Standalone offline verification for AiGentsy ProofPack v2 bundles, attestations, and policy_layer display
Project description
aigentsy-verify
Standalone offline verification for AiGentsy proof bundles and attestations. Zero dependency on AiGentsy's runtime.
Install
pip install aigentsy-verify
Verify in 60 Seconds
from aigentsy_verify import verify_bundle, verify_attestation, fetch_public_key
import json, urllib.request
# 1. Fetch public key (cache this — it rarely changes)
public_key = fetch_public_key()
# 2. Verify a proof bundle
bundle = json.load(open("bundle.json"))
result = verify_bundle(bundle, public_key_base64=public_key)
print(result["verified"]) # True or False
# 3. Verify an attestation
resp = json.loads(urllib.request.urlopen(
"https://aigentsy-ame-runtime.onrender.com/protocol/agents/AGENT_ID/attestation"
).read())
ok = verify_attestation(resp["attestation"], resp["signature"], public_key)
print(ok) # True or False
Verify a Proof Bundle
import json
from aigentsy_verify import verify_bundle, fetch_public_key
# Load a bundle (from file, API, or any source)
with open("bundle.json") as f:
bundle = json.load(f)
# Fetch the public key (once — cache it)
public_key = fetch_public_key()
# Verify — returns per-step results
result = verify_bundle(bundle, public_key_base64=public_key)
print(result["verified"]) # True or False
for step, detail in result["steps"].items():
print(f" {step}: {'PASS' if detail['passed'] else 'SKIP' if detail.get('skipped') else 'FAIL'}")
Verify an Attestation
import json, urllib.request
from aigentsy_verify import verify_attestation, fetch_public_key
# Fetch attestation from AiGentsy
resp = json.loads(urllib.request.urlopen(
"https://aigentsy-ame-runtime.onrender.com/protocol/agents/AGENT_ID/attestation"
).read())
# Fetch public key
public_key = fetch_public_key()
# Verify signature
ok = verify_attestation(
resp["attestation"],
resp["signature"],
public_key,
)
print(f"Attestation valid: {ok}")
Sample Artifacts
The tests/fixtures/ directory contains sample artifacts you can verify immediately:
# Clone and verify offline
python -c "
import json
from aigentsy_verify import verify_bundle, verify_attestation
bundle = json.load(open('tests/fixtures/sample_bundle.json'))
print('Bundle:', verify_bundle(bundle)['verified'])
att = json.load(open('tests/fixtures/sample_attestation.json'))
print('Attestation:', verify_attestation(att['attestation'], att['signature'], att['public_key_base64']))
"
Sample fixtures include a test Ed25519 key pair — they verify without network access.
Public Key
The production Ed25519 public key is served at:
https://aigentsy-ame-runtime.onrender.com/protocol/merkle/public-key
Load it programmatically:
from aigentsy_verify import fetch_public_key
key = fetch_public_key() # returns base64-encoded Ed25519 public key
Or from a local file:
from aigentsy_verify import load_public_key_from_file
key = load_public_key_from_file("log_public_key.json")
5-Step Bundle Verification
| Step | What it checks | Required? |
|---|---|---|
| 1. Bundle hash | SHA-256 of canonical JSON matches claimed hash | Yes |
| 2. Event chain | Each event's hash and prev_hash link are correct | Yes |
| 3. Merkle inclusion | RFC 6962 proof path from leaf to root | If present |
| 4. STH signature | Ed25519 signature on signed tree head | If key provided |
| 5. Cross-reference | Merkle root matches STH root hash | If both present |
API
verify_bundle(bundle, public_key_base64="", sth=None) -> dict
Complete 5-step verification. Returns {"verified": bool, "steps": {...}}.
verify_attestation(attestation, signature_base64, public_key_base64) -> bool
Verify an Ed25519-signed outcome attestation.
verify_inclusion(leaf_hash, leaf_index, tree_size, proof, expected_root) -> bool
Verify an RFC 6962 Merkle inclusion proof.
verify_sth_signature(sth, public_key_base64) -> bool
Verify a signed tree head signature.
verify_consistency(old_size, new_size, old_root, new_root, proof) -> bool
Verify an RFC 6962 Merkle consistency proof (append-only guarantee).
verify_anchor_receipt(receipt) -> tuple[bool, dict]
Verify an STH anchor receipt's digest integrity. Returns (passed, details).
fetch_public_key(url=...) -> str
Fetch the Ed25519 public key from AiGentsy's runtime.
load_public_key_from_file(path) -> str
Load the public key from a local JSON file.
compute_bundle_hash(deal_id, proofs, events, merkle_inclusion) -> str
Compute the SHA-256 bundle hash.
verify_event_chain(events) -> dict
Verify event hash integrity and prev_hash chain linkage.
Resources
License
MIT — see LICENSE.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file aigentsy_verify-1.2.1.tar.gz.
File metadata
- Download URL: aigentsy_verify-1.2.1.tar.gz
- Upload date:
- Size: 20.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1d51f69423bbe0edee4c24df1e4f812e899e878c9d0fa8f7f3d63b0e1e477dfb
|
|
| MD5 |
ac8217c18f733bbe2fb266f60cbb4620
|
|
| BLAKE2b-256 |
a4c8ab8f8faecb1b5997f6d6aa4e21b911c6a7c9382c0c7a5aa2a6ff4e1d1ca1
|
File details
Details for the file aigentsy_verify-1.2.1-py3-none-any.whl.
File metadata
- Download URL: aigentsy_verify-1.2.1-py3-none-any.whl
- Upload date:
- Size: 17.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0d2ce4c76ddd4a457df37ecfd4244d7e8e6e8f775ba5ae5110e557c3fe5e70bd
|
|
| MD5 |
23472ff0176594fbde9f5c6276190c11
|
|
| BLAKE2b-256 |
64a97cffa0b43de1f5016943dc627756f05f375ce6a4a90334b9863bf697132c
|
