Skip to content

feat(keeper): attestLaunch client (L2 launch attestation) — v0.4.0 #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
bdelanghe merged 1 commit into from
Jun 23, 2026
Merged

feat(keeper): attestLaunch client (L2 launch attestation) — v0.4.0 #8

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion jsr.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@bounded-systems/door-kit",
"version": "0.3.0",
"version": "0.4.0",
"license": "PolyForm-Noncommercial-1.0.0",
"exports": {
"./keeper": "./lib/keeper.ts",
Expand Down
35 changes: 35 additions & 0 deletions lib/keeper.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -316,6 +316,41 @@ export async function importAndPush(
});
}

/** A launch (L2) attestation request: attest that a room was launched holding
* exactly these doors. `manifest` is the room's resolved door set — authority is
* the held references, so the daemon digests it into the attestation. */
export type AttestLaunchOptions = {
/** The launched room/box id (the subject of the launch attestation). */
subject: string;
/** The room's resolved door set / manifest (authority = held references). */
manifest: unknown;
};

/** keeperd's verdict for an attest-launch: `ok` carries the signed L2 plus its
* content-address (`l2LaunchDigest`, what an L3 write links back to). */
export type AttestLaunchResult =
| {
status: "ok";
subject: string;
manifestDigest: string;
l2LaunchDigest: string;
attestation: unknown;
}
| { status: "error"; code: string; message: string };

/**
* Ask a signer door to produce a signed **L2 launch attestation** over a room +
* the doors it holds. The launcher acts THROUGH the door — the signing key never
* leaves the daemon (ocap credential isolation). The human is a guest too, so the
* launcher is just the launching guest's own signer door.
*/
export async function attestLaunch(options: AttestLaunchOptions): Promise<AttestLaunchResult> {
return request<AttestLaunchResult>("attest-launch", {
subject: options.subject,
manifest: options.manifest,
});
}

/**
* Sign arbitrary data via keeperd.
*
Expand Down
2 changes: 1 addition & 1 deletion package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@bounded-systems/door-kit",
"version": "0.3.0",
"version": "0.4.0",
"private": true,
"type": "module",
"description": "In-box door-client SDK for claude-box's capability doors (keeper/scout/concierge/spawn), over the guest-room protocol.",
Expand Down
Loading