did

package
v0.0.0-...-7334d01 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 13, 2026 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Package did provides DID (Decentralized Identifier) authentication and Verifiable Credential generation for AgentField Go SDK agents.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client handles HTTP communication with the control plane's DID and VC endpoints.

func NewClient 

func NewClient(baseURL string, opts ...ClientOption) *Client

NewClient creates a DID client for the given control plane URL.

func (*Client) ExportWorkflowVCChain 

func (c *Client) ExportWorkflowVCChain(ctx context.Context, workflowID string) (*WorkflowVCChain, error)

ExportWorkflowVCChain retrieves the complete VC chain for a workflow, suitable for offline verification and auditing.

func (*Client) GenerateExecutionVC 

func (c *Client) GenerateExecutionVC(ctx context.Context, req VCGenerationRequest) (*ExecutionVC, error)

GenerateExecutionVC requests the control plane to generate a Verifiable Credential for a completed execution.

func (*Client) RegisterAgent 

func (c *Client) RegisterAgent(ctx context.Context, req RegistrationRequest) (*RegistrationResponse, error)

RegisterAgent registers the agent with the control plane's DID service and returns the identity package containing all generated DIDs and keys.

func (*Client) SetSignFunc 

func (c *Client) SetSignFunc(fn SignRequestFunc)

SetSignFunc configures DID request signing. Call this after DID registration once the agent has valid credentials.

type ClientOption 

type ClientOption func(*Client)

ClientOption configures a Client.

func WithHTTPClient 

func WithHTTPClient(c *http.Client) ClientOption

WithHTTPClient sets a custom HTTP client.

func WithToken 

func WithToken(token string) ClientOption

WithToken sets a bearer token for authenticated requests.

type DIDIdentity 

type DIDIdentity struct {
	DID            string `json:"did"`
	PrivateKeyJWK  string `json:"private_key_jwk,omitempty"`
	PublicKeyJWK   string `json:"public_key_jwk"`
	DerivationPath string `json:"derivation_path"`
	ComponentType  string `json:"component_type"` // "agent", "reasoner", "skill"
	FunctionName   string `json:"function_name,omitempty"`
}

DIDIdentity represents a single DID with associated cryptographic keys.

type DIDIdentityPackage 

type DIDIdentityPackage struct {
	AgentDID           DIDIdentity            `json:"agent_did"`
	ReasonerDIDs       map[string]DIDIdentity `json:"reasoner_dids"`
	SkillDIDs          map[string]DIDIdentity `json:"skill_dids"`
	AgentFieldServerID string                 `json:"agentfield_server_id"`
}

DIDIdentityPackage is the complete set of DIDs returned by the control plane after agent registration. It includes the agent-level DID and per-function DIDs.

type ExecutionContext 

type ExecutionContext struct {
	ExecutionID  string `json:"execution_id"`
	WorkflowID   string `json:"workflow_id,omitempty"`
	SessionID    string `json:"session_id,omitempty"`
	CallerDID    string `json:"caller_did,omitempty"`
	TargetDID    string `json:"target_did,omitempty"`
	AgentNodeDID string `json:"agent_node_did,omitempty"`
	Timestamp    string `json:"timestamp,omitempty"`
}

ExecutionContext carries DID-specific metadata for a single execution, used when generating Verifiable Credentials.

type ExecutionVC 

type ExecutionVC struct {
	VCID        string `json:"vc_id"`
	ExecutionID string `json:"execution_id"`
	WorkflowID  string `json:"workflow_id"`
	SessionID   string `json:"session_id,omitempty"`
	IssuerDID   string `json:"issuer_did"`
	TargetDID   string `json:"target_did"`
	CallerDID   string `json:"caller_did,omitempty"`
	VCDocument  any    `json:"vc_document"`
	Signature   string `json:"signature"`
	InputHash   string `json:"input_hash"`
	OutputHash  string `json:"output_hash"`
	Status      string `json:"status"`
	CreatedAt   string `json:"created_at"`
}

ExecutionVC represents a Verifiable Credential generated for an execution.

type FunctionDef 

type FunctionDef struct {
	ID string `json:"id"`
}

FunctionDef identifies a reasoner or skill during DID registration.

type Manager 

type Manager struct {
	// contains filtered or unexported fields
}

Manager handles DID registration with the control plane and stores the resulting identity package (agent DID, per-reasoner DIDs, per-skill DIDs).

func NewManager 

func NewManager(client *Client, logger *log.Logger) *Manager

NewManager creates a DID manager backed by the given client.

func (*Manager) GetAgentDID 

func (m *Manager) GetAgentDID() string

GetAgentDID returns the agent's DID, or empty string if not registered.

func (*Manager) GetAgentPrivateKeyJWK 

func (m *Manager) GetAgentPrivateKeyJWK() string

GetAgentPrivateKeyJWK returns the agent's private key in JWK format, or empty string if not registered.

func (*Manager) GetFunctionDID 

func (m *Manager) GetFunctionDID(name string) string

GetFunctionDID resolves the DID for a specific reasoner or skill by name. Falls back to the agent-level DID if no function-specific DID is found.

func (*Manager) GetIdentityPackage 

func (m *Manager) GetIdentityPackage() *DIDIdentityPackage

GetIdentityPackage returns the full identity package, or nil if not registered.

func (*Manager) IsRegistered 

func (m *Manager) IsRegistered() bool

IsRegistered returns true if DID registration has completed successfully.

func (*Manager) RegisterAgent 

func (m *Manager) RegisterAgent(ctx context.Context, nodeID string, reasonerNames, skillNames []string) error

RegisterAgent registers the agent and its functions with the control plane's DID service. On success, the identity package (containing agent DID, private key, and per-function DIDs) is stored locally.

func (*Manager) SetIdentityFromCredentials 

func (m *Manager) SetIdentityFromCredentials(agentDID, privateKeyJWK string)

SetIdentityFromCredentials initializes the manager with pre-existing DID credentials (for agents that already have DID/PrivateKeyJWK configured). This allows the VC generator and DID context propagation to work without calling RegisterAgent.

type RegistrationRequest 

type RegistrationRequest struct {
	AgentNodeID string        `json:"agent_node_id"`
	Reasoners   []FunctionDef `json:"reasoners"`
	Skills      []FunctionDef `json:"skills"`
}

RegistrationRequest is sent to the control plane to register agent DIDs.

type RegistrationResponse 

type RegistrationResponse struct {
	Success         bool               `json:"success"`
	IdentityPackage DIDIdentityPackage `json:"identity_package"`
	Error           string             `json:"error,omitempty"`
}

RegistrationResponse is the response from the DID registration endpoint.

type SignRequestFunc 

type SignRequestFunc func(body []byte) map[string]string

SignRequestFunc returns DID authentication headers for a request body. It is set after DID registration, once the agent has credentials.

type VCGenerationRequest 

type VCGenerationRequest struct {
	ExecutionContext ExecutionContext `json:"execution_context"`
	InputData        string           `json:"input_data"`
	OutputData       string           `json:"output_data"`
	Status           string           `json:"status"`
	ErrorMessage     string           `json:"error_message,omitempty"`
	DurationMS       int64            `json:"duration_ms,omitempty"`
}

VCGenerationRequest is the payload for generating a Verifiable Credential.

type VCGenerator 

type VCGenerator struct {
	// contains filtered or unexported fields
}

VCGenerator handles Verifiable Credential generation for agent executions. After a reasoner completes, the generator sends execution metadata to the control plane which creates and stores a W3C-compliant VC for the audit trail.

func NewVCGenerator 

func NewVCGenerator(client *Client, manager *Manager, logger *log.Logger) *VCGenerator

NewVCGenerator creates a VC generator. Generation is disabled by default; call SetEnabled(true) after DID registration succeeds.

func (*VCGenerator) ExportWorkflowVCChain 

func (g *VCGenerator) ExportWorkflowVCChain(ctx context.Context, workflowID string) (*WorkflowVCChain, error)

ExportWorkflowVCChain retrieves the complete VC chain for a workflow.

func (*VCGenerator) GenerateExecutionVC 

func (g *VCGenerator) GenerateExecutionVC(
	ctx context.Context,
	execCtx ExecutionContext,
	input any,
	output any,
	status string,
	errMsg string,
	durationMS int64,
) (*ExecutionVC, error)

GenerateExecutionVC creates a Verifiable Credential for a completed execution. The input and output are serialized to JSON and base64-encoded before being sent to the control plane, matching the Python and TypeScript SDK behavior.

func (*VCGenerator) IsEnabled 

func (g *VCGenerator) IsEnabled() bool

IsEnabled returns true if VC generation is active.

func (*VCGenerator) SetEnabled 

func (g *VCGenerator) SetEnabled(enabled bool)

SetEnabled enables or disables VC generation.

type WorkflowVCChain 

type WorkflowVCChain struct {
	WorkflowID   string        `json:"workflow_id"`
	ExecutionVCs []ExecutionVC `json:"execution_vcs"`
	WorkflowVC   any           `json:"workflow_vc,omitempty"`
}

WorkflowVCChain is the audit trail for a workflow, containing all execution VCs.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.