Skip to content

feat: KYC attribute proof hook with trust402 integration#7

Open
aggre wants to merge 2 commits into
mainfrom
feat/kyc-attribute-proof
Open

feat: KYC attribute proof hook with trust402 integration#7
aggre wants to merge 2 commits into
mainfrom
feat/kyc-attribute-proof

Conversation

@aggre
Copy link
Copy Markdown
Member

@aggre aggre commented May 8, 2026

Summary

Proof-before-payment: agent attaches identity proof via X-PAYMENT-IDENTITY header, worker verifies KYC attributes before granting access.

Phase 1 (commit 34c2ecb)

  • Agent: KycCredential types, buildKycCredential/buildIdentityArtifact
  • Worker: KYC verification (hasRole/hasScope/hasPermission), /kyc-check endpoint
  • Predefined gates: basic, amlCompliance, stablecoinPayment, stablecoinIssuance, institutional

Phase 2 (commit 423d4d1)

  • trust402 added as git submodule (vendors/trust402/)
  • pnpm workspace configured for @trust402/identity, @trust402/protocol, @trust402/roles
  • Mock implementations deleted — replaced by real trust402 imports
  • Agent: buildIdentityArtifact() uses register() + prove() from @trust402/identity
  • Worker: extractIdentityArtifact() reads X-PAYMENT-IDENTITY header (Base64-encoded JSON)
  • X-PAYMENT-IDENTITY keeps x402 PAYMENT-SIGNATURE spec-compliant while layering identity

Header Design

  • PAYMENT-SIGNATURE — x402 standard payment payload (unchanged)
  • X-PAYMENT-IDENTITY — Base64-encoded JSON { commitOutput, identityProof, docHash, credential }
  • Worker verifies payment first (x402), then checks KYC proof

Test Results

  • 61 tests passing (worker: 41, agent: 20)
  • TypeScript strict: OK
  • trust402 packages build: OK

Related: D2 KYC attribute proof hook for PPSI article (Z2) demo

aggre added 2 commits May 8, 2026 03:21
@aggre
feat: add KYC attribute proof hook (mock-based, phase 1)
34c2ecb 
- Agent: KycCredential types, buildKycCredential/buildIdentityArtifact
- Worker: KYC verification (hasRole/hasScope/hasPermission), /kyc-check endpoint
- Predefined gates: basic, amlCompliance, stablecoinPayment, stablecoinIssuance, institutional
- Mock implementations for @trust402/identity, @trust402/protocol, @trust402/roles
- 55 tests passing
@aggre
feat: integrate trust402 for KYC proof-before-payment
423d4d1 
- Add trust402 as git submodule (vendors/trust402)
- Configure pnpm workspace to include trust402 packages
- Replace mock implementations with real @trust402/identity + @trust402/protocol
- Agent: buildIdentityArtifact() uses register() + prove() from trust402
- Worker: extractIdentityArtifact() from X-PAYMENT-IDENTITY header (Base64)
- Add .env.example for local development
- Delete packages/agent/src/mocks/ (replaced by real trust402 imports)
- 61 tests passing, TypeScript strict compilation OK
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@aggre