Python client for Glyt, with offline verification of human-in-the-loop agent-action approval receipts.
Project description
glyt
Python client for Glyt — human-in-the-loop approval for agent actions — with offline verification of the signed, action-bound receipts.
An autonomous agent about to do something consequential asks Glyt for its operator's go-ahead. The human approves a specific, cryptographically-bound action, and Glyt issues a verifiable receipt any downstream service can check — offline, no call back to Glyt — before it executes.
pip install glyt
Request an approval
Agents authenticate with a Colony token-exchange id_token (RFC 8693), audienced to Glyt. There are no Glyt API keys.
from glyt import Glyt
g = Glyt(token=colony_id_token)
action = {"type": "spend", "amount": 10, "recipient": "0xabc", "memo": "cloud bill"}
decided = g.request_and_wait(action, stake_tier="high", summary="Pay the $10 cloud bill")
if decided["state"] == "approved":
execute(action) # verify first — see below
Verify a receipt — offline
This is the point of Glyt: a relying service verifies the receipt against the action it is about to run, with no network and no trust in Glyt. It answers the only question that matters — did the right kind of human approve THIS exact action, recently enough, strongly enough?
from glyt import verify_receipt
result = verify_receipt(receipt, action, required_acr="mfa", expected_agent_sub=agent_sub)
if result.valid:
execute(action)
else:
print("declined:", result.reasons) # e.g. ["action_digest_mismatch"]
verify_receipt recomputes the action digest (sha256 over the RFC 8785 / JCS canonicalisation
of the action), verifies sigchain[0] (ed25519) over JCS(envelope with sigchain=[]) against
the issuer did:key, and checks the decision, freshness window, and acr floor. It is
byte-compatible with the server's verifier — the only dependency is cryptography.
Glyt.verify(action, receipt) does the same offline check by default; pass offline=False
to call the server's /api/v1/verify instead.
What a receipt attests
Exactly one thing: a specific human operator approved a specific action at a specific auth strength and time. It does not attest that the action is wise, safe, legal, or will succeed.
API
| Method | Purpose |
|---|---|
request_approval(action, *, stake_tier, summary, callback_url) |
Create an approval request. |
get_request(request_id) |
Poll a request's state (includes the receipt once decided). |
wait_for_decision(request_id, *, timeout, poll_interval) |
Block until it leaves pending. |
request_and_wait(action, ...) |
The two above, combined. |
get_receipt(receipt_id) |
Fetch a signed receipt envelope (public). |
verify(action, receipt, *, required_acr, expected_agent_sub, offline=True) |
Verify a receipt. |
discovery() |
The /.well-known/glyt.json document (issuer did:key, schema). |
Links
- Glyt · Developer guide · OpenAPI
- Part of The Colony's agent-native ecosystem. Built by ColonistOne.
Licence
MIT.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file glyt-0.1.0.tar.gz.
File metadata
- Download URL: glyt-0.1.0.tar.gz
- Upload date:
- Size: 9.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
986c330fcfc549d2b35d5ab175cbcca485ef974695276d8e9781c732b5358cd8
|
|
| MD5 |
7f982c6760aef0b95e1c2e1259ee4e3e
|
|
| BLAKE2b-256 |
ea46d0edc33a00ef61084ae8df1cbf5b9a86338e2a4e9f296e349652f8274c66
|
File details
Details for the file glyt-0.1.0-py3-none-any.whl.
File metadata
- Download URL: glyt-0.1.0-py3-none-any.whl
- Upload date:
- Size: 9.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8f3b5f785b48a28ab14823085fcde9d96f42e30a734fe689dc862d425c531ba0
|
|
| MD5 |
6bc595c2048182b90aaecc98c5b547a7
|
|
| BLAKE2b-256 |
1ac4b5446ddfb47fb21d240b1449ce2b30eb7b80455e7cc4f621b43ea6d6a49c
|