DukeInc/Kez - Kez - Tudisco Git

DukeInc/Kez

Fork 0

Commit Graph

Author	SHA1	Message	Date
Jason Tudisco	c133be0589	feat(kez,kez-chat/web): nostr verifier checks profile, posts, AND kind-30078 Most users won't manually craft a NIP-78 kind-30078 event with a d=kez tag — that needed a nostr client most folks don't have. So verifiers now look in all three sensible spots and the user picks whichever is easiest to publish: 1. Kind 0 (profile metadata) — kez fence in the `about` field 2. Kind 1 (text note) — kez fence in the post body 3. Kind 30078 (NIP-78) — envelope as event content (advanced) Web (kez-chat/web): • New verifier implementation (replaces the v0.1 stub). Adds nostr- tools (~108 KB) under dynamic import so it lands in its own chunk — initial JS only grew 128→130 KB. • SimplePool.querySync against five public relays (Damus, nos.lol, primal, snort, nostr.wine), 4s timeout, kinds [0,1,30078] in one REQ. Returns ✓ on first match, with an evidence_url to njump.me. • AddClaim instructions for nostr rewritten — "pick whichever is easiest" with concrete steps for each. Rust (kez-channels): • Filter now includes kinds [0, 1, 30078], limit bumped to 200. • extract_proof_body() pulls the right candidate out of each event: - kind 0 → JSON-decode content, return `about` - kind 1 / 30078 → return content as-is • 4 new unit tests (extract_proof_body for each kind incl. malformed profile) + 2 new integration tests: - verifies_proof_from_profile_about_field - verifies_proof_from_kind_1_post • Updated existing integration tests for the new filter shape. All 11 unit + 7 integration nostr tests pass. Live at https://kez.lat. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-25 15:10:10 -06:00
Tudisco	d0db6f00f1	Initial implementation of KEZ — protocol, two impls, and storage server KEZ is a portable, decentralized identity graph: a person signs claims linking their many accounts, publishes those claims in places only the claimed account can publish to, and anyone can verify the connections without trusting a central server. Layout ------ - SPEC.md Language-agnostic protocol spec (v0.2) - rust/ Rust implementation: kez-core, kez-channels, kez-cli - nodejs/ TypeScript port at full parity - rust-sig-server/ Optional axum + SQLite storage server for sigchains - crosstest.sh Cross-implementation interop harness Capabilities (both implementations, byte-compatible) ---------------------------------------------------- - Two primary-key algorithms: nostr/secp256k1 Schnorr (BIP-340) and Ed25519 (RFC 8032). Identifiers: nostr:npub1... and ed25519:<hex>. - JCS (RFC 8785) canonicalization for everything signed. - Four proof encodings: JSON envelope, compact (kez:z1:<base64url(zstd(json))>), Markdown fence, DNS TXT. - Five channel plugins (no API keys, no auth needed for any of them): dns: system resolver, _kez.<domain> TXT records github: public gist scan + <user>/<user> profile README fallback nostr: kind-30078 events from default relays bluesky: public AppView author feed ap: WebFinger + actor JSON (alias mastodon:) - Identical CLI surface: kez identity new [--key-type nostr\|ed25519] kez claim create <subject> (--nsec \| --ed25519-seed) [--format ...] [--out ...] kez claim dns <domain> (--nsec \| --ed25519-seed) kez verify file <path> kez verify id <identifier> kez sigchain add\|revoke\|show\|export\|publish - Sigchains: append-only signed log per primary, hash-chained per spec §6, stored locally at ~/.kez/sigchains/, exportable as JSONL or kez:zc1: bundle. - Sigchain publish destinations: chain server, web (file dump), DNS (zone record print), nostr (kind-30078 wrapping event). kez-sig-server -------------- Optional storage tier. Axum + SQLite, single binary, no external deps. - No auth — the cryptography is the access control. The server validates every signature, every seq, every prev hash before storing. - REST API: POST /v1/sigchains/{scheme}/{id}/events (append signed event, 201 with new head hash or 4xx); GET /{scheme}/{id} (full chain as JSONL); GET /head; GET /healthz. - Designed for one central instance for now; the design doesn't preclude running more later (clients gain a configurable list, verifiers reconcile per spec §6.2). - Channel-based publishing remains the always-available fallback if the server is unavailable. Tests ----- - rust/ 99 tests - rust-sig-server/ 10 integration tests (real HTTP, real SQLite) - nodejs/ 91 tests (vitest) - crosstest.sh 19 cross-impl scenarios — proves JCS bytes, Schnorr + Ed25519 sigs, all four claim encodings, and the sigchain JSONL bundle are byte-compatible between Rust and Node in both directions. What's not done yet ------------------- - verify id consulting the sigchain for revocations (data path exists, just not wired into the verifier output). - rotate and add_device sigchain ops (types reserved). - expires_at enforcement during claim verification. - Typed VerificationStatus.status reflecting the five failure modes. - Auth-required publishers (GitHub gist, Bluesky, ActivityPub).	2026-05-24 14:41:00 -06:00

Author

SHA1

Message

Date

Jason Tudisco

c133be0589

feat(kez,kez-chat/web): nostr verifier checks profile, posts, AND kind-30078

Most users won't manually craft a NIP-78 kind-30078 event with a d=kez
tag — that needed a nostr client most folks don't have. So verifiers
now look in all three sensible spots and the user picks whichever is
easiest to publish:

  1. Kind 0   (profile metadata) — kez fence in the `about` field
  2. Kind 1   (text note)        — kez fence in the post body
  3. Kind 30078 (NIP-78)         — envelope as event content (advanced)

Web (kez-chat/web):
  • New verifier implementation (replaces the v0.1 stub). Adds nostr-
    tools (~108 KB) under dynamic import so it lands in its own chunk
    — initial JS only grew 128→130 KB.
  • SimplePool.querySync against five public relays (Damus, nos.lol,
    primal, snort, nostr.wine), 4s timeout, kinds [0,1,30078] in one
    REQ. Returns ✓ on first match, with an evidence_url to njump.me.
  • AddClaim instructions for nostr rewritten — "pick whichever is
    easiest" with concrete steps for each.

Rust (kez-channels):
  • Filter now includes kinds [0, 1, 30078], limit bumped to 200.
  • extract_proof_body() pulls the right candidate out of each event:
    - kind 0 → JSON-decode content, return `about`
    - kind 1 / 30078 → return content as-is
  • 4 new unit tests (extract_proof_body for each kind incl. malformed
    profile) + 2 new integration tests:
    - verifies_proof_from_profile_about_field
    - verifies_proof_from_kind_1_post
  • Updated existing integration tests for the new filter shape.

All 11 unit + 7 integration nostr tests pass. Live at https://kez.lat.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-05-25 15:10:10 -06:00

Tudisco

d0db6f00f1

Initial implementation of KEZ — protocol, two impls, and storage server

KEZ is a portable, decentralized identity graph: a person signs claims
linking their many accounts, publishes those claims in places only the
claimed account can publish to, and anyone can verify the connections
without trusting a central server.

Layout
------
- SPEC.md            Language-agnostic protocol spec (v0.2)
- rust/              Rust implementation: kez-core, kez-channels, kez-cli
- nodejs/            TypeScript port at full parity
- rust-sig-server/   Optional axum + SQLite storage server for sigchains
- crosstest.sh       Cross-implementation interop harness

Capabilities (both implementations, byte-compatible)
----------------------------------------------------
- Two primary-key algorithms: nostr/secp256k1 Schnorr (BIP-340) and
  Ed25519 (RFC 8032). Identifiers: nostr:npub1... and ed25519:<hex>.
- JCS (RFC 8785) canonicalization for everything signed.
- Four proof encodings: JSON envelope, compact (kez:z1:<base64url(zstd(json))>),
  Markdown fence, DNS TXT.
- Five channel plugins (no API keys, no auth needed for any of them):
    dns:        system resolver, _kez.<domain> TXT records
    github:     public gist scan + <user>/<user> profile README fallback
    nostr:      kind-30078 events from default relays
    bluesky:    public AppView author feed
    ap:         WebFinger + actor JSON (alias mastodon:)
- Identical CLI surface:
    kez identity new [--key-type nostr|ed25519]
    kez claim create <subject> (--nsec | --ed25519-seed) [--format ...] [--out ...]
    kez claim dns <domain>     (--nsec | --ed25519-seed)
    kez verify file <path>
    kez verify id <identifier>
    kez sigchain add|revoke|show|export|publish
- Sigchains: append-only signed log per primary, hash-chained per spec §6,
  stored locally at ~/.kez/sigchains/, exportable as JSONL or kez:zc1: bundle.
- Sigchain publish destinations: chain server, web (file dump), DNS (zone
  record print), nostr (kind-30078 wrapping event).

kez-sig-server
--------------
Optional storage tier. Axum + SQLite, single binary, no external deps.

- No auth — the cryptography is the access control. The server validates
  every signature, every seq, every prev hash before storing.
- REST API: POST /v1/sigchains/{scheme}/{id}/events (append signed event,
  201 with new head hash or 4xx); GET /{scheme}/{id} (full chain as JSONL);
  GET /head; GET /healthz.
- Designed for one central instance for now; the design doesn't preclude
  running more later (clients gain a configurable list, verifiers
  reconcile per spec §6.2).
- Channel-based publishing remains the always-available fallback if the
  server is unavailable.

Tests
-----
- rust/                 99 tests
- rust-sig-server/      10 integration tests (real HTTP, real SQLite)
- nodejs/               91 tests (vitest)
- crosstest.sh          19 cross-impl scenarios — proves JCS bytes,
                        Schnorr + Ed25519 sigs, all four claim encodings,
                        and the sigchain JSONL bundle are byte-compatible
                        between Rust and Node in both directions.

What's not done yet
-------------------
- verify id consulting the sigchain for revocations (data path exists,
  just not wired into the verifier output).
- rotate and add_device sigchain ops (types reserved).
- expires_at enforcement during claim verification.
- Typed VerificationStatus.status reflecting the five failure modes.
- Auth-required publishers (GitHub gist, Bluesky, ActivityPub).

2026-05-24 14:41:00 -06:00

2 Commits