Skip to content

Commit 123ef31

Browse files
authored
docs(readme): add the 6-language verifier matrix (4 live, 2 publishing soon) (#132)
Surface the now-live multi-language offline verifiers in the main README and the docs site. Credentials are issued once (Python core or cloud) and verify anywhere against the shared spec/verify/v1 conformance suite. README: replace the single JS/TS verifier subsection with a Verify in any language section — a Language/Install/Status table (Python/JS/Go/Rust live; Java publishing soon, R coming to CRAN), the one-signature trust story, and links to each repo, attestix.io/verify, and the bundle wire-format spec. Website: new docs/verifiers.mdx (registered in meta.json) with the honest status table, per-language install, verifyCredential examples for Python/JS/Go, and links to /verify and /spec/bundle/v1. Verifier-only framing (issuance stays Python/cloud); evidence-tooling and Sepolia-testnet caveats retained. Java/R marked publishing soon/coming — not yet on Maven Central or CRAN.
1 parent 724ebf5 commit 123ef31

3 files changed

Lines changed: 95 additions & 16 deletions

File tree

README.md

Lines changed: 21 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -85,22 +85,27 @@ streamlit run demo/webapp/app.py # Opens at http://localhost:8501
8585
python examples/quickstart.py # Full 9-module workflow in 0.1 seconds
8686
```
8787

88-
### JS / TS verifier
89-
90-
Verify Attestix-issued credentials offline from JavaScript or TypeScript:
91-
92-
```bash
93-
npm install attestix
94-
```
95-
96-
Source: <https://github.com/VibeTensor/attestix-js> · npm: <https://www.npmjs.com/package/attestix>
97-
98-
Same canonical-JSON form (RFC 8785) and Ed25519 verification (RFC 8032) as
99-
the Python core. ~68 KB packaged, one runtime dependency
100-
(`@noble/curves`). The pre-rename scoped name `@vibetensor/attestix` is
101-
deprecated — see the
102-
[npm rename migration guide](https://attestix.io/docs/guides/migration-npm-rename)
103-
if you are upgrading.
88+
## Verify in any language
89+
90+
Attestix credentials are issued once (Python core or cloud) and verify
91+
**anywhere**. Six independent verifier implementations share one conformance
92+
suite (`spec/verify/v1`) — verify offline, no Python runtime, zero trust in the
93+
issuer. The verifiers are verifier-only: issuance stays in the Python core.
94+
95+
| Language | Install | Status |
96+
|----------|---------|--------|
97+
| **Python** | `pip install attestix` | live (full lib: issue + verify) |
98+
| **JS / TS** | `npm install attestix` | live ([attestix-js](https://github.com/VibeTensor/attestix-js)) |
99+
| **Go** | `go get github.com/VibeTensor/attestix-go` | live ([attestix-go](https://github.com/VibeTensor/attestix-go)) |
100+
| **Rust** | `cargo add attestix` | live ([attestix-rs](https://github.com/VibeTensor/attestix-rs)) |
101+
| **Java** | `com.vibetensor:attestix:0.4.0` | publishing soon ([attestix-java](https://github.com/VibeTensor/attestix-java)) |
102+
| **R** | `install.packages("attestix")` | coming to CRAN ([attestix-r](https://github.com/VibeTensor/attestix-r)) |
103+
104+
Every verifier checks the same canonical-JSON form ([RFC 8785](https://www.rfc-editor.org/rfc/rfc8785))
105+
and Ed25519 signatures ([RFC 8032](https://www.rfc-editor.org/rfc/rfc8032)) against
106+
the shared [`spec/verify/v1`](https://github.com/VibeTensor/attestix/tree/main/spec/verify/v1)
107+
vectors. Verify in the browser at <https://attestix.io/verify>, or read the
108+
bundle wire-format at <https://attestix.io/spec/bundle/v1>.
104109

105110
## Why Attestix
106111

website/content/docs/meta.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@
33
"pages": [
44
"index",
55
"getting-started",
6+
"verifiers",
67
"---Quickstart by role---",
78
"quickstart",
89
"examples",

website/content/docs/verifiers.mdx

Lines changed: 73 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,73 @@
1+
---
2+
title: Verifiers — verify Attestix credentials in any language
3+
description: Attestix credentials are issued once and verify anywhere. Six independent verifier implementations share one conformance suite — offline, no Python runtime, zero trust in the issuer.
4+
---
5+
6+
An Attestix credential is issued once — by the Python core or Attestix Cloud — and verifies **anywhere**. Six independent verifier implementations all check the same canonical-JSON form ([RFC 8785](https://www.rfc-editor.org/rfc/rfc8785)) and the same Ed25519 signatures ([RFC 8032](https://www.rfc-editor.org/rfc/rfc8032)) against one shared conformance suite, [`spec/verify/v1`](https://github.com/VibeTensor/attestix/tree/main/spec/verify/v1).
7+
8+
The result: a regulator, an auditor, or a peer agent can confirm a Verifiable Credential offline, with no network access and no Python runtime, and **zero trust in the issuer** — the math either checks out or it does not.
9+
10+
> **Verifier-only.** These language ports *verify* credentials and delegations; they do not *issue*. Issuance stays in the Python core (`pip install attestix`) or in Attestix Cloud. If you need to mint credentials, use Python.
11+
12+
## Status
13+
14+
Four verifiers are live on their language registries today; Java and R are publishing soon.
15+
16+
| Language | Install | Status |
17+
|----------|---------|--------|
18+
| **Python** | `pip install attestix` | Live — full library (issue + verify) |
19+
| **JS / TS** | `npm install attestix` | Live — [attestix-js](https://github.com/VibeTensor/attestix-js) |
20+
| **Go** | `go get github.com/VibeTensor/attestix-go` | Live — [attestix-go](https://github.com/VibeTensor/attestix-go) |
21+
| **Rust** | `cargo add attestix` | Live — [attestix-rs](https://github.com/VibeTensor/attestix-rs) |
22+
| **Java** | `com.vibetensor:attestix:0.4.0` | Publishing soon — [attestix-java](https://github.com/VibeTensor/attestix-java) |
23+
| **R** | `install.packages("attestix")` | Coming to CRAN — [attestix-r](https://github.com/VibeTensor/attestix-r) |
24+
25+
Prefer not to install anything? Verify a credential in your browser at [attestix.io/verify](https://attestix.io/verify), or read the bundle wire-format at [attestix.io/spec/bundle/v1](https://attestix.io/spec/bundle/v1).
26+
27+
## Code examples
28+
29+
Each verifier exposes a `verifyCredential` entry point that takes a credential JSON and the issuer's DID document (or embedded public key) and returns a structured pass/fail result. No network calls.
30+
31+
### Python
32+
33+
```python
34+
from attestix.services.credential_service import CredentialService
35+
36+
ok = CredentialService().verify_credential_offline(
37+
credential=vc, # the VC JSON
38+
did_document_path="did-document.json",
39+
)
40+
# -> True, or False with a reason
41+
```
42+
43+
### JavaScript / TypeScript
44+
45+
```ts
46+
import { verifyCredential } from "attestix";
47+
48+
const result = await verifyCredential(vc, { didDocument });
49+
if (!result.valid) {
50+
console.error(result.reason);
51+
}
52+
// result.valid: boolean — Ed25519 over RFC 8785 canonical JSON
53+
```
54+
55+
### Go
56+
57+
```go
58+
import "github.com/VibeTensor/attestix-go/verify"
59+
60+
result, err := verify.VerifyCredential(vc, didDocument)
61+
if err != nil {
62+
log.Fatal(err)
63+
}
64+
fmt.Println(result.Valid) // true if the Ed25519 signature checks out
65+
```
66+
67+
## One signature, six readers
68+
69+
Every verifier is exercised against the shared [`spec/verify/v1`](https://github.com/VibeTensor/attestix/tree/main/spec/verify/v1) vectors before release, so a credential that passes in Python passes identically in Go, Rust, or the browser. That conformance suite — not any single implementation — is the source of truth for what "valid" means.
70+
71+
See the [Offline Verification Walkthrough](/docs/guides/offline-verify) for an end-to-end regulator scenario, and the [bundle wire-format spec](https://attestix.io/spec/bundle/v1) for the on-the-wire format.
72+
73+
> Attestix produces cryptographically signed evidence; it is an evidence-tooling system, not a legal guarantor of compliance. Blockchain anchoring, where used, targets Base L2 (Sepolia testnet). Always consult qualified legal counsel for compliance decisions.

0 commit comments

Comments
 (0)