coral-crypto

module

v0.1.1 Latest Latest Go to latest Published: Jan 27, 2026 License: Apache-2.0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/coral-mesh/coral-crypto

Links

Open Source Insights

README ¶

coral-crypto

Shared Go cryptographic library for the Coral Application Intelligence Mesh and its discovery service. Provides JWT token operations, Ed25519 key management, and certificate fingerprinting, with WebAssembly support for cloudflare workers.

Packages

Package	Description
`jwt`	Create and validate Ed25519-signed JWT referral/bootstrap tokens
`keys`	Ed25519 key generation, rotation, JWK/JWKS encoding
`fingerprint`	SHA-256 certificate fingerprint computation and matching
`wasm`	TinyGo entrypoint exposing crypto operations to JavaScript

Usage

import (
    "github.com/AnomalousCoders/coral-crypto/keys"
    "github.com/AnomalousCoders/coral-crypto/jwt"
)

// Generate a key pair
kp, _ := keys.GenerateKeyPair()

// Sign a referral ticket
signer := jwt.NewSigner(kp.PrivateKey, kp.ID)
token, _ := signer.CreateReferralTicket("reef-1", "colony-1", "agent-1", "join")

// Validate against JWKS
jwks := kp.PublicJWKS()
validator, _ := jwt.NewValidator(jwks)
claims, _ := validator.ValidateReferralTicket(token)

Commands

make test             # Run tests with race detection
make vet              # Run go vet
make lint             # Run golangci-lint
make build-wasm       # Compile to WebAssembly (requires TinyGo 0.39.0)
make gen-vectors      # Generate cross-implementation test vectors
make gen-signing-key  # Generate an Ed25519 signing key

WebAssembly

The wasm/ package compiles with TinyGo to produce crypto.wasm, exposing:

coralCrypto.createReferralTicket(privateKeyB64, keyID, reefID, colonyID, agentID, intent, ttlSeconds) — returns {jwt, expiresAt}
coralCrypto.verifySignature(tokenString, jwksJSON) — returns {valid}
coralCrypto.generateKeyPair() — returns {id, privateKey, publicKey, jwk}

Standards

Built on Ed25519/EdDSA with strict algorithm enforcement.

Implements JWT (RFC 7519) and JWK (RFC 7517).

Directories ¶

Path	Synopsis
cmd
gen-signing-key command Command gen-signing-key generates a signing key for the Discovery service.	Command gen-signing-key generates a signing key for the Discovery service.
gen-vectors command Command gen-vectors generates test vectors for JWT operations.	Command gen-vectors generates test vectors for JWT operations.
fingerprint Package fingerprint provides certificate fingerprint computation.	Package fingerprint provides certificate fingerprint computation.
jwt Package jwt provides JWT token creation and validation for Coral discovery.	Package jwt provides JWT token creation and validation for Coral discovery.
keys Package keys implements Ed25519 key management for JWT signing.	Package keys implements Ed25519 key management for JWT signing.
wasm Package main provides Wasm entrypoint for coral-crypto operations.	Package main provides Wasm entrypoint for coral-crypto operations.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL