From 2276f4da095d0ba1faabbac656bf16edc949b84a Mon Sep 17 00:00:00 2001 From: Codex Date: Fri, 12 Jun 2026 07:59:23 +0200 Subject: [PATCH] docs(P3.5+P4.1+W.1): canonical JSON spec, countersignature ADR, witness ADR MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ATTESTO-CANONICAL-JSON-001 freezes the byte-level rules every hash and signature depends on (normalization table, no-whitespace serialization, FIX-11 number policy, domain framing) and names golden-vectors/sdk-parity/ as the normative conformance corpus with a 6-step checklist for new implementations; hashed into the release manifest and linked from all three SDK READMEs + the crypto review checklist. ADR-0006 (client countersignatures) specifies the full P4.1 scheme — signed bytes under attesto.v2.client-event over commitments, kid registry with rotation-safe resolution at occurred_at, replay analysis, binding claim wording — status proposed; no code until approved (P4 rule). ADR-0009 (independent witness network) records the W.1 design: verbatim purpose line, privacy-preserving framing rule, hashes-only observation, opt-in pseudonymous stream digests, the four CI-enforced separation rules (zero SDK coupling, never a transitive dep, never auto-enroll, never background on install), backend surface spec, v1 observational-only scope, and the claims-guarded evolution note kept ADR-internal. Co-Authored-By: Claude Fable 5 --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index ec07ee6..d486336 100644 --- a/README.md +++ b/README.md @@ -74,6 +74,9 @@ Attesto stores source-system time separately from backend ingest time. `time.Now().UTC()` when omitted, but production integrations should pass the real upstream event timestamp whenever the source system provides one. + +Canonicalization is specified normatively in [ATTESTO-CANONICAL-JSON-001](../../docs/protocol/ATTESTO-CANONICAL-JSON-001.md); the parity corpus `golden-vectors/sdk-parity/` is its conformance set. + ## Committed payload number rule When events are committed to a Proofstream, payload and metadata numbers must