DukeInc/Kez
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Kez/nodejs/packages/kez-core/src/identity.ts
Tudisco d0db6f00f1 Initial implementation of KEZ — protocol, two impls, and storage server 
KEZ is a portable, decentralized identity graph: a person signs claims
linking their many accounts, publishes those claims in places only the
claimed account can publish to, and anyone can verify the connections
without trusting a central server.

Layout
------
- SPEC.md            Language-agnostic protocol spec (v0.2)
- rust/              Rust implementation: kez-core, kez-channels, kez-cli
- nodejs/            TypeScript port at full parity
- rust-sig-server/   Optional axum + SQLite storage server for sigchains
- crosstest.sh       Cross-implementation interop harness

Capabilities (both implementations, byte-compatible)
----------------------------------------------------
- Two primary-key algorithms: nostr/secp256k1 Schnorr (BIP-340) and
  Ed25519 (RFC 8032). Identifiers: nostr:npub1... and ed25519:<hex>.
- JCS (RFC 8785) canonicalization for everything signed.
- Four proof encodings: JSON envelope, compact (kez:z1:<base64url(zstd(json))>),
  Markdown fence, DNS TXT.
- Five channel plugins (no API keys, no auth needed for any of them):
    dns:        system resolver, _kez.<domain> TXT records
    github:     public gist scan + <user>/<user> profile README fallback
    nostr:      kind-30078 events from default relays
    bluesky:    public AppView author feed
    ap:         WebFinger + actor JSON (alias mastodon:)
- Identical CLI surface:
    kez identity new [--key-type nostr|ed25519]
    kez claim create <subject> (--nsec | --ed25519-seed) [--format ...] [--out ...]
    kez claim dns <domain>     (--nsec | --ed25519-seed)
    kez verify file <path>
    kez verify id <identifier>
    kez sigchain add|revoke|show|export|publish
- Sigchains: append-only signed log per primary, hash-chained per spec §6,
  stored locally at ~/.kez/sigchains/, exportable as JSONL or kez:zc1: bundle.
- Sigchain publish destinations: chain server, web (file dump), DNS (zone
  record print), nostr (kind-30078 wrapping event).

kez-sig-server
--------------
Optional storage tier. Axum + SQLite, single binary, no external deps.

- No auth — the cryptography is the access control. The server validates
  every signature, every seq, every prev hash before storing.
- REST API: POST /v1/sigchains/{scheme}/{id}/events (append signed event,
  201 with new head hash or 4xx); GET /{scheme}/{id} (full chain as JSONL);
  GET /head; GET /healthz.
- Designed for one central instance for now; the design doesn't preclude
  running more later (clients gain a configurable list, verifiers
  reconcile per spec §6.2).
- Channel-based publishing remains the always-available fallback if the
  server is unavailable.

Tests
-----
- rust/                 99 tests
- rust-sig-server/      10 integration tests (real HTTP, real SQLite)
- nodejs/               91 tests (vitest)
- crosstest.sh          19 cross-impl scenarios — proves JCS bytes,
                        Schnorr + Ed25519 sigs, all four claim encodings,
                        and the sigchain JSONL bundle are byte-compatible
                        between Rust and Node in both directions.

What's not done yet
-------------------
- verify id consulting the sigchain for revocations (data path exists,
  just not wired into the verifier output).
- rotate and add_device sigchain ops (types reserved).
- expires_at enforcement during claim verification.
- Typed VerificationStatus.status reflecting the five failure modes.
- Auth-required publishers (GitHub gist, Bluesky, ActivityPub).
2026-05-24 14:41:00 -06:00

103 lines
2.8 KiB
TypeScript
Raw Blame History

// KEZ identifiers: always `system:value`. Mirrors Rust's `Identity` type.
import { bech32 } from "@scure/base";
export class IdentityError extends Error {
constructor(message: string) {
super(message);
this.name = "IdentityError";
}
}
export class Identity {
/** Internal canonical form (`system:value`). */
readonly value: string;
private constructor(canonical: string) {
this.value = canonical;
}
/** Parse a KEZ identifier. Bare `npub1...` is normalized to `nostr:npub1...`. */
static parse(raw: string): Identity {
const trimmed = raw.trim();
if (trimmed.length === 0) {
throw new IdentityError(`empty identity: "${raw}"`);
}
if (trimmed.startsWith("npub1")) {
validateNpub(trimmed);
return new Identity(`nostr:${trimmed}`);
}
const colon = trimmed.indexOf(":");
if (colon <= 0 || colon === trimmed.length - 1) {
throw new IdentityError(`invalid identity (need scheme:value): "${raw}"`);
}
const scheme = trimmed.slice(0, colon);
const rest = trimmed.slice(colon + 1);
if (scheme === "nostr") {
validateNpub(rest);
} else if (scheme === "ed25519") {
validateEd25519HexShape(rest);
}
return new Identity(`${scheme}:${rest}`);
}
get scheme(): string {
const i = this.value.indexOf(":");
return i < 0 ? "" : this.value.slice(0, i);
}
get id(): string {
const i = this.value.indexOf(":");
return i < 0 ? "" : this.value.slice(i + 1);
}
toString(): string {
return this.value;
}
toJSON(): string {
return this.value;
}
equals(other: Identity): boolean {
return this.value === other.value;
}
}
/** Validate the canonical ed25519 pubkey shape (64 lowercase hex chars). */
function validateEd25519HexShape(value: string): void {
if (value.length !== 64) {
throw new IdentityError(`ed25519 pubkey must be 64 hex chars, got ${value.length}`);
}
for (let i = 0; i < value.length; i++) {
const c = value.charCodeAt(i);
const ok =
(c >= 0x30 && c <= 0x39) || // 0-9
(c >= 0x61 && c <= 0x66); // a-f
if (!ok) {
throw new IdentityError(`ed25519 pubkey must be lowercase hex: ${value}`);
}
}
}
/** Validate that `npub` is a well-formed bech32 npub1 string. */
export function validateNpub(npub: string): void {
try {
const decoded = bech32.decode(npub as `${string}1${string}`, 1023);
if (decoded.prefix !== "npub") {
throw new IdentityError(`expected npub bech32, got hrp=${decoded.prefix}`);
}
const bytes = bech32.fromWords(decoded.words);
if (bytes.length !== 32) {
throw new IdentityError(`npub must decode to 32 bytes, got ${bytes.length}`);
}
} catch (e) {
if (e instanceof IdentityError) throw e;
throw new IdentityError(`invalid npub: ${(e as Error).message}`);
}
}
Reference in New Issue View Git Blame Copy Permalink