Skip to main content

Touchstone SDK — verify a disclosure (zero deps) and mint one (the [record] extra).

Project description

touchstone-verify

Independently verify a Touchstone disclosure — in pure Python, with zero dependencies. Read it before you trust it: it's a small, self-contained file.

A disclosure is a tamper-evident slice of an agent's action log. This package re-derives, with no trust in Touchstone, that the slice is intact (entry hashes recompute), attributed (the subject's Ed25519 signature holds, epoch-aware across key rotation), and ordered (hash-chained, with checkpoints that are append-only, server-signed, and witness-co-signed). It also checks selective-disclosure field proofs and reports the external anchors. It proves tampering by anyone who is not Touchstone — it does not prove completeness, and says so.

It agrees byte-for-byte with the other two Touchstone verifiers (verify.php, verifier.js): all three are tested against the same conformance corpus.

Install

pip install touchstone-verify

Use

Command line — pass a file, a URL, or a disclosure token:

touchstone-verify https://touchstone.cv/d/833cd4ca23fbb940dd71843ca47a807e
touchstone-verify ./bundle.json
touchstone-verify 833cd4ca23fbb940dd71843ca47a807e        # fetches from touchstone.cv

Exit code 0 = verified, 1 = a load-bearing check failed, 2 = couldn't load.

Library:

from touchstone_verify import verify_disclosure
import json, urllib.request

bundle = json.load(urllib.request.urlopen("https://touchstone.cv/d/<token>"))
result = verify_disclosure(bundle)
print(result["ok"])           # True / False
for e in result["entries"]:
    for c in e["checks"]:
        print(c["ok"], c["msg"])

Grade a receipt's columns by k

from touchstone_verify import grade_columns, find_columns
import json, urllib.request

doc = json.load(urllib.request.urlopen("https://touchstone.cv/columns/<recorder>/<seq>"))
cols, digest = find_columns(doc)
r = grade_columns(cols, digest)
print(r["coherent"], r["min_k"])     # True / cheapest falsehood path (min k across load-bearing columns)

k is the minimum number of independent parties who must collude before a column can be false, computed from the evidence (never the declared grade): k=0 re-derivable, k = 1 + distinct-control witnesses (co-sigs collapse on a shared key or a receipt-carried controller binding, so it's an upper bound), k=1 testimony. Declaring more strength than the evidence supports fails closed.

Mint a receipt (the producer half)

Verification is dependency-free; minting needs an Ed25519 signer, so it lives behind an extra:

pip install "touchstone-verify[record]"
from touchstone_verify import Recorder

# reads TOUCHSTONE_RECORDER / _API_KEY / _SUBJECT / _SIGNING_KEY (or _KEY_FILE={"seed_b64":…})
r = Recorder.from_env()
rc = r.record({"kind": "invoice", "amount": 100}, event_type="invoice")
print(rc.seq, rc.entry_hash)          # the server's assignment; local_entry_hash_ok() confirms it

rc.wait_for_anchor()                  # blocks until the next checkpoint sweeps this seq
print(rc.verify())                    # payload_hash → entry_hash → checkpoint root  (ok: True)

Your key never leaves the process, and the payload is canonicalized locally using the same jcs / entry-hash code this package verifies with — one crypto core, no drift — so a malicious server cannot make you sign a different commitment than you intended. Receipt.verify() walks the receipt to its Bitcoin-anchored checkpoint (finish with ots verify on your own node). For a fully trustless recorder whose every entry is inclusion-provable, provision it with app:provision-recorder --inclusion-public.

What it checks

  • Integrity — every entry_hash recomputes from its fields, including the beacon fold: a beacon_binding recorder's entries carry server_beacon = {chain, round, randomness} as a final beacon:<chain>:<round>:<randomness> line of the preimage (a checkable not-before). Absent → the exact legacy 7-field preimage, so older entries verify unchanged.
  • Attribution — the subject signature verifies over the canonical signed content; genesis proof-of-possession; key_rotation new-key PoP; counterparty co-signatures.
  • Orderingprev_hash chain linkage; Merkle inclusion in the cited checkpoint.
  • Checkpoints — server signature over each Merkle root; append-only linkage between consecutive checkpoints; independent witness co-signatures.
  • Selective disclosure — each revealed field proves Merkle inclusion in payload_hash; withheld fields never appear in the bundle.

For split-view / Bitcoin-anchor cross-checking across independent relays, see the companion gossip_check.py at https://touchstone.cv/gossip_check.py.

License

Apache-2.0.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

touchstone_verify-0.5.0.tar.gz (26.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

touchstone_verify-0.5.0-py3-none-any.whl (23.7 kB view details)

Uploaded Python 3

File details

Details for the file touchstone_verify-0.5.0.tar.gz.

File metadata

  • Download URL: touchstone_verify-0.5.0.tar.gz
  • Upload date:
  • Size: 26.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for touchstone_verify-0.5.0.tar.gz
Algorithm Hash digest
SHA256 085f00bcf0defcbeaf520394995bee55690ac39a80f916b2d2f63e63d50f51cd
MD5 1791b5d5a221289d7dfc98f738e18e12
BLAKE2b-256 ec5cc0ff5ea5410d11cff6c4afefb0aacbf679b1185c92ed094922fe1de93fb3

See more details on using hashes here.

Provenance

The following attestation bundles were made for touchstone_verify-0.5.0.tar.gz:

Publisher: release.yml on Touchstone-CV/touchstone-verify

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file touchstone_verify-0.5.0-py3-none-any.whl.

File metadata

File hashes

Hashes for touchstone_verify-0.5.0-py3-none-any.whl
Algorithm Hash digest
SHA256 5f822833c9ee3d7c16179628891893b53c65d21d25994a2a502e62b5a5d9519f
MD5 bb7dd8cc868546120706e898547ff112
BLAKE2b-256 d4d8a2008eb26d4bd6903cc2612f6c9204fcbd9e8356a27a45bcd1631c7992ec

See more details on using hashes here.

Provenance

The following attestation bundles were made for touchstone_verify-0.5.0-py3-none-any.whl:

Publisher: release.yml on Touchstone-CV/touchstone-verify

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page