Back to posts

In development: doip-rs

Posted on 2021-11-13

A DOIP Rust library

I'd like to introduce doip-rs, a Rust library to interact with decentralized OpenPGP identity claims and proofs.

The way the library works is:

• you give it a claim and a fingerprint (see Usage below);
• it tries to figure out what kind of claim it is (Twitter? Gitea? Owncast?);
• it tries to fetch a proof at a predefined location;
• it tries to find the fingerprint inside the proof;
• if found, the claim is considered verified.

It's not on crates.io yet, I'd like to smooth out the rough edges first.

It's licensed under Apache Version 2.0.

Usage

Using the library is quite simple:

use doip::claim::Claim;
use doip::service_provider::ServiceProvider;

// Prepare the identity claim
let uri = "https://codeberg.org/yarmo/gitea_proof";
let fingerprint = "9f0048ac0b23301e1f77e994909f6bd6f80f485d";
let mut claim = Claim::new(uri, fingerprint);

// Find matching service providers
claim.find_match();

// Verify the claim
claim.verify().await;

// Print the result
println!("Claim: {:?}", claim);

The example above actually works and will verify my Codeberg.org account!

Roadmap

• Improve code quality
• Improve documentation
• Add parallel processing of claims
• Add processing of cryptographic keys (using Sequoia-PGP)
• Add processing of signature profiles
• Add additional proof request protocols (DNS, IRC, XMPP…)
• Publish to crates.io

doip-rs and doip-js

Right now, the doip-js (javascript/node) is more feature-complete than doip-rs (rust) but with time, doip-rs will catch up.

It may even at some point be possible to retire doip-js and replace it with a WASM build of doip-rs!

doip-rs and ariadne.id

Currently, the doip-rs library "inherits" all its knowledge of service providers (How to verify a Twitter account? And a Lichess account?) from the doip-js library but with time, doip-rs will become compliant with the Ariadne Spec as it matures, a project we recently announced that will contain all this knowledge in a project-independent format in an effort to stimulate the development of community-made libraries and tools.

Signing off

I'm excited to be delving into Rust and use it to advance the Keyoxide project. If you see code that can be improved, don't hesitate to file an issue or write to the mailing list. Of course, all PRs are welcome :)

Until later,
Yarmo