Skip to content
Open
Show file tree
Hide file tree
Changes from 40 commits
Commits
Show all changes
53 commits
Select commit Hold shift + click to select a range
8e0e71f
feat(truapi): add testing API and versioned wiring
pgherveou Jun 30, 2026
dea080a
fixup! feat(truapi): add testing API and versioned wiring
pgherveou Jul 1, 2026
3409152
fixup! feat(truapi): add testing API and versioned wiring
pgherveou Jul 1, 2026
0569aaf
fixup! feat(truapi): add testing API and versioned wiring
pgherveou Jul 2, 2026
8c93e99
feat(truapi-platform): add host capability traits
pgherveou Jun 30, 2026
97d0b79
fixup! feat(truapi-platform): add host capability traits
pgherveou Jul 2, 2026
d2e3674
fixup! feat(truapi-platform): add host capability traits
pgherveou Jul 3, 2026
c6f888c
feat(truapi-codegen): emit Rust dispatcher, wire table, and host call…
pgherveou Jun 30, 2026
a37abae
fixup! feat(truapi-codegen): emit Rust dispatcher, wire table, and ho…
pgherveou Jul 2, 2026
99d1b7e
fixup! feat(truapi-codegen): emit Rust dispatcher, wire table, and ho…
pgherveou Jul 2, 2026
1c46353
fixup! feat(truapi-codegen): emit Rust dispatcher, wire table, and ho…
pgherveou Jul 2, 2026
2c52262
fixup! feat(truapi-codegen): emit Rust dispatcher, wire table, and ho…
pgherveou Jul 3, 2026
7bd57b8
fixup! feat(truapi-codegen): emit Rust dispatcher, wire table, and ho…
pgherveou Jul 3, 2026
6964df3
feat(truapi-server): add host logic primitives
pgherveou Jul 1, 2026
c8c4595
fixup! feat(truapi-server): add host logic primitives
pgherveou Jul 1, 2026
88cf1a9
fixup! feat(truapi-server): add host logic primitives
pgherveou Jul 2, 2026
2d88bdf
fixup! feat(truapi-server): add host logic primitives
pgherveou Jul 3, 2026
e1f6790
feat(truapi-server): add wire and chain infrastructure
pgherveou Jul 1, 2026
d959726
fixup! feat(truapi-server): add wire and chain infrastructure
pgherveou Jul 3, 2026
fa642c1
fixup! feat(truapi-server): add host logic primitives
pgherveou Jul 3, 2026
176c6b1
feat(truapi-server): add platform runtime and host bridge
pgherveou Jul 1, 2026
6aa9887
fixup! feat(truapi-server): add platform runtime and host bridge
pgherveou Jul 1, 2026
0f6e16c
fixup! feat(truapi-server): add platform runtime and host bridge
pgherveou Jul 2, 2026
80ff2c7
fixup! feat(truapi-server): add platform runtime and host bridge
pgherveou Jul 2, 2026
c6091f0
fixup! feat(truapi-server): add platform runtime and host bridge
pgherveou Jul 3, 2026
e4d9a0d
fixup! feat(truapi-server): add wire and chain infrastructure
pgherveou Jul 3, 2026
7ac562a
fixup! feat(truapi-server): add platform runtime and host bridge
pgherveou Jul 3, 2026
dab5395
Merge origin/main into rust-core/04-codegen
pgherveou Jul 3, 2026
15e1594
Merge branch 'rust-core/04-codegen' into rust-core/04a-server-host-logic
pgherveou Jul 3, 2026
54f0b20
docs(host-logic): link host-spec sections
pgherveou Jul 3, 2026
2da3da5
Merge branch 'rust-core/04a-server-host-logic' into rust-core/04b-ser…
pgherveou Jul 3, 2026
f7b2424
Merge branch 'rust-core/04b-server-wire-chain' into rust-core/03-serv…
pgherveou Jul 3, 2026
ac7992f
docs(runtime): link host-spec sections
pgherveou Jul 3, 2026
cda27e1
fixup! feat(truapi-server): add wire and chain infrastructure
pgherveou Jul 3, 2026
227f47c
Merge branch 'rust-core/04b-server-wire-chain' into rust-core/03-serv…
pgherveou Jul 3, 2026
8bd9085
fixup! feat(truapi-server): add platform runtime and host bridge
pgherveou Jul 3, 2026
ba2571a
Merge branch 'main' into rust-core/03-server-runtime
pgherveou Jul 3, 2026
b804d04
fix(server): enforce runtime permissions
pgherveou Jul 6, 2026
5de806e
fix(server): include runtime crate in workspace
pgherveou Jul 6, 2026
0d304f8
docs(server): describe permission flow
pgherveou Jul 6, 2026
1735b8a
test(server): wait for auth sync callback
pgherveou Jul 6, 2026
f421258
test(server): make pairing snapshot test deterministic
pgherveou Jul 6, 2026
7190552
chore(stack): move wasm bridge out of runtime layer
pgherveou Jul 6, 2026
5fbf0b3
fixup! feat(truapi-server): add platform runtime and host bridge
pgherveou Jul 6, 2026
95516f7
fixup! feat(truapi-server): add platform runtime and host bridge
pgherveou Jul 6, 2026
86ffc19
fixup! feat(truapi-server): add platform runtime and host bridge
pgherveou Jul 6, 2026
98b1023
fixup! feat(truapi-server): add platform runtime and host bridge
pgherveou Jul 6, 2026
b639cb7
fixup! feat(truapi-server): add platform runtime and host bridge
pgherveou Jul 7, 2026
4bdb9b5
fixup! feat(truapi-server): add platform runtime and host bridge
pgherveou Jul 8, 2026
3a64291
refactor(platform): derive allowance Debug
pgherveou Jul 8, 2026
a99f0e5
fix(runtime): keep allowance signing in Rust
pgherveou Jul 8, 2026
80135ef
fix(runtime): harden pairing failures
pgherveou Jul 8, 2026
3f775f3
fix(runtime): simplify pairing outcome
pgherveou Jul 8, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 0 additions & 1 deletion Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
[workspace]
resolver = "2"
members = ["rust/crates/*"]
exclude = ["rust/crates/truapi-server"]

[workspace.package]
edition = "2024"
Expand Down
42 changes: 37 additions & 5 deletions rust/crates/truapi-codegen/tests/golden/host-callbacks.ts
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,9 @@ export type AuthState =
/**
* Core-owned host-private storage slots. Products never address these slots;
* the host chooses the backing store for each slot.
*
* Storage is host-local; `storage.md` records the current status quo:
* <https://github.com/paritytech/host-spec/blob/adb3989208ae1c2107dbf0159611353e6989422c/storage.md?plain=1#L1-L7>
*/
export type CoreStorageKey =
/**
Expand Down Expand Up @@ -102,6 +105,16 @@ export type CreateTransactionReview =
*/
| { tag: "LegacyAccount"; value: LegacyAccountTxPayload };

/**
* Review shown before a product learns the user's primary identity.
*/
export interface IdentityDisclosureReview {
/**
* Product currently handling the request.
*/
productId: string;
}

/**
* Permission request whose authorization status can be inspected or updated
* by host administration UI.
Expand All @@ -114,7 +127,11 @@ export type PermissionAuthorizationRequest =
/**
* Remote/product-scoped permission such as chain submit or HTTP access.
*/
| { tag: "Remote"; value: RemotePermissionRequest };
| { tag: "Remote"; value: RemotePermissionRequest }
/**
* Product-scoped permission to disclose the user's primary identity.
*/
| { tag: "IdentityDisclosure"; value?: undefined };

/**
* Authorization status for a permission request.
Expand Down Expand Up @@ -206,6 +223,10 @@ export type UserConfirmationReview =
* Allow a product to request another product account alias.
*/
| { tag: "AccountAlias"; value: AccountAliasReview }
/**
* Allow a product to learn the user's primary identity.
*/
| { tag: "IdentityDisclosure"; value: IdentityDisclosureReview }
/**
* Allocate resources for the requesting product.
*/
Expand All @@ -223,6 +244,9 @@ export const AccountAliasReview: S.Codec<AccountAliasReview> = S.lazy((): S.Code
/**
* Core-owned host-private storage slots. Products never address these slots;
* the host chooses the backing store for each slot.
*
* Storage is host-local; `storage.md` records the current status quo:
* <https://github.com/paritytech/host-spec/blob/adb3989208ae1c2107dbf0159611353e6989422c/storage.md?plain=1#L1-L7>
*/
export const CoreStorageKey: S.Codec<CoreStorageKey> = S.lazy((): S.Codec<CoreStorageKey> => S.TaggedUnion({AuthSession: S._void, PairingDeviceIdentity: S._void, PermissionAuthorization: S.Struct({productId: S.str, request: PermissionAuthorizationRequest}) as S.Codec<{ productId: string; request: PermissionAuthorizationRequest }>}));

Expand All @@ -231,11 +255,16 @@ export const CoreStorageKey: S.Codec<CoreStorageKey> = S.lazy((): S.Codec<CoreSt
*/
export const CreateTransactionReview: S.Codec<CreateTransactionReview> = S.lazy((): S.Codec<CreateTransactionReview> => S.TaggedUnion({Product: ProductAccountTxPayload, LegacyAccount: LegacyAccountTxPayload}));

/**
* Review shown before a product learns the user's primary identity.
*/
export const IdentityDisclosureReview: S.Codec<IdentityDisclosureReview> = S.lazy((): S.Codec<IdentityDisclosureReview> => S.Struct({productId: S.str}) as S.Codec<IdentityDisclosureReview>);

/**
* Permission request whose authorization status can be inspected or updated
* by host administration UI.
*/
export const PermissionAuthorizationRequest: S.Codec<PermissionAuthorizationRequest> = S.lazy((): S.Codec<PermissionAuthorizationRequest> => S.TaggedUnion({Device: HostDevicePermissionRequest, Remote: RemotePermissionRequest}));
export const PermissionAuthorizationRequest: S.Codec<PermissionAuthorizationRequest> = S.lazy((): S.Codec<PermissionAuthorizationRequest> => S.TaggedUnion({Device: HostDevicePermissionRequest, Remote: RemotePermissionRequest, IdentityDisclosure: S._void}));

/**
* Authorization status for a permission request.
Expand Down Expand Up @@ -263,7 +292,7 @@ export const SignRawReview: S.Codec<SignRawReview> = S.lazy((): S.Codec<SignRawR
/**
* Review shown before a user-confirmed core action continues.
*/
export const UserConfirmationReview: S.Codec<UserConfirmationReview> = S.lazy((): S.Codec<UserConfirmationReview> => S.TaggedUnion({SignPayload: SignPayloadReview, SignRaw: SignRawReview, CreateTransaction: CreateTransactionReview, AccountAlias: AccountAliasReview, ResourceAllocation: HostRequestResourceAllocationRequest, PreimageSubmit: PreimageSubmitReview}));
export const UserConfirmationReview: S.Codec<UserConfirmationReview> = S.lazy((): S.Codec<UserConfirmationReview> => S.TaggedUnion({SignPayload: SignPayloadReview, SignRaw: SignRawReview, CreateTransaction: CreateTransactionReview, AccountAlias: AccountAliasReview, IdentityDisclosure: IdentityDisclosureReview, ResourceAllocation: HostRequestResourceAllocationRequest, PreimageSubmit: PreimageSubmitReview}));

/**
* Host auth UI driven by core-owned `AuthState` transitions.
Expand All @@ -282,6 +311,9 @@ export interface AuthPresenter {
*
* The platform provides a way to get a JSON-RPC connection for a given chain.
* The server runtime manages the chainHead v1 state machine on top of this.
* Host-spec N.6 requires products to access chains through host-mediated
* providers:
* <https://github.com/paritytech/host-spec/blob/adb3989208ae1c2107dbf0159611353e6989422c/spec/N-shared-infrastructure.md?plain=1#L91-L102>
*/
export interface ChainProvider {
/**
Expand Down Expand Up @@ -491,11 +523,11 @@ export interface ThemeHost {
}

/**
* Local user confirmation UI for session-channel operations.
* Local user confirmation UI for sensitive core-owned operations.
*/
export interface UserConfirmation {
/**
* Confirm a reviewed action before the core asks the SSO peer.
* Confirm a reviewed action before the core continues.
*/
confirmUserAction(review: UserConfirmationReview): Promise<boolean>;
}
Expand Down
7 changes: 2 additions & 5 deletions rust/crates/truapi-codegen/tests/golden_rust_emit.rs
Original file line number Diff line number Diff line change
Expand Up @@ -32,11 +32,8 @@ fn quoted_strings_in_const_array(src: &str, const_name: &str) -> Vec<String> {
}

fn wasm_optional_callback_names(workspace: &Path) -> Vec<String> {
let wasm_rs = workspace.join("rust/crates/truapi-server/src/wasm.rs");
if !wasm_rs.exists() {
return Vec::new();
}
let src = fs::read_to_string(wasm_rs).expect("read wasm.rs");
let src = fs::read_to_string(workspace.join("rust/crates/truapi-server/src/wasm.rs"))
.expect("read wasm.rs");
let mut names = src
.lines()
.filter_map(|line| {
Expand Down
31 changes: 29 additions & 2 deletions rust/crates/truapi-platform/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -42,10 +42,17 @@ pub struct HostRuntimeConfig {
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct PairingHostConfig {
/// Host identity shown to the signing host during pairing.
///
/// Host-spec B.1.3 defines the host metadata consumed by the signing host:
/// <https://github.com/paritytech/host-spec/blob/adb3989208ae1c2107dbf0159611353e6989422c/spec/B-inter-host.md?plain=1#L48-L60>
pub host: HostRuntimeConfig,
/// People-chain genesis hash used for statement-store SSO.
pub people_chain_genesis_hash: [u8; 32],
/// Deeplink URI scheme used in pairing QR payloads, without `://`.
///
/// Host-spec L.2-L.3 define the `polkadotapp://pair` route and construction
/// rules:
/// <https://github.com/paritytech/host-spec/blob/adb3989208ae1c2107dbf0159611353e6989422c/spec/L-url-schemes.md?plain=1#L17-L33>
pub pairing_deeplink_scheme: String,
}

Expand All @@ -70,6 +77,9 @@ pub struct SigningHostConfig {
pub struct ProductContext {
/// Product identifier used for account derivation and product-scoped
/// storage/permission namespaces.
///
/// Host-spec C.7 defines accepted product id forms:
/// <https://github.com/paritytech/host-spec/blob/adb3989208ae1c2107dbf0159611353e6989422c/spec/C-account-derivation.md?plain=1#L109-L128>
pub product_id: String,
}

Expand Down Expand Up @@ -305,6 +315,8 @@ pub enum PermissionAuthorizationRequest {
Device(HostDevicePermissionRequest),
/// Remote/product-scoped permission such as chain submit or HTTP access.
Remote(RemotePermissionRequest),
/// Product-scoped permission to disclose the user's primary identity.
IdentityDisclosure,
Comment thread
pgherveou marked this conversation as resolved.
}

/// Authorization status for a permission request.
Expand Down Expand Up @@ -382,6 +394,9 @@ pub trait Features: Send + Sync {
///
/// The platform provides a way to get a JSON-RPC connection for a given chain.
/// The server runtime manages the chainHead v1 state machine on top of this.
/// Host-spec N.6 requires products to access chains through host-mediated
/// providers:
/// <https://github.com/paritytech/host-spec/blob/adb3989208ae1c2107dbf0159611353e6989422c/spec/N-shared-infrastructure.md?plain=1#L91-L102>
#[async_trait]
pub trait ChainProvider: Send + Sync {
/// Open a JSON-RPC connection for the chain identified by `genesis_hash`.
Expand Down Expand Up @@ -409,6 +424,9 @@ pub trait JsonRpcConnection: Send + Sync {

/// Core-owned host-private storage slots. Products never address these slots;
/// the host chooses the backing store for each slot.
///
/// Storage is host-local; `storage.md` records the current status quo:
/// <https://github.com/paritytech/host-spec/blob/adb3989208ae1c2107dbf0159611353e6989422c/storage.md?plain=1#L1-L7>
#[derive(Debug, Clone, PartialEq, Eq, Encode, Decode)]
pub enum CoreStorageKey {
/// Opaque SSO/auth session blob.
Expand Down Expand Up @@ -526,6 +544,13 @@ pub struct AccountAliasReview {
pub target_product_id: String,
}

/// Review shown before a product learns the user's primary identity.
#[derive(Debug, Clone, PartialEq, Eq, Encode, Decode)]
pub struct IdentityDisclosureReview {
/// Product currently handling the request.
pub product_id: String,
}

/// Review shown before a preimage is submitted.
#[derive(Debug, Clone, PartialEq, Eq, Encode, Decode)]
pub struct PreimageSubmitReview {
Expand All @@ -545,16 +570,18 @@ pub enum UserConfirmationReview {
CreateTransaction(CreateTransactionReview),
/// Allow a product to request another product account alias.
AccountAlias(AccountAliasReview),
/// Allow a product to learn the user's primary identity.
IdentityDisclosure(IdentityDisclosureReview),
/// Allocate resources for the requesting product.
ResourceAllocation(HostRequestResourceAllocationRequest),
/// Submit a preimage to the host-selected backend.
PreimageSubmit(PreimageSubmitReview),
}

/// Local user confirmation UI for session-channel operations.
/// Local user confirmation UI for sensitive core-owned operations.
#[async_trait]
pub trait UserConfirmation: Send + Sync {
/// Confirm a reviewed action before the core asks the SSO peer.
/// Confirm a reviewed action before the core continues.
async fn confirm_user_action(
&self,
review: UserConfirmationReview,
Expand Down
4 changes: 4 additions & 0 deletions rust/crates/truapi-server/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,9 @@ crate-type = ["rlib", "cdylib"]
[features]
default = []

[lints.rust]
unsafe_code = "forbid"

[dependencies]
truapi = { path = "../truapi" }
truapi-platform = { path = "../truapi-platform" }
Expand All @@ -31,6 +34,7 @@ sp-crypto-hashing = { version = "0.1", default-features = false }
bs58 = { version = "0.5", default-features = false, features = ["alloc"] }
schnorrkel = { version = "0.11.5", default-features = false, features = ["alloc", "getrandom"] }
substrate-bip39 = { version = "0.6", default-features = false }
zeroize = { version = "1", default-features = false, features = ["alloc"] }
getrandom = { version = "0.2", features = ["js"] }
p256 = { version = "0.13", default-features = false, features = ["ecdh"] }
hkdf = "0.12"
Expand Down
Loading
Loading