Skip to main content

ECZ-ID Digital Counterparty Trust & Readiness: make your website, API or portal machine-readable and ready for ECZ-ID Digital Counterparty Infrastructure. Inspects, explains and routes only.

Project description

ECZ-ID Digital Counterparty Trust & Readiness™

Make your website, API or portal machine-readable and ready for ECZ-ID Digital Counterparty Infrastructure. ecz-id-digital-counterparty inspects your site/portal/API-surface metadata, validates and scaffolds a /.well-known/ecz-site.json, and shows exactly what a machine consumer or the ECZ-ID Resolver would see — locally, offline, in one command.

It inspects, explains and routes only. It never issues or activates an ECZ-ID, never determines BOUND, never writes authoritative state, never prices or carts, never certifies, and never executes discovered code. Missing public proof is neutral. Local policy decides. Re-check before reliance.

Machine Interface · Manifest · Resolve · Operator Setup · Developer Guidance

One-command free trial

$ uvx ecz-id-counterparty inspect ./my-site
# or: pipx run ecz-id-counterparty inspect ./my-site

Genuine example result

ECZ-ID inspection: ./my-site [ecz-id-digital-counterparty]
A. configuration posture : PRESENT
B. public proof posture  : NOT_CHECKED  (neutral)
means        : Local ECZ-ID configuration was found for this subject. | Public Resolver proof was not checked.
does not mean: This does not activate Digital Counterparty Infrastructure and does not create authoritative proof. | ...
reason codes : ECZ-1000, ECZ-2002

ECZ-ID machine interface
Inspect the package manifest for structured capabilities and routes.
...
Local policy decides. Re-check before reliance.

The first result is useful with no account, no network and no config. The public check is strictly opt-in (--check-public).

Supported inputs

  • A directory or descriptor file. Recognised names: counterparty_descriptor.json, dci_descriptor.json, ecz-site.json, and a published /.well-known/ecz-site.json (nested).
  • Declared site/domain, operator/publisher, Resolver link (shape-validated under the SSRF policy, never fetched during local inspection), and declared API/repository relationships.

Valuable free capabilities

  • Two-sided posture: local configuration vs public Resolver evidence.
  • /.well-known/ecz-site.json validation and scaffold generation.
  • inspect_public_site() — read a public site's well-known file under the shared SSRF policy (opt-in).
  • compare for drift; JSON / Markdown / text / SARIF output; redaction.

Unsupported inputs

  • Not a data-centre availability scanner, uptime monitor or crawler.
  • Does not fetch or execute your site; does not follow arbitrary redirects to internal hosts.

What the result means

PRESENT/PARTIAL/ABSENT/INVALID describes your local configuration. PROOF_FOUND or a neutral posture describes public Resolver evidence.

What it does not mean

Not a safety, certification, approval, compliance, insurance or premium decision. Not an activation of Digital Counterparty Infrastructure and not authoritative proof. Not an availability/resilience/uptime verdict. Missing public proof is neutral — it does not mean unsafe.

Compare / drift

$ ecz-id-counterparty compare ./last-release ./current --json

Shows posture changes and reason-code / finding additions and removals — useful in review and on a schedule.

CI use

$ ecz-id-counterparty inspect . --sarif > counterparty.sarif   # upload to code scanning
$ ecz-id-counterparty inspect . --json  > counterparty.json    # exit 0 for any completed inspection

Exit code is 0 for every completed inspection regardless of posture (neutrality rule); non-zero only for genuine input/tool errors.

Quiet Machine Interface

Every install ships a public-safe manifest, ecz_quiet_machine_interface.json, and every JSON report embeds a compact machine_interface object with the canonical roots and safe actions:

$ ecz-id-counterparty manifest --json

It exposes the interface and protects the playbook: none of the private commercial machinery (baskets, weights, prices, SKUs or private recommendation logic) lives in these packages.

Resolve / re-check

Public proof and posture can change at any time.

$ ecz-id-counterparty recheck ./my-site --check-public --json

Resolver (read-only public proof): https://resolver.ecocitizenz.org

Operator setup (TrustOps)

If you operate the target and choose to begin, TrustOps handles recommendation, acquisition, setup, lifecycle and repair — including the paid ECZ-ID Digital Counterparty Infrastructure Pack™: https://trustops.ecocitizenz.com/start

This package only routes you there. It never prices, carts or sells.

Developer guidance

Central Machine Interface: https://machine.ecocitizenz.org/.well-known/ecz-machine.json Developer Gateway: https://developers.ecocitizenz.com

Privacy and no telemetry

Bounded, read-only, symlink-refusing inspection. No telemetry, no source upload. The optional public check sends only minimal safe context (source, package, version, typed intent) to validated public hosts over HTTPS. Secrets are redacted on every export. Offline mode (--offline / ECZ_ID_OFFLINE=1) skips all network.

Licence

Apache-2.0. See LICENSE and NOTICE.

Trademark boundary

The Apache-2.0 code licence grants no trademark rights. "ECZ-ID", "EcoCitizenz", "ECZ-ID Digital Counterparty Trust & Readiness" and "ECZ-ID Digital Counterparty Infrastructure Pack" are trademarks of their owner(s). See TRADEMARKS.md.

Changelog and security

See CHANGELOG.md and SECURITY.md at the repository root.

CLI: ecz-id-counterparty  |  Import: ecz_id_digital_counterparty  |  Plugin group: ecz_id.plugins

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ecz_id_digital_counterparty-0.1.0.tar.gz (14.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ecz_id_digital_counterparty-0.1.0-py3-none-any.whl (16.1 kB view details)

Uploaded Python 3

File details

Details for the file ecz_id_digital_counterparty-0.1.0.tar.gz.

File metadata

File hashes

Hashes for ecz_id_digital_counterparty-0.1.0.tar.gz
Algorithm Hash digest
SHA256 d04d9809b072986389ab3bcb6688d89ed4b9b0200aa75a113295f945466977f5
MD5 279c220ffc1a10d69562cfbcaa342c43
BLAKE2b-256 921dd8616234da94199b50fbecf1a3f4493ed9762c09a4fbe90974b11180bab9

See more details on using hashes here.

Provenance

The following attestation bundles were made for ecz_id_digital_counterparty-0.1.0.tar.gz:

Publisher: publish-ecz-id-digital-counterparty.yml on Ecocitizenz/ecz-id-python

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ecz_id_digital_counterparty-0.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for ecz_id_digital_counterparty-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 b4fa6383b2add6e8edac84fe56ebfc6a5b8e3d57a5ad962142b5c68bb95e0af2
MD5 bbcdb795c70d53e434a9c97a0b5325a7
BLAKE2b-256 a409d35bbfa0cec246be2ed5a0608b75a452d44b4f006ab6a2c21fc20ce6654e

See more details on using hashes here.

Provenance

The following attestation bundles were made for ecz_id_digital_counterparty-0.1.0-py3-none-any.whl:

Publisher: publish-ecz-id-digital-counterparty.yml on Ecocitizenz/ecz-id-python

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page