Skip to main content

Causal-aware secret custody — where secrets live, how they moved, who touched them. Part of the TIBET vault family (tibet-vault = WHEN, tibet-keychain = WHERE/HOW, tibet-sam = WHY, tibet-gateway = where ACT is performed).

Project description

tibet-keychain

Causal-aware secret custody — where secrets live, how they moved, who touched them.

tibet-keychain is part of the TIBET vault family — four primitives that answer four different questions about secrets, keys, tokens, and credentials:

═══════════════════════════════════════════════════════════════
  THE VAULT FAMILY
═══════════════════════════════════════════════════════════════

  tibet-vault       WHEN        temporal trigger
                                "release on date / dead-man-switch"

  tibet-keychain    WHERE/HOW   custody + timeline       ← this package
                                "where this secret lives, how it moved"

  tibet-sam         WHY         intent + scope authorization
                                "why this one specific act is allowed"

  tibet-gateway     WHERE-EXEC  execution boundary
                                "where the act is safely performed"
═══════════════════════════════════════════════════════════════

Why a separate keychain primitive?

Traditional secret stores answer:

  • where is the key
  • can this caller read it

tibet-keychain answers:

  • where is the key (still)
  • how did it get here (= causal history)
  • who touched it (= custody timeline)
  • was it exposed (= rotation triggers)
  • how does the chain walk back (= CBOM-compatible)

That makes tibet-keychain the natural foundation for any system that has to prove not only "I have the key" but "I know exactly how this key entered my custody, who touched it on the way, and under which authority each transition happened".

Core idea

Each secret is stored as a sealed .tza continuity object with:

  • encrypted secret payload (= the actual material)
  • vault-metadata (issuer / scope / created_at / expires_at)
  • custody-transition (owner ↔ custodian ↔ active-operator)
  • exposure_state + rotation_required flag
  • timeline of all secret-* events

The secret material itself is encrypted and tightly scoped. The surrounding continuity metadata remains auditable.

Secret types

api_key                 oauth_token             signing_key
service_account_cred    pypi_token              crates_token
github_pat              ssh_key                 root_password
smart_contract_signer   tls_cert                webhook_signer

Timeline events

secret-created          secret-imported         secret-sealed
secret-unsealed         secret-proxied          secret-delegated
secret-exposed          secret-rotated          secret-revoked
secret-archived

Each event carries:

  • actor identity (= who)
  • action_id + parent_action_id (= chain link)
  • timestamp
  • actor class (= human / machine / external / mcp-server / gateway / system)
  • relevant policy decisions (= scope / authority-shift)

Coupling with the rest of the family

                                tibet-keychain
                                  (custody, timeline)
                                      │
                                      ↓ secret-proxied event
                                      │
              ┌───────────────────────┴───────────────────────┐
              ▼                                                ▼
        tibet-sam                                       tibet-gateway
        (why this act is OK)                            (where it happens)
              ↓                                                ↑
         intent + scope                                    break-seal,
         constraint sealed                                 execute,
         in one-shot .tza                                  destroy-session
              ↓                                                ↑
              └─────────── handed to ──────────────────────────┘
                                      ↓
                                tibet-continuityd
                                audit JSONL
                                      ↓
                                tibet-cbom
                                timeline walk

Why this beats traditional secret stores

Property HashiCorp Vault tibet-keychain
Encrypted at rest
ACL / policy controlled
Causal history of secret
Custody-transition chain
Exposure events recorded partial
Audit walkable cross-bundle
Identity-bound rotation chain
Regulator-auditable timeline partial

Use cases

Infrastructure: SSH keys, database credentials, root access — all stored with custody chain, rotated through signed transitions.

Agent workflows: PyPI tokens, crates.io tokens, GitHub PATs — agents never see them; they request a SAM capsule that the gateway executes against, the keychain logs the request.

Smart contracts: signing keys with explicit "who can request a signing capsule for which contract address" policy, every signing event in the timeline.

Compliance evidence: regulator asks "who could have signed this? who actually did?" — the keychain timeline answers both.

Install

pip install tibet-keychain[full]

This pulls tibet-drop (= sealed envelope substrate) and tibet-cbom (= timeline renderer) as soft dependencies.

Status

v0.1.0 — package skeleton + spec. Implementation track for full secret storage + sealed-bundle integration follows; designed to land in time for IETF spec referencing and Marco van Hurne / W3C demos.

Spec source: /srv/jtel-stack/hersenspinsels/tibet-vault-key-custody-and-sealed-secret-timeline-2026-05-12.md

License

MIT — Humotica + Root AI + Codex (2026)

Enterprise

For private hub hosting, SLA support, custom integrations, or compliance guidance:

Enterprise enterprise@humotica.com
Support support@humotica.com
Security security@humotica.com

Credits

Designed by Jasper van de Meent. Built by Jasper and Root AI as part of HumoticaOS.


Stack-positie: Groep substrate · Bootstrap = OSAPI-handshake naar tibet + jis (fail → snaft-rule + tibet-pol-rapport) · ← tibet-vault · tibet-sam → · See STACK.md · See demo/golden-path/ for the spine end-to-end.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

tibet_keychain-0.1.2.tar.gz (9.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

tibet_keychain-0.1.2-py3-none-any.whl (8.5 kB view details)

Uploaded Python 3

File details

Details for the file tibet_keychain-0.1.2.tar.gz.

File metadata

  • Download URL: tibet_keychain-0.1.2.tar.gz
  • Upload date:
  • Size: 9.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.5

File hashes

Hashes for tibet_keychain-0.1.2.tar.gz
Algorithm Hash digest
SHA256 3ae9190af4fe07751628077814b13167cc040c7e70b2e36b6bfc18b2a11c3158
MD5 f1674c9ef6b7cf24fc2d1c6eff735a6d
BLAKE2b-256 ec452a9d7373919dcb90d806fe1359da5c5dcf736b5d04682f3c0ed7cdb41933

See more details on using hashes here.

File details

Details for the file tibet_keychain-0.1.2-py3-none-any.whl.

File metadata

  • Download URL: tibet_keychain-0.1.2-py3-none-any.whl
  • Upload date:
  • Size: 8.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.5

File hashes

Hashes for tibet_keychain-0.1.2-py3-none-any.whl
Algorithm Hash digest
SHA256 b7962cf3b177cbef8b342ff5525e385839ad2e32d4643bfd52a59d6c761530aa
MD5 da2508aeb48d206630eca1dde3433393
BLAKE2b-256 b0a7df6547d145bbaa88866c6a58a4833c70d28996fcc8998d46ac7454da5338

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page