@zanii/swarm
v0.2.0
Published
N-party (3+) co-signed receipts for agent teams: genuine M-of-N Ed25519 threshold signatures over a canonical body (not a 2-party chain). Verifiable offline today; recording on the ledger awaits SPEC §14 server ingest.
Readme
@zanii/swarm
N-party (3+) co-signed receipts for agent teams. Receipts today are 1-party or 2-party
co-signed; a team of 3+ agents doing one task has no N-party receipt, so accountability inside
a swarm is a hole. This is genuine M-of-N threshold crypto: every participant signs the same
canonical body, and verifySwarm requires threshold valid, distinct signatures from the
declared participant set. It does not fake N-party by chaining 2-party co-signs.
On-ledger (v0.2.0). SPEC §14 ingest is live at POST /v1/swarm. buildSwarmReceipt +
swarmSigner assemble a receipt with each signer's authority envelope (delegation, prev), and
verifySwarmReceipt runs the authority-complete check that mirrors the server byte-for-byte:
per signer — valid signature, owner-rooted unrevoked/unexpired delegation, target in scope, and
prev == chain head; then valid signers ≥ threshold and (default) ≥ threshold distinct owners
(segregation of duties — one owner's N agents can't fake an M-of-N). A receipt this accepts is a
receipt /v1/swarm accepts (identical canonical signing input; cross-verified TS↔Python).
verifySwarm (signatures-only) remains for offline "did these keys sign" checks — do not mistake
it for verifySwarmReceipt (authority). Same Ed25519 / did:key / ed25519:<hex> format
throughout, so a party can sign in TypeScript or Python.
npm install @zanii/swarm @zanii/coreimport { buildSwarmBody, signSwarm, assembleSwarmReceipt, verifySwarm } from '@zanii/swarm';
const body = buildSwarmBody({ task: 'deploy.release', target: 'prod', participants: [a, b, c], threshold: 2, ts });
const receipt = assembleSwarmReceipt(body, [
{ signer: a, sig: signSwarm(body, aKey) },
{ signer: b, sig: signSwarm(body, bKey) },
]);
verifySwarm(receipt).ok; // true — 2 of 3 distinct participants signedChangelog
- 0.2.0 — on-ledger authority layer (SPEC §14):
buildSwarmReceipt,swarmSigner, andverifySwarmReceipt(authority-complete — delegation + scope + prev + revocation + distinct-owner segregation), mirroring the server'sPOST /v1/swarm. - 0.1.0 — initial release:
buildSwarmBody,signSwarm,assembleSwarmReceipt,verifySwarm(M-of-N threshold).
License
Apache-2.0.
