atproto-identity

Crates.io	atproto-identity
lib.rs	atproto-identity
version	0.11.2
created_at	2025-05-29 22:18:39.865521+00
updated_at	2025-08-20 18:53:26.059235+00
description	AT Protocol identity management - DID resolution, handle resolution, and cryptographic operations
homepage	https://tangled.sh/@smokesignal.events/atproto-identity-rs
repository	https://tangled.sh/@smokesignal.events/atproto-identity-rs
max_upload_size
id	1694464
size	272,479

Nick Gerakines (ngerakines)

documentation

https://docs.rs/atproto-identity

README

atproto-identity

AT Protocol identity management for DID resolution, handle resolution, and cryptographic operations.

Overview

Core identity functionality for AT Protocol applications including multi-method DID resolution (plc, web, key), DNS/HTTP handle resolution, and P-256/P-384/K-256 key operations.

Features

Multi-method DID resolution: Support for did:plc, did:web, and did:key methods
Handle resolution: DNS TXT record and HTTP .well-known endpoint resolution with conflict detection
Cryptographic operations: P-256, P-384, and K-256 elliptic curve key generation, signing, and validation
Identity validation: Input validation for handles and DIDs following AT Protocol specifications
Document storage: LRU cache-based DID document storage with pluggable backends
Configuration management: Environment variable handling and DNS nameserver configuration

CLI Tools

The following command-line tools are available when built with the clap and hickory-dns features:

atproto-identity-resolve: Resolve AT Protocol handles and DIDs to canonical identifiers with optional DID document output
atproto-identity-key: Generate cryptographic keys for P-256, P-384, and K-256 curves
atproto-identity-sign: Create cryptographic signatures of JSON data using private keys
atproto-identity-validate: Validate cryptographic signatures against public keys

Library Usage

Handle Resolution

use atproto_identity::resolve::{resolve_subject, create_resolver};

let http_client = reqwest::Client::new();
let dns_resolver = create_resolver(&[]);

let did = resolve_subject(&http_client, &dns_resolver, "alice.bsky.social").await?;

Key Operations

use atproto_identity::key::{identify_key, generate_key, validate, KeyType};

// Generate a new key
let private_key = generate_key(KeyType::P256Private)?;

// Identify existing key
let key_data = identify_key("did:key:zQ3sh...")?;

// Validate signature
validate(&key_data, &signature, content)?;

Command Line Usage

All CLI tools require the clap feature:

# Build with CLI support
cargo build --features clap,hickory-dns --bins

# Resolve a handle to DID
cargo run --features clap,hickory-dns --bin atproto-identity-resolve -- alice.bsky.social

# Generate a new P-256 key
cargo run --features clap --bin atproto-identity-key -- generate p256

# Sign JSON data
cargo run --features clap --bin atproto-identity-sign -- did:key:zQ3sh... data.json

# Verify a signature
cargo run --features clap --bin atproto-identity-validate -- did:key:zQ3sh... data.json signature

License

MIT License

Commit count: 0

atproto-identity

documentation

README

atproto-identity

Overview

Features

CLI Tools

Library Usage

Handle Resolution

Key Operations

Command Line Usage

License

cargo fmt