DukeInc/Kez
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Kez/nodejs/packages/kez-core/src/encodings.ts
Tudisco d0db6f00f1 Initial implementation of KEZ — protocol, two impls, and storage server 
KEZ is a portable, decentralized identity graph: a person signs claims
linking their many accounts, publishes those claims in places only the
claimed account can publish to, and anyone can verify the connections
without trusting a central server.

Layout
------
- SPEC.md            Language-agnostic protocol spec (v0.2)
- rust/              Rust implementation: kez-core, kez-channels, kez-cli
- nodejs/            TypeScript port at full parity
- rust-sig-server/   Optional axum + SQLite storage server for sigchains
- crosstest.sh       Cross-implementation interop harness

Capabilities (both implementations, byte-compatible)
----------------------------------------------------
- Two primary-key algorithms: nostr/secp256k1 Schnorr (BIP-340) and
  Ed25519 (RFC 8032). Identifiers: nostr:npub1... and ed25519:<hex>.
- JCS (RFC 8785) canonicalization for everything signed.
- Four proof encodings: JSON envelope, compact (kez:z1:<base64url(zstd(json))>),
  Markdown fence, DNS TXT.
- Five channel plugins (no API keys, no auth needed for any of them):
    dns:        system resolver, _kez.<domain> TXT records
    github:     public gist scan + <user>/<user> profile README fallback
    nostr:      kind-30078 events from default relays
    bluesky:    public AppView author feed
    ap:         WebFinger + actor JSON (alias mastodon:)
- Identical CLI surface:
    kez identity new [--key-type nostr|ed25519]
    kez claim create <subject> (--nsec | --ed25519-seed) [--format ...] [--out ...]
    kez claim dns <domain>     (--nsec | --ed25519-seed)
    kez verify file <path>
    kez verify id <identifier>
    kez sigchain add|revoke|show|export|publish
- Sigchains: append-only signed log per primary, hash-chained per spec §6,
  stored locally at ~/.kez/sigchains/, exportable as JSONL or kez:zc1: bundle.
- Sigchain publish destinations: chain server, web (file dump), DNS (zone
  record print), nostr (kind-30078 wrapping event).

kez-sig-server
--------------
Optional storage tier. Axum + SQLite, single binary, no external deps.

- No auth — the cryptography is the access control. The server validates
  every signature, every seq, every prev hash before storing.
- REST API: POST /v1/sigchains/{scheme}/{id}/events (append signed event,
  201 with new head hash or 4xx); GET /{scheme}/{id} (full chain as JSONL);
  GET /head; GET /healthz.
- Designed for one central instance for now; the design doesn't preclude
  running more later (clients gain a configurable list, verifiers
  reconcile per spec §6.2).
- Channel-based publishing remains the always-available fallback if the
  server is unavailable.

Tests
-----
- rust/                 99 tests
- rust-sig-server/      10 integration tests (real HTTP, real SQLite)
- nodejs/               91 tests (vitest)
- crosstest.sh          19 cross-impl scenarios — proves JCS bytes,
                        Schnorr + Ed25519 sigs, all four claim encodings,
                        and the sigchain JSONL bundle are byte-compatible
                        between Rust and Node in both directions.

What's not done yet
-------------------
- verify id consulting the sigchain for revocations (data path exists,
  just not wired into the verifier output).
- rotate and add_device sigchain ops (types reserved).
- expires_at enforcement during claim verification.
- Typed VerificationStatus.status reflecting the five failure modes.
- Auth-required publishers (GitHub gist, Bluesky, ActivityPub).
2026-05-24 14:41:00 -06:00

110 lines
5.0 KiB
TypeScript
Raw Blame History

// Four wire encodings: JSON, compact (kez:z1:...), Markdown fence, legacy
// DNS (kez1:...). Round-trips match Rust exactly.
import { base64url } from "@scure/base";
import { zstdCompressSync, zstdDecompressSync } from "node:zlib";
import {
type SignedClaimEnvelope,
COMPACT_PROOF_PREFIX,
} from "./envelope.js";
import { Identity } from "./identity.js";
const MARKDOWN_FENCE = "```kez";
// ─────────────────────────────────────────────────────────────────────────────
// JSON
// ─────────────────────────────────────────────────────────────────────────────
export function toPrettyJson(envelope: SignedClaimEnvelope): string {
return JSON.stringify(envelope, null, 2);
}
export function fromJson(json: string): SignedClaimEnvelope {
return JSON.parse(json) as SignedClaimEnvelope;
}
// ─────────────────────────────────────────────────────────────────────────────
// Compact: kez:z1:<base64url-no-pad(zstd(json))>
// ─────────────────────────────────────────────────────────────────────────────
export function toCompact(envelope: SignedClaimEnvelope): string {
const json = new TextEncoder().encode(JSON.stringify(envelope));
const compressed = zstdCompressSync(json);
return (
COMPACT_PROOF_PREFIX +
base64url.encode(new Uint8Array(compressed)).replace(/=+$/, "")
);
}
export function fromCompact(value: string): SignedClaimEnvelope {
const trimmed = value.trim();
if (!trimmed.startsWith(COMPACT_PROOF_PREFIX)) {
throw new Error("compact proof missing kez:z1: prefix");
}
const body = trimmed.slice(COMPACT_PROOF_PREFIX.length);
// @scure/base's base64url requires standard padding; restore it.
const padded = body + "=".repeat((4 - (body.length % 4)) % 4);
const compressed = base64url.decode(padded);
const json = zstdDecompressSync(compressed);
return JSON.parse(new TextDecoder().decode(json)) as SignedClaimEnvelope;
}
// ─────────────────────────────────────────────────────────────────────────────
// Markdown fence: ```kez ... ```
// ─────────────────────────────────────────────────────────────────────────────
export function toMarkdown(envelope: SignedClaimEnvelope): string {
const json = toPrettyJson(envelope);
return [
"# KEZ Proof",
"",
"This account publishes a signed KEZ identity claim.",
"",
`- Primary: \`${envelope.payload.primary}\``,
`- Subject: \`${envelope.payload.subject}\``,
`- Created: \`${envelope.payload.created_at}\``,
"",
MARKDOWN_FENCE,
json,
"```",
"",
].join("\n");
}
export function extractMarkdownProof(markdown: string): SignedClaimEnvelope {
const start = markdown.indexOf(MARKDOWN_FENCE);
if (start < 0) {
throw new Error("missing ```kez proof block");
}
const bodyStart = start + MARKDOWN_FENCE.length;
const endRel = markdown.slice(bodyStart).indexOf("```");
if (endRel < 0) {
throw new Error("unterminated ```kez proof block");
}
const json = markdown.slice(bodyStart, bodyStart + endRel).trim();
return JSON.parse(json) as SignedClaimEnvelope;
}
// ─────────────────────────────────────────────────────────────────────────────
// DNS TXT
// ─────────────────────────────────────────────────────────────────────────────
export function dnsTxtName(identity: Identity): string {
if (identity.scheme !== "dns") {
throw new Error(`dns_txt_name requires dns: identity, got: ${identity}`);
}
return `_kez.${identity.id}`;
}
/** Legacy `kez1:` DNS encoding — Rust parser still accepts it. */
export function dnsTxtValue(envelope: SignedClaimEnvelope): string {
return "kez1:" + JSON.stringify(envelope);
}
export function parseDnsTxtValue(value: string): SignedClaimEnvelope {
if (!value.startsWith("kez1:")) {
throw new Error("DNS TXT proof missing kez1: prefix");
}
return JSON.parse(value.slice("kez1:".length)) as SignedClaimEnvelope;
}
Reference in New Issue View Git Blame Copy Permalink