Add SDK parity and Go CLI release readiness
This commit is contained in:
Codex
81
README.md
Normal file
81
README.md
Normal file
@@ -0,0 +1,81 @@
|
||||
# Attesto Go SDK
|
||||
|
||||
Official Go SDK for Attesto 2.0 Proofstream. The default API base URL is
|
||||
`https://verify.attesto.eu`. Use it from server-side, infrastructure, security
|
||||
tooling, CI, evidence exporters, and operator automation. Do not embed Attesto API keys in browser bundles, mobile apps, or public artifacts.
|
||||
|
||||
## Install
|
||||
|
||||
```shell
|
||||
go get git.rotz.ai/rotzmediagroup/attesto-v1/sdk/go
|
||||
```
|
||||
|
||||
The first release is VCS-resolved from the Attesto repository. It intentionally
|
||||
uses only the Go standard library.
|
||||
|
||||
## Quickstart
|
||||
|
||||
```go
|
||||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"log"
|
||||
"os"
|
||||
|
||||
attesto "git.rotz.ai/rotzmediagroup/attesto-v1/sdk/go"
|
||||
)
|
||||
|
||||
func main() {
|
||||
ctx := context.Background()
|
||||
client, err := attesto.NewClient(os.Getenv("ATTESTO_API_KEY"))
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
stream, err := client.CreateStream(ctx, attesto.StreamCreateInput{
|
||||
UseCase: "ai-governance",
|
||||
PolicyID: "policy-main",
|
||||
})
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
receipt, err := client.LogEvent(ctx, stream.StreamID, attesto.EventInput{
|
||||
SourceRef: "decision-42",
|
||||
Payload: attesto.M{
|
||||
"model": "risk-classifier",
|
||||
"score": 0.92,
|
||||
},
|
||||
})
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
fmt.Println(receipt.StreamEventID, receipt.EventHash)
|
||||
}
|
||||
```
|
||||
|
||||
## Verification
|
||||
|
||||
Remote verification uses Attesto's public `/v2/verify` API. Offline receipt
|
||||
verification uses `ATTESTO-PROOFSTREAM-001` canonical JSON, domain-separated
|
||||
hashes, and Ed25519 signature verification locally.
|
||||
|
||||
```go
|
||||
report := attesto.VerifyReceiptOffline(receipt.Receipt, publicKeyHex)
|
||||
if !report.OK {
|
||||
log.Fatalf("receipt failed verification: %v", report.Problems)
|
||||
}
|
||||
```
|
||||
|
||||
## Operator and Admin Endpoints
|
||||
|
||||
System-key clients are created with `attesto.NewClient`. Tenant/operator
|
||||
endpoints, including connector installation and Local Vault installation
|
||||
management, use `attesto.NewBearerClient` with a tenant bearer token obtained
|
||||
from the dashboard session flow.
|
||||
|
||||
Secrets returned once by connector creation are present only in the returned
|
||||
struct and are never logged by the SDK.
|
||||
Reference in New Issue
Block a user