Skip to main content

Causal-aware secret custody — where secrets live, how they moved, who touched them. Part of the TIBET vault family (tibet-vault = WHEN, tibet-keychain = WHERE/HOW, tibet-sam = WHY, tibet-gateway = where ACT is performed).

Project description

tibet-keychain

Causal-aware secret custody — where secrets live, how they moved, who touched them.

tibet-keychain is part of the TIBET vault family — four primitives that answer four different questions about secrets, keys, tokens, and credentials:

═══════════════════════════════════════════════════════════════
  THE VAULT FAMILY
═══════════════════════════════════════════════════════════════

  tibet-vault       WHEN        temporal trigger
                                "release on date / dead-man-switch"

  tibet-keychain    WHERE/HOW   custody + timeline       ← this package
                                "where this secret lives, how it moved"

  tibet-sam         WHY         intent + scope authorization
                                "why this one specific act is allowed"

  tibet-gateway     WHERE-EXEC  execution boundary
                                "where the act is safely performed"
═══════════════════════════════════════════════════════════════

Why a separate keychain primitive?

Traditional secret stores answer:

  • where is the key
  • can this caller read it

tibet-keychain answers:

  • where is the key (still)
  • how did it get here (= causal history)
  • who touched it (= custody timeline)
  • was it exposed (= rotation triggers)
  • how does the chain walk back (= CBOM-compatible)

That makes tibet-keychain the natural foundation for any system that has to prove not only "I have the key" but "I know exactly how this key entered my custody, who touched it on the way, and under which authority each transition happened".

Core idea

Each secret is stored as a sealed .tza continuity object with:

  • encrypted secret payload (= the actual material)
  • vault-metadata (issuer / scope / created_at / expires_at)
  • custody-transition (owner ↔ custodian ↔ active-operator)
  • exposure_state + rotation_required flag
  • timeline of all secret-* events

The secret material itself is encrypted and tightly scoped. The surrounding continuity metadata remains auditable.

Secret types

api_key                 oauth_token             signing_key
service_account_cred    pypi_token              crates_token
github_pat              ssh_key                 root_password
smart_contract_signer   tls_cert                webhook_signer

Timeline events

secret-created          secret-imported         secret-sealed
secret-unsealed         secret-proxied          secret-delegated
secret-exposed          secret-rotated          secret-revoked
secret-archived

Each event carries:

  • actor identity (= who)
  • action_id + parent_action_id (= chain link)
  • timestamp
  • actor class (= human / machine / external / mcp-server / gateway / system)
  • relevant policy decisions (= scope / authority-shift)

Coupling with the rest of the family

                                tibet-keychain
                                  (custody, timeline)
                                      │
                                      ↓ secret-proxied event
                                      │
              ┌───────────────────────┴───────────────────────┐
              ▼                                                ▼
        tibet-sam                                       tibet-gateway
        (why this act is OK)                            (where it happens)
              ↓                                                ↑
         intent + scope                                    break-seal,
         constraint sealed                                 execute,
         in one-shot .tza                                  destroy-session
              ↓                                                ↑
              └─────────── handed to ──────────────────────────┘
                                      ↓
                                tibet-continuityd
                                audit JSONL
                                      ↓
                                tibet-cbom
                                timeline walk

Why this beats traditional secret stores

Property HashiCorp Vault tibet-keychain
Encrypted at rest
ACL / policy controlled
Causal history of secret
Custody-transition chain
Exposure events recorded partial
Audit walkable cross-bundle
Identity-bound rotation chain
Regulator-auditable timeline partial

Use cases

Infrastructure: SSH keys, database credentials, root access — all stored with custody chain, rotated through signed transitions.

Agent workflows: PyPI tokens, crates.io tokens, GitHub PATs — agents never see them; they request a SAM capsule that the gateway executes against, the keychain logs the request.

Smart contracts: signing keys with explicit "who can request a signing capsule for which contract address" policy, every signing event in the timeline.

Compliance evidence: regulator asks "who could have signed this? who actually did?" — the keychain timeline answers both.

Install

pip install tibet-keychain[full]

This pulls tibet-drop (= sealed envelope substrate) and tibet-cbom (= timeline renderer) as soft dependencies.

Status

v0.1.0 — package skeleton + spec. Implementation track for full secret storage + sealed-bundle integration follows; designed to land in time for IETF spec referencing and Marco van Hurne / W3C demos.

Spec source: /srv/jtel-stack/hersenspinsels/tibet-vault-key-custody-and-sealed-secret-timeline-2026-05-12.md

License

MIT — Humotica + Root AI + Codex (2026)

Enterprise

For private hub hosting, SLA support, custom integrations, or compliance guidance:

Enterprise enterprise@humotica.com
Support support@humotica.com
Security security@humotica.com

Credits

Designed by Jasper van de Meent. Built by Jasper and Root AI as part of HumoticaOS.


Stack-positie: Groep substrate · Bootstrap = OSAPI-handshake naar tibet + jis (fail → snaft-rule + tibet-pol-rapport) · ← tibet-vault · tibet-sam → · See STACK.md · See demo/golden-path/ for the spine end-to-end.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

tibet_keychain-0.1.1.tar.gz (9.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

tibet_keychain-0.1.1-py3-none-any.whl (8.5 kB view details)

Uploaded Python 3

File details

Details for the file tibet_keychain-0.1.1.tar.gz.

File metadata

  • Download URL: tibet_keychain-0.1.1.tar.gz
  • Upload date:
  • Size: 9.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.5

File hashes

Hashes for tibet_keychain-0.1.1.tar.gz
Algorithm Hash digest
SHA256 47c491fe73855e24b6d6b5d13af5671c393550c4b718c33e42a2336329fd68e5
MD5 33a5005204cbbea844c0a9d3e81e2d35
BLAKE2b-256 88006b28265d30df516a37403c88cdf158c63987bd8aacd03eeeecce45323c57

See more details on using hashes here.

File details

Details for the file tibet_keychain-0.1.1-py3-none-any.whl.

File metadata

  • Download URL: tibet_keychain-0.1.1-py3-none-any.whl
  • Upload date:
  • Size: 8.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.5

File hashes

Hashes for tibet_keychain-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 0631d9a34e53984d814889fd64e17c81bf9c24dd193425c3bec916e702041759
MD5 d47f9a11ad11bbf83e27719f00c7aa7f
BLAKE2b-256 d3000f4e03c37cde64e6bba57fae3c9358ab3e0eb479828956efe3887a4c2fa6

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page