route(request: Request):
|
|
|
265
288
|
credential = await request.json()
|
|
266
289
|
public_key = '{"kty":"OKP", ...}' # Resolved from did:web or trusted root
|
|
267
290
|
|
|
268
|
-
is_valid, passport = Verifier.
|
|
291
|
+
is_valid, passport = Verifier.verify(credential, public_key=public_key)
|
|
269
292
|
if not is_valid:
|
|
270
293
|
raise HTTPException(status_code=401, detail="Untrusted Agent")
|
|
271
294
|
|
|
@@ -276,18 +299,6 @@ async def protected_route(request: Request):
|
|
|
276
299
|
}
|
|
277
300
|
```
|
|
278
301
|
|
|
279
|
-
**Legacy v0.x path:**
|
|
280
|
-
```python
|
|
281
|
-
from vouch import Verifier
|
|
282
|
-
|
|
283
|
-
@app.post("/api/legacy")
|
|
284
|
-
def legacy_route(vouch_token: str = Header(alias="Vouch-Token")):
|
|
285
|
-
is_valid, passport = Verifier.verify(vouch_token, public_key_jwk=public_key)
|
|
286
|
-
if not is_valid:
|
|
287
|
-
raise HTTPException(status_code=401, detail="Untrusted Agent")
|
|
288
|
-
return {"status": "Verified", "agent": passport.sub}
|
|
289
|
-
```
|
|
290
|
-
|
|
291
302
|
**That's it.** A few lines to sign, a few to verify, on either path.
|
|
292
303
|
|
|
293
304
|
---
|
|
@@ -323,7 +334,7 @@ Works with all major AI frameworks out-of-the-box:
|
|
|
323
334
|
|
|
324
335
|
```python
|
|
325
336
|
# Optional v1.0 profile, requires `pip install pqcrypto`
|
|
326
|
-
credential = signer.
|
|
337
|
+
credential = signer.sign_hybrid(intent={
|
|
327
338
|
'action': 'submit_clinical_finding',
|
|
328
339
|
'target': 'trial:NCT00000001',
|
|
329
340
|
'resource': 'https://fda-submissions.example.com/api/findings',
|
|
@@ -454,7 +465,7 @@ Built by [Ramprasad Gaddam](https://www.linkedin.com/in/rampy) ([Twitter/X](http
|
|
|
454
465
|
|
|
455
466
|
## Contributing
|
|
456
467
|
|
|
457
|
-
Contributions welcome. See [CONTRIBUTING.md](https://github.com/vouch-protocol/vouch/blob/main/CONTRIBUTING.md).
|
|
468
|
+
Contributions welcome. See [CONTRIBUTING.md](https://github.com/vouch-protocol/vouch/blob/main/CONTRIBUTING.md). Looking for a place to start? Browse our [good first issues](https://github.com/vouch-protocol/vouch/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22), and open a ready-made dev environment with one click using the [Open in GitHub Codespaces](https://codespaces.new/vouch-protocol/vouch) badge above.
|
|
458
469
|
|
|
459
470
|
**Areas where help is most useful:**
|
|
460
471
|
- [ ] Additional framework integrations (Haystack, Semantic Kernel, LlamaIndex, others)
|
|
@@ -463,6 +474,20 @@ Contributions welcome. See [CONTRIBUTING.md](https://github.com/vouch-protocol/v
|
|
|
463
474
|
- [ ] Independent security review and audit
|
|
464
475
|
- [ ] Reference implementations in additional languages (Rust, Java, .NET)
|
|
465
476
|
|
|
477
|
+
## Contributors
|
|
478
|
+
|
|
479
|
+
Thanks goes to these wonderful people. This section is maintained automatically by the [all-contributors](https://allcontributors.org/) bot.
|
|
480
|
+
|
|
481
|
+
<!-- ALL-CONTRIBUTORS-BADGE:START - Do not remove or modify this section -->
|
|
482
|
+
<!-- ALL-CONTRIBUTORS-BADGE:END -->
|
|
483
|
+
|
|
484
|
+
<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
|
|
485
|
+
<!-- prettier-ignore-start -->
|
|
486
|
+
<!-- markdownlint-disable -->
|
|
487
|
+
<!-- markdownlint-restore -->
|
|
488
|
+
<!-- prettier-ignore-end -->
|
|
489
|
+
<!-- ALL-CONTRIBUTORS-LIST:END -->
|
|
490
|
+
|
|
466
491
|
---
|
|
467
492
|
|
|
468
493
|
**Star this repo if you find it useful.**
|
|
@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
|
|
|
4
4
|
|
|
5
5
|
[project]
|
|
6
6
|
name = "vouch-protocol"
|
|
7
|
-
version = "
|
|
7
|
+
version = "2.0.0"
|
|
8
8
|
description = "The Identity & Reputation Standard for AI Agents"
|
|
9
9
|
readme = "README.md"
|
|
10
10
|
requires-python = ">=3.9"
|
|
@@ -71,6 +71,11 @@ azure = ["azure-keyvault-keys>=4.0.0"]
|
|
|
71
71
|
# wrote that into a Dockerfile or requirements.txt.
|
|
72
72
|
pq = []
|
|
73
73
|
|
|
74
|
+
# UDNA (Universal DID-Native Addressing) identity-first transport.
|
|
75
|
+
# Distribution `sirraya-udna-sdk` imports as the `udna_sdk` package.
|
|
76
|
+
# Optional: when absent, the hybrid transport stack degrades to HTTP fallback.
|
|
77
|
+
udna = ["sirraya-udna-sdk>=1.0.3"]
|
|
78
|
+
|
|
74
79
|
# OpenTelemetry tracing
|
|
75
80
|
tracing = [
|
|
76
81
|
"opentelemetry-api>=1.20.0",
|