Skip to content

Commit a579bf3

Browse files
committed
feat(did-nostr): ADR-125 Multikey convergence + ADR-124 gitmark build-out + bump agentbox
New ADR-125 (supersedes ADR-074 D2/D3/D4/D13 only; D1 preserved) and ADR-074-D2-supersession note; ADR-074 banners added. ADR-124 build-out consolidated to a single canonical gitmark/blocktrails plan (removed the duplicate draft - single impl). Conformance fixtures + schema + CHECKSUMS re-baselined to canonical Multikey (sha256sum -c: all OK). src/web_contract substrate registered via src/lib.rs. cargo check -p visionclaw-server --lib clean; web_contract 20/0, uri 16/0. Bumps agentbox submodule to 1125c22 (Multikey convergence). Also includes the CLAUDE.md /web-researcher routing edit (incidental drift, per commit-everything). Invariants I1-I4 hold; web_contract live-git wiring remains greenfield (C6 follow-up). Co-Authored-By: jjohare <github@thedreamlab.uk>
1 parent c492e31 commit a579bf3

17 files changed

Lines changed: 2329 additions & 99 deletions

CLAUDE.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -73,8 +73,8 @@ Wardley maps / strategic analysis? --> /wardley-maps, /report-builder
7373
UI/UX design? --> /ui-ux-pro-max-skill, /bencium-*, /design-audit, /typography
7474
Architecture review? --> /vanity-engineering-review, /renaissance-architecture, /human-architect-mindset
7575
Ground reasoning in our formal ontology/KG ("what does our KG say about X", subgraph, SPARQL, governed writeback)? --> /ontology-augment (PRD-020 binding; ontology_ask, fail-open, budget-bounded)
76-
Research + NotebookLM? --> /notebooklm, /perplexity-research, /gemini-url-context
77-
Deep cited research? --> /deep-research (parallel agents, provenance, verification)
76+
Web search — fast synthesized answer (closed engine)? --> /perplexity-research | verifiable, reputation-attached, you-pick-the-engine + trusted-domain lenses + verify_citation (academic/legal/clinical/SEC/patent)? --> /web-researcher (v1.33.0) | known URLs --> /gemini-url-context ; NotebookLM --> /notebooklm
77+
Deep cited research (multi-agent fan-out + adversarial verify, orchestrates the above)? --> /deep-research (parallel agents, provenance, verification)
7878
Optimize a metric iteratively? --> /autoresearch (experiment loop, keep/discard)
7979
Add source verification? --> /provenance-tracking (.provenance.md sidecar)
8080
Owner's personal email (invoices, threads, "did X email me", find a name)? --> /email-search (ask_email; local gateway, privacy-filtered; NOT work mail/calendar)

docs/adr/ADR-074-D2-supersession-multikey-convergence.md

Lines changed: 319 additions & 0 deletions
Large diffs are not rendered by default.

docs/adr/ADR-074-cross-system-did-nostr-canonicalisation.md

Lines changed: 30 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,8 +2,9 @@
22

33
| Field | Value |
44
|-------|-------|
5-
| Status | Proposed (2026-05-07) |
5+
| Status | Accepted — **§D2/§D3/§D4/§D13 SUPERSEDED by ADR-125 / ADR-074 §D2′ (2026-06-15)**; §D1 and §D5–§D12 RETAINED |
66
| Drives | PRD-010 G1, G5, G6 |
7+
| Supersession | The DID-document *shape* clauses (§D2 2019-suite document, §D3 `z…` base58btc multibase, §D4 Tier-1/Tier-3 split, §D13 anti-drift) are superseded by `docs/adr/ADR-125-did-nostr-multikey-convergence.md` (= `ADR-074-D2-supersession-multikey-convergence.md`, §D2′), which adopts the canonical `DIDNostr`/`Multikey`/`publicKeyMultibase "fe70102<hex>"` single form. **§D1 (canonical hex pubkey) is RETAINED UNCHANGED (invariant I4).** §D5–§D12 (resolution, delegation grammar, kind-30033, WAC) are unaffected. |
78
| Supersedes | ADR-027 (DID identity stack — extends) |
89
| Companion ADRs | ADR-073, ADR-075, ADR-076 |
910
| Companion DDD | `docs/ddd-mesh-federation-context.md` |
@@ -60,6 +61,12 @@ Enforcement points:
6061

6162
### D2 — Canonical DID Document shape (Tier-3, all emitters)
6263

64+
> **SUPERSEDED by ADR-125 / §D2′ (2026-06-15).** The shape below (2019 suite,
65+
> `publicKeyHex`, `secp256k1-2019/v1` context, `#key-0`, absolute auth refs) is no
66+
> longer emitted. The canonical single form is `DIDNostr` / `Multikey` /
67+
> `publicKeyMultibase "fe70102<hex>"` — see ADR-125 §2 / ADR-074 §D2′ §1. Retained
68+
> here for historical reference only; conformance gates now **reject** this shape.
69+
6370
```jsonld
6471
{
6572
"@context": [
@@ -90,13 +97,24 @@ Required fields: `@context`, `id`, `verificationMethod`, `authentication`. `asse
9097

9198
### D3 — Multibase encoding
9299

100+
> **SUPERSEDED by ADR-125 §D3′ / ADR-074 §D2′ §2.** The `z…` base58btc encoding
101+
> below is replaced by base16 `publicKeyMultibase = "fe70102" + <x-only-hex>`
102+
> (multibase `f`, secp256k1-pub varint `e701`, even-y parity `02`, then the
103+
> 32-byte x-only hex; 71 chars). The new §2 text states the varint framing
104+
> correctly; the prose below is retained verbatim (historical) and is not edited.
105+
93106
`publicKeyMultibase` = `z` + base58btc(`0xe7 0x01` || `pk_32_bytes`).
94107
- `0xe7` = multicodec for `secp256k1-pub`.
95108
- `0x01` = varint-1 (the codec byte is itself encoded as varint; for codec values < 0x80, varint is 1 byte).
96109
- Per `pod-worker/src/did.rs:168 format_multibase_schnorr`, already correctly implemented forum-side.
97110

98111
### D4 — Tier-1 vs Tier-3
99112

113+
> **SUPERSEDED by ADR-125 §D4′ / ADR-074 §D2′.** There is no tier split. One
114+
> canonical document; `service[]` MAY be empty (minimal) or populated
115+
> (production). `@context`, `id`, `type`, `verificationMethod`, `authentication`,
116+
> `assertionMethod` are fixed and always present.
117+
100118
Tier-1 is the minimal DID Document — `@context`, `id`, `verificationMethod`. Used in low-bandwidth contexts (pure resolver responses with no service entries).
101119

102120
Tier-3 adds `alsoKnownAs`, `service`, `assertionMethod`. Used as the default for all production resolutions.
@@ -236,6 +254,17 @@ Out of scope for PRD-010 P0-P4 but specified here for forward compatibility:
236254

237255
### D13 — Anti-drift CI assertions
238256

257+
> **SUPERSEDED by ADR-125 §D13′ / ADR-074 §D2′ §5 (polarity inverted).** The
258+
> first two assertions below (require the 2019 suite type; require the
259+
> `secp256k1-2019/v1` context) are **deleted and inverted** — those shapes are now
260+
> the must-**reject** negatives. The replacement CI gate asserts:
261+
> `type == "DIDNostr"` (top-level), `verificationMethod[0].type == "Multikey"`,
262+
> `publicKeyMultibase` matches `^fe70102[0-9a-f]{64}$` AND equals
263+
> `"fe70102" + doc.id-body`, no `publicKeyHex` field, exact two-context
264+
> `["https://w3id.org/did","https://w3id.org/nostr/context"]`. The pubkey-form and
265+
> HKDF-info assertions below are **RETAINED** (the pubkey form is §D1, invariant
266+
> I4). Original text kept for history:
267+
239268
Each repo's CI MUST assert:
240269
- DID Document type: `verificationMethod[0].type == "SchnorrSecp256k1VerificationKey2019"`.
241270
- @context order: `did/v1` precedes `secp256k1-2019/v1`.

0 commit comments

Comments
 (0)