tking/guildhouse-proto
SHA256
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
guildhouse-proto/attestation/v2/README.md
Tyler King 98aa2b0ec7 feat(attestation): add SAT-SPEC-0002 protobuf definitions 
Add protobuf message definitions for the four-layer attestation
architecture defined in SAT-SPEC-0002. Package: substrate.attestation.v2

Files:
- common.proto: QmReceipt (hash-chained Ed25519-signed receipts)
- platform.proto: PlatformClaim, TpmQuoteBinding (L1 hardware identity)
- software.proto: SoftwareClaim, BuildProvenance (L2 image provenance)
- governance.proto: GovernanceClaim, AccordReference, DelegationReference (L3)
- session.proto: SessionClaim, ActorContext, PostureEvidence, PostureLevel (L4)
- sat.proto: SatBundle (composite, optional claim fields for has_*() codegen)

Also adds buf.yaml for lint/breaking-change checks.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-28 09:12:59 -05:00

35 lines
1.2 KiB
Markdown
Raw Permalink Blame History

# attestation/v2 — SAT-SPEC-0002 Protobuf Definitions
Protobuf message definitions for the Substrate Attestation Token v2 (SAT-SPEC-0002),
the four-layer attestation architecture for Substrate nodes.
## Package
`substrate.attestation.v2`
## Files
| File | Layer | Messages |
|------|-------|----------|
| `sat.proto` | — | `SatBundle` (top-level composite) |
| `platform.proto` | L1 Platform | `PlatformClaim`, `TpmQuoteBinding` |
| `software.proto` | L2 Software | `SoftwareClaim`, `BuildProvenance` |
| `governance.proto` | L3 Governance | `GovernanceClaim`, `AccordReference`, `DelegationReference` |
| `session.proto` | L4 Session | `SessionClaim`, `ActorContext`, `PostureEvidence`, `PostureLevel` (enum) |
| `common.proto` | — | `QmReceipt` |
## Layer Architecture
```
L4 Session ← actor identity + posture evaluation
L3 Governance ← accords, delegations, ceremonies
L2 Software ← image provenance + QM build receipt
L1 Platform ← TPM measurements + hardware identity
```
Each layer's claim hash binds to the layers below it (hash chaining).
The composite `sat_hash` in `SatBundle` covers all present layers.
## Spec
Canonical specification: `substrate/docs/specs/SAT-SPEC-0002.md`
Reference in a new issue View git blame Copy permalink