smokesignal.events / atproto-identity-rs
A library for ATProtocol identities.
fork atom
atproto-identity-rs / crates / atproto-identity / README.md
at main 2.7 kB view raw view rendered
1# atproto-identity 2 3AT Protocol identity management for DID resolution, handle resolution, and cryptographic operations. 4 5## Overview 6 7Core identity functionality for AT Protocol applications including multi-method DID resolution (plc, web, key), DNS/HTTP handle resolution, and P-256/P-384/K-256 key operations. 8 9## Features 10 11- **Multi-method DID resolution**: Support for `did:plc`, `did:web`, and `did:key` methods 12- **Handle resolution**: DNS TXT record and HTTP `.well-known` endpoint resolution with conflict detection 13- **Cryptographic operations**: P-256, P-384, and K-256 elliptic curve key generation, signing, and validation 14- **Identity validation**: Input validation for handles and DIDs following AT Protocol specifications 15- **Document storage**: LRU cache-based DID document storage with pluggable backends 16- **Configuration management**: Environment variable handling and DNS nameserver configuration 17 18## CLI Tools 19 20The following command-line tools are available when built with the `clap` and `hickory-dns` features: 21 22- **`atproto-identity-resolve`**: Resolve AT Protocol handles and DIDs to canonical identifiers with optional DID document output 23- **`atproto-identity-key`**: Generate cryptographic keys for P-256, P-384, and K-256 curves 24- **`atproto-identity-sign`**: Create cryptographic signatures of JSON data using private keys 25- **`atproto-identity-validate`**: Validate cryptographic signatures against public keys 26 27## Library Usage 28 29### Handle Resolution 30 31```rust 32use atproto_identity::resolve::{resolve_subject, create_resolver}; 33 34let http_client = reqwest::Client::new(); 35let dns_resolver = create_resolver(&[]); 36 37let did = resolve_subject(&http_client, &dns_resolver, "alice.bsky.social").await?; 38``` 39 40### Key Operations 41 42```rust 43use atproto_identity::key::{identify_key, generate_key, validate, KeyType}; 44 45// Generate a new key 46let private_key = generate_key(KeyType::P256Private)?; 47 48// Identify existing key 49let key_data = identify_key("did:key:zQ3sh...")?; 50 51// Validate signature 52validate(&key_data, &signature, content)?; 53``` 54 55## Command Line Usage 56 57All CLI tools require the `clap` feature: 58 59```bash 60# Build with CLI support 61cargo build --features clap,hickory-dns --bins 62 63# Resolve a handle to DID 64cargo run --features clap,hickory-dns --bin atproto-identity-resolve -- alice.bsky.social 65 66# Generate a new P-256 key 67cargo run --features clap --bin atproto-identity-key -- generate p256 68 69# Sign JSON data 70cargo run --features clap --bin atproto-identity-sign -- did:key:zQ3sh... data.json 71 72# Verify a signature 73cargo run --features clap --bin atproto-identity-validate -- did:key:zQ3sh... data.json signature 74``` 75 76## License 77 78MIT License