[Hackathon] Problem-09 privacy: SD-JWT capsule selective-disclosure plugin#55
Open
StevenMih wants to merge 1 commit into
Open
Conversation
…lem-09) Implements the SD-JWT salted-hash commitment model from draft-mih-scitt-agent-action-capsule-sel-disc as a NANDA Town privacy plugin — distinct from the Merkle-path approach in hybrid_x25519 (PR projnanda#28). - capsule_selective_disclosure.py: CapsuleSelDiscPrivacy plugin - commit_credential / build_witness / verify_disclosure module-level API - X25519+ChaCha20-Poly1305 hybrid encryption with per-recipient key-wrap - Broadcast revocation via epoch counter - Tier-1 deterministic mode (HKDF-derived randomness) - Anti-replay via (sender, msg_id) seen-set - test_capsule_selective_disclosure.py: 41 tests - 4-attack adversarial validator: eavesdropper, replay, field-injection, stale-revocation — PASSES on CapsuleSelDiscPrivacy, FAILS on NoopPrivacy - Ruff-clean, pyright-clean - sealed_bid_capsule_privacy.yaml: 1 auctioneer + 7 bidders, 3 rounds, capsule_selective_disclosure privacy layer - pyproject.toml + plugins.py: entry-point and builtin registration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Implements the SD-JWT salted-hash commitment model from
draft-mih-scitt-agent-action-capsule-sel-discas a NANDA Town privacy plugin.Addresses Problem-09 (hybrid encryption + selective disclosure + 4-attack adversarial validator).
Distinct from
hybrid_x25519(PR #28): that plugin uses Merkle authenticationpaths. This plugin uses per-field salted-hash commitments — no tree traversal,
decoy digests, algorithm-agile
_sd_algheader, wire-compatible withcapsule-emit SD-Capsule output.
Deliverables
nest_plugins_reference/privacy/capsule_selective_disclosure.py—CapsuleSelDiscPrivacyplugincommit_credential/build_witness/verify_disclosurestandalone API (capsule-emit compatible)(sender, msg_id)seen-settests/test_capsule_selective_disclosure.py— 41 testsTestAdversarialValidator::test_capsule_plugin_passes_all_attacks— all 4 attacks defeatedtest_noop_fails_*— confirms noop has no protections (required by Problem-09)scenarios/sealed_bid_capsule_privacy.yaml— 1 auctioneer + 7 bidders, 3 rounds, Tier 1Commitment scheme
_sdarray sorted lexicographically;_sd_alg: "sha-256"in every SD-object4 attacks defeated
NotInAudienceErrorbefore any AEADmsg_idbound in AAD + seen-set →ReplayError_sd→verify_proofreturnsFalseNotInAudienceErrorTest run