sdk(P2.3): MockAttesto — local emulator in all three SDKs
Customers can now test their full ingest-and-verify pipeline in CI with zero network and zero Attesto account. Python attesto.testing.MockAttesto (context manager over a local HTTP server + pytest-fixture friendly), TypeScript createMockServer() (fetch-compatible handler, WebCrypto Ed25519, edge-safe), and Go attestotest.NewServer() (httptest) implement the v2 subset the SDKs use — streams, single+batch events, head, receipts, tenant event listings — with REAL seq/hash-chain semantics via the same frozen canonical functions, the server-side number-policy mirror (422), and windows/checkpoints built on demand with per-leaf inclusion proofs (promote-odd-node fold). Hard rule, test-enforced in all three languages: mock evidence is structurally incapable of passing as real — every emitted object carries "mock": true, receipts are signed by a per-instance throwaway key under kid attesto-mock-ed25519, and verify_receipt against any real witness key fails. Acceptance: the P1 verify suite (receipt, payload commitment, inclusion, completeness) passes against the emulator with real clients in all three SDKs; head tracking sees an honestly chained sequence. READMEs gain a "Testing without Attesto" quickstart. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
20
README.md
20
README.md
@@ -129,6 +129,26 @@ client, _ := attesto.NewClient(apiKey, attesto.WithHeadStore(attesto.NewFileHead
|
||||
client, _ = attesto.NewClient(apiKey, attesto.WithHeadStore(nil))
|
||||
```
|
||||
|
||||
## Testing without Attesto: attestotest
|
||||
|
||||
`go.attesto.eu/sdk/attestotest` starts a local httptest emulator with **real**
|
||||
hash-chain semantics; point the real client at it and run your full pipeline
|
||||
in CI with zero network:
|
||||
|
||||
```go
|
||||
server := attestotest.NewServer()
|
||||
defer server.Close()
|
||||
client, _ := attesto.NewClient(server.APIKey, attesto.WithBaseURL(server.URL))
|
||||
stream, _ := client.CreateStream(ctx, attesto.StreamCreateInput{UseCase: "ci", PolicyID: "mock-policy"})
|
||||
receipt, _ := client.LogEvent(ctx, stream.StreamID, attesto.EventInput{SourceRef: "e1"})
|
||||
stored, _ := client.GetReceipt(ctx, receipt.StreamEventID)
|
||||
report := attesto.VerifyReceiptOffline(stored.Receipt, server.PublicKeyHex)
|
||||
```
|
||||
|
||||
Mock evidence can never pass as real: every object carries `mock: true`, the
|
||||
signer kid is `attesto-mock-ed25519`, and verification against any real
|
||||
witness key fails.
|
||||
|
||||
## Built-in self-test and doctor
|
||||
|
||||
On the first hashing operation per process the SDK verifies itself against an
|
||||
|
||||
Reference in New Issue
Block a user