Skip to main content

LangChain tools for Bolyra mutual ZKP authentication and SD-JWT delegation

Project description

Bolyra LangChain Integration

LangChain tools for Bolyra mutual ZKP authentication and SD-JWT delegation.

Status: Alpha / Developer preview. Three tools as proper BaseTool subclasses.

Install

pip install bolyra-langchain

For ZKP-based auth (BolyraAuthTool, BolyraDelegateTool), also install:

npm install @bolyra/sdk && npx bolyra setup  # circuit artifacts

SD-JWT auth (BolyraSDJWTTool) requires no Node.js.

Quick Start

SD-JWT Delegation (No ZKP, No Node.js)

from bolyra_langchain import BolyraSDJWTTool
from langchain.agents import create_react_agent, AgentExecutor

# Dev mode -- auto-generates test credentials
sd_jwt_tool = BolyraSDJWTTool()

# Use in a LangChain agent
tools = [sd_jwt_tool]
agent = create_react_agent(llm, tools, prompt)
executor = AgentExecutor(agent=agent, tools=tools)

result = executor.invoke({"input": "Authorize a $50 purchase at shop.example.com"})

ZKP Mutual Authentication

from bolyra_langchain import BolyraAuthTool

# Dev mode (fixed-seed dev identities -- never for production)
auth_tool = BolyraAuthTool()

# Production mode
auth_tool = BolyraAuthTool(
    agent_model_hash="gpt-4o",
    operator_key="0xdeadbeef...",
    permissions=["read_data", "write_data"],
    human_secret=12345,
)

result = auth_tool.invoke({
    "scope": "my-app",
    "required_permissions": ["read_data"],
})

ZKP Delegation

from bolyra_langchain import BolyraDelegateTool

delegate = BolyraDelegateTool(
    agent_permissions=["read_data", "write_data", "financial_small"],
)

result = delegate.invoke({
    "delegatee_id": "0xabc123...",
    "permissions": ["read_data"],
    "session_nonce": "nonce-from-handshake",
    "scope_commitment": "commitment-from-handshake",
})

Session-Managed Chain

from bolyra_langchain import BolyraAuthTool, BolyraDelegateTool, BolyraSession

auth = BolyraAuthTool(permissions=["read_data", "write_data"])
delegate = BolyraDelegateTool(agent_permissions=["read_data", "write_data"])
session = BolyraSession(auth_tool=auth, delegate_tool=delegate)

# Authenticate first
auth_result = session.authenticate(scope="my-app")

# Delegate -- session_nonce and scope_commitment auto-injected
del_result = session.delegate(
    delegatee_id="0xabc...",
    permissions=["read_data"],
)

Tools

Tool Path Requires Node.js Description
BolyraAuthTool ZKP Yes Mutual ZKP handshake authentication
BolyraDelegateTool ZKP Yes Scoped ZKP permission delegation
BolyraSDJWTTool SD-JWT No Lightweight SD-JWT delegation

All tools subclass langchain_core.tools.BaseTool and work with create_react_agent, AgentExecutor, LCEL chains, and LangGraph.

Dev Mode

When no keys are provided, tools auto-generate test credentials:

  • BolyraAuthTool: uses fixed-seed dev identities (deterministic)
  • BolyraSDJWTTool: generates fresh Ed25519 keypairs per instance

Dev mode is never for production. In production, provide explicit operator keys, human secrets, or issuer keys.

Non-Monorepo Setup

If using bolyra from PyPI (not the monorepo), set the Node.js SDK path:

export BOLYRA_NODE_SDK_PATH=/path/to/node_modules/@bolyra/sdk

Or via config:

from bolyra.types import BolyraConfig
config = BolyraConfig(node_sdk_path="/path/to/node_modules/@bolyra/sdk")

Architecture

integrations/langchain/
  pyproject.toml              # bolyra-langchain package
  README.md
  bolyra_langchain/
    __init__.py               # Public API
    auth_tool.py              # BolyraAuthTool(BaseTool)
    delegate_tool.py          # BolyraDelegateTool(BaseTool)
    sd_jwt_tool.py            # BolyraSDJWTTool(BaseTool)
    session.py                # BolyraSession
    types.py                  # AuthResult, DelegationResult, SDJWTResult
    _compat.py                # LangChain version shims
  tests/
    test_auth_tool.py
    test_delegate_tool.py
    test_sd_jwt_tool.py
    test_session.py

The SD-JWT module lives in the core bolyra SDK at sdk-python/bolyra/sd_jwt.py and is re-used by both the LangChain and CrewAI integrations.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

bolyra_langchain-0.1.0.tar.gz (19.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

bolyra_langchain-0.1.0-py3-none-any.whl (14.1 kB view details)

Uploaded Python 3

File details

Details for the file bolyra_langchain-0.1.0.tar.gz.

File metadata

  • Download URL: bolyra_langchain-0.1.0.tar.gz
  • Upload date:
  • Size: 19.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for bolyra_langchain-0.1.0.tar.gz
Algorithm Hash digest
SHA256 67dad7a17387ca2caf8c84a3e083a34b9cca4396dda5f9f0c9d8323edd69eb34
MD5 cce5cc14d24689daabe84d7bd293e22f
BLAKE2b-256 0a5f7e3aab4fe6162f4fe2fff173369bf8f292e565bf802e3d13babfe00cec18

See more details on using hashes here.

Provenance

The following attestation bundles were made for bolyra_langchain-0.1.0.tar.gz:

Publisher: release.yml on bolyra/bolyra

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file bolyra_langchain-0.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for bolyra_langchain-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 9596f5efe024e06a4cba94d02105d29f7b7c23d5b1364c0b9ad2cc92636a17b5
MD5 4c1b72f738f52b7ad93e161b09ae4e20
BLAKE2b-256 fbc5043d1e3acec965a09937a181bba8ac3c4b485abc5059f9a900e89ec0a0ea

See more details on using hashes here.

Provenance

The following attestation bundles were made for bolyra_langchain-0.1.0-py3-none-any.whl:

Publisher: release.yml on bolyra/bolyra

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page