No description
- Go 100%
737a5c3dc4
Snider correction 2026-05-01: one Service per repo, not one per subpackage. Drops go/auth/service.go + go/trust/service.go from prior session and replaces with a single go/trust/service.go (package trust) wrapping the auth Authenticator + trust Registry/Policy/Approval/ Audit handles + the stateless crypt encryption primitives. Action namespaces preserve the per-domain shape: auth.* / trust.* / crypt.*. Hosted in trust/ to avoid the auth↔crypt import cycle (auth already imports crypt; trust has no internal go-crypt deps). Direct method use stays available on svc.Authenticator / svc.Registry / svc.Policy / svc.Queue / svc.Audit for richer signatures (RotateKeyPair, RevokeKey, WriteChallengeFile, etc.) which are not IPC-serialisable. Co-Authored-By: Cladius <noreply@anthropic.com> |
||
|---|---|---|
| .core | ||
| .forgejo/workflows | ||
| .idea | ||
| docs | ||
| external | ||
| go | ||
| .editorconfig | ||
| .gitignore | ||
| .gitmodules | ||
| .golangci.yml | ||
| .woodpecker.yml | ||
| AGENTS.md | ||
| CLAUDE.md | ||
| CONTRIBUTING.md | ||
| go.work | ||
| LICENCE | ||
| README.md | ||
| sonar-project.properties | ||
| UPGRADE.md | ||
go-crypt
Cryptographic primitives, authentication, and trust policy engine for the Lethean agent platform. Provides symmetric encryption (ChaCha20-Poly1305 and AES-256-GCM with Argon2id KDF), OpenPGP challenge-response authentication with online and air-gapped courier modes, Argon2id password hashing, RSA-OAEP key generation, RFC-0004 deterministic content hashing, and a three-tier agent trust policy engine with an audit log and approval queue.
Module: forge.lthn.ai/core/go-crypt
Licence: EUPL-1.2
Language: Go 1.25
Quick Start
import (
"forge.lthn.ai/core/go-crypt/crypt"
"forge.lthn.ai/core/go-crypt/auth"
"forge.lthn.ai/core/go-crypt/trust"
)
// Encrypt with ChaCha20-Poly1305 + Argon2id KDF
ciphertext, err := crypt.Encrypt(plaintext, passphrase)
// OpenPGP authentication
a := auth.New(medium, auth.WithSessionStore(auth.NewSQLiteSessionStore(dbPath)))
session, err := a.Login(userID, password)
// Trust policy evaluation
engine := trust.NewPolicyEngine(registry)
decision := engine.Evaluate("Charon", "repo.push", "core/go-crypt")
Documentation
- Architecture — crypt primitives, auth protocol, trust tiers, policy engine
- Development Guide — building, testing, security standards
- Project History — completed phases and known limitations
Build & Test
go test ./...
go test -race ./...
go build ./...
Licence
European Union Public Licence 1.2 — see LICENCE for details.