feat: add access capabilities for logging in#4
Merged
Conversation
frrist
approved these changes
May 11, 2026
Adds a function that gets attestations for a given set of proofs for an invocation. i.e. you call `ProofChain(..)` and then pass the proofs you recieve to `ProofAttestations(...)` to get any needed attestations. I have also refactored the interfaces for dependencies to proof chain - they are now function types and not interfaces (which should actually be a bit easier to pass in) and have also been renamed. What was a "finder" is now a "lister", but "matcher" stays the same. The reason is that "finder" and "matcher" are a bit too similar (and actually have the same signature for their functions), "finder" (now "lister") gets delegations with the EXACT parameters, whereas "matcher" gets delegations that _match_ the parameters. e.g. subject could be an exact match or it could be `nil` (for a powerline delegation) and command could be an exact match on `/msg/send` or it could be `/msg` or `/`. Cherry picks from #2 and adds the remaining missing capabilities. Also, (sorry!) removes the `CborTime` type. This is unnecessarily accurate (to nanoseconds) and was being used to specify expiry time of a UCAN, which has a resolution of seconds, so was unnecessary. Moves error definitions from Sprue to the library so that they can be used in clients to disambiguate invocation errors. Upgrades `dag-json-gen` dependency and re-generates `dag-json` serializers/deserializers. Error messages are a lot more informative, and avoid linter complains about capitalization. Ports `jobqueue` and `bytemap` from `storacha/go-libstoracha`. --------- Co-authored-by: Petra Jaros <peeja@peeja.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR adds capabilities to enable login to the Forge network via email. Also stashing/claiming delegations to spaces.
Differences from UCAN 0.9:
access/authorizeto/access/request. This was the desired name originally but a previous iteration of the service already tookaccess/requestso we had to choose something different./access/requestreturn value now includes a promise value - the confirmation task CID. In UCAN 0.9 effects are communicated outside of the arguments so this is only seen in the implementation foraccess/authorizenot the capability definition./access/claimand/access/confirmreturn a list of CIDs of delegations instead of a map of bytes. These capabilities were originally created before we had the ability to return other blocks in the response in addition to the receipt block, so it necessitated encoding the delegation directly in the receipt. Now the delegations can be sent in the response container.