Skip to content

feat: Update NUCs to compatibility with public keys #110

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
jcabrero merged 7 commits into from
Jun 13, 2025
Merged

feat: Update NUCs to compatibility with public keys #110

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
106ed2a
chore: fixed nuc-py version for working compatibility with older vers…
jcabrero Jun 11, 2025
e2ca49f
fix: validation taking parameters as context
jcabrero Jun 11, 2025
cd01ac7
fix: fixed nilauth tag
jcabrero Jun 11, 2025
4f01de1
feat: updated nucs to use public keys
jcabrero Jun 11, 2025
21068f6
fix: new config file for nilAuth
jcabrero Jun 11, 2025
ec364b1
feat: added nuc command validation /nil/ai
jcabrero Jun 12, 2025
2190739
fix: corrected pay_for_subscription logic order
jcabrero Jun 13, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion docker-compose.dev.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ services:
- nilauth

nilauth:
image: public.ecr.aws/k5d9x2g2/nilauth:latest
image: public.ecr.aws/k5d9x2g2/nilauth:ff0d9198d1b8819527bc036a58f875c4046b6f21
depends_on:
- nilauth-postgres
- nilchain
Expand Down
4 changes: 3 additions & 1 deletion docker/nilauth/config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,9 @@ payments:
subscriptions:
renewal_threshold_seconds: 1000
length_seconds: 120
dollar_cost: 1
dollar_cost:
nilai: 1
nildb: 1

token_price:
base_url: http://token-price-api/api/v3/simple/price
Expand Down
4 changes: 2 additions & 2 deletions nilai-api/pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,8 @@ dependencies = [
"verifier",
"web3>=7.8.0",
"click>=8.1.8",
"nuc",
"nuc-helpers",
"nuc",
]


Expand All @@ -42,5 +42,5 @@ build-backend = "hatchling.build"

[tool.uv.sources]
nilai-common = { workspace = true }
nuc = { git = "https://github.com/NillionNetwork/nuc-py.git" }
nuc-helpers = { workspace = true }
nuc = { git = "https://github.com/NillionNetwork/nuc-py.git", tag = "4922b5e9354e611cc31322d681eb29da05be584e" }
23 changes: 21 additions & 2 deletions nilai-api/src/nilai_api/auth/nuc.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
from nuc.validate import NucTokenValidator, ValidationParameters, InvocationRequirement
from nuc.envelope import NucTokenEnvelope
from nuc.nilauth import NilauthClient
from nuc.token import Did, NucToken
from nuc.token import Did, NucToken, Command
from functools import lru_cache
from nilai_api.config import NILAUTH_TRUSTED_ROOT_ISSUERS
from nilai_api.state import state
Expand All @@ -16,6 +16,9 @@
logger = setup_logger(__name__)


NILAI_BASE_COMMAND: Command = Command.parse("/nil/ai")


@lru_cache(maxsize=1)
def get_validator() -> NucTokenValidator:
"""
Expand Down Expand Up @@ -52,6 +55,14 @@ def get_validation_parameters() -> ValidationParameters:
return default_parameters


def check_is_nilai_subcommand(nuc_token_envelope: NucTokenEnvelope) -> bool:
"""
Check if the NUC token is a Nilai subcommand
"""
command: Command = nuc_token_envelope.token.token.command
return command.is_attenuation_of(NILAI_BASE_COMMAND)


def validate_nuc(nuc_token: str) -> Tuple[str, str]:
"""
Validate a NUC token
Expand All @@ -66,7 +77,15 @@ def validate_nuc(nuc_token: str) -> Tuple[str, str]:
logger.info(f"Validating NUC token: {nuc_token_envelope.token.token}")
logger.info(f"Validation parameters: {get_validation_parameters()}")
logger.info(f"Public key: {state.public_key.serialize()}")
get_validator().validate(nuc_token_envelope, get_validation_parameters())
if not check_is_nilai_subcommand(nuc_token_envelope):
logger.error(
f"NUC token namespace is not a /nil/ai attenuation: {nuc_token_envelope.token.token.command}"
)
raise AuthenticationError("NUC token namespace is not a /nil/ai attenuation")

get_validator().validate(
nuc_token_envelope, context={}, parameters=get_validation_parameters()
)
token: NucToken = nuc_token_envelope.token.token

# Validate the
Expand Down
77 changes: 38 additions & 39 deletions nilai-auth/nilai-auth-client/examples/tutorial.ipynb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,24 +33,22 @@
"name": "stdout",
"output_type": "stream",
"text": [
"l/SYifzu2Iqc3dsWoWHRP2oSMHwrORY/PDw5fDwtJDQ=\n",
"<cosmpy.crypto.keypairs.PublicKey object at 0x10d66d8b0>\n",
"Nilchain Private Key (bytes): l/SYifzu2Iqc3dsWoWHRP2oSMHwrORY/PDw5fDwtJDQ=\n",
"Nilchain Public Key (bytes): <cosmpy.crypto.keypairs.PublicKey object at 0x109efb920>\n",
"Paying for wallet: nillion1mqukqr7d4s3eqhcxwctu7yypm560etp2dghpy6\n",
"Wallet balance: 999999989000000 unil\n",
"Wallet balance: 999999996000000 unil\n",
"[>] Creating nilauth client\n",
"[>] Creating payer\n",
"IS SUBSCRIBED: True\n",
"[>] Subscription is already paid for\n",
"EXPIRES IN: 0:01:01.197447\n",
"CAN BE RENEWED IN: -1 day, 23:44:21.197434\n"
"IS SUBSCRIBED: False\n",
"[>] Paying for subscription\n"
]
}
],
"source": [
"# %% Import necessary libraries\n",
"from nuc.payer import Payer\n",
"from nuc.builder import NucTokenBuilder\n",
"from nuc.nilauth import NilauthClient\n",
"from nuc.nilauth import NilauthClient, BlindModule\n",
"from nuc.envelope import NucTokenEnvelope\n",
"from nuc.token import Command, Did, InvocationBody, DelegationBody\n",
"from nuc.validate import (\n",
Expand Down Expand Up @@ -128,15 +126,18 @@
"\n",
"# %% Check and manage NilAuth subscription\n",
"# Check if the builder_private_key is associated with an active subscription\n",
"subscription_details = nilauth_client.subscription_status(builder_private_key)\n",
"subscription_details = nilauth_client.subscription_status(\n",
" builder_private_key.pubkey, BlindModule.NILAI\n",
")\n",
"print(f\"IS SUBSCRIBED: {subscription_details.subscribed}\")\n",
"\n",
"# If not subscribed, pay for one\n",
"if not subscription_details.subscribed:\n",
" print(\"[>] Paying for subscription\")\n",
" nilauth_client.pay_subscription(\n",
" key=builder_private_key, # The key to associate the subscription with\n",
" pubkey=builder_private_key.pubkey, # The key to associate the subscription with\n",
" payer=payer, # The payer object to execute the transaction\n",
" blind_module=BlindModule.NILAI,\n",
" )\n",
"else:\n",
" # If already subscribed, print details\n",
Expand Down Expand Up @@ -168,26 +169,28 @@
},
{
"cell_type": "code",
"execution_count": 4,
"execution_count": 2,
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"Root Token: eyJhbGciOiJFUzI1NksifQ.eyJpc3MiOiJkaWQ6bmlsOjAzNTIwZTcwYmQ5N2E1ZmE2ZDcwYzYxNGQ1MGVlNDdiZjQ0NWFlMGIwOTQxYTFkNjFkZGQ1YWZhMDIyYjk3YWIxNCIsImF1ZCI6ImRpZDpuaWw6MDMwOTIzZjJlNzEyMGM1MGU0MjkwNWI4NTdkZGQyOTQ3ZjZlY2NlZDZiYjAyYWFiNjRlNjNiMjhlOWUyZTA2ZDEwIiwic3ViIjoiZGlkOm5pbDowMzA5MjNmMmU3MTIwYzUwZTQyOTA1Yjg1N2RkZDI5NDdmNmVjY2VkNmJiMDJhYWI2NGU2M2IyOGU5ZTJlMDZkMTAiLCJleHAiOjE3NDU1MDg2OTcsImNtZCI6Ii9uaWwiLCJwb2wiOltdLCJub25jZSI6ImMxNDE0MTIwYjg5ODk3ZTdlM2YyN2ZiZGE0OWEyZDAwIiwicHJmIjpbXX0.3csz4DdLahcYmc6vbwE-HdweGF6TCFUiatoO6AAssSJNUR0VGiRHmCSU3rlmdYAHPHEPcLWNBBLo-e9bMOQXUg\n",
"Builder Private Key: 97f49889fceed88a9cdddb16a161d13f6a12307c2b39163f3c3c397c3c2d2434\n",
"Builder Public Key: 030923f2e7120c50e42905b857ddd2947f6ecced6bb02aab64e63b28e9e2e06d10\n",
"Delegated Private Key: 5586c1abd910c869517a5c1a733c19b3513fef5f700e2c8624e867b620e981ca\n",
"Delegated Public Key: 03f65bb3be4bd7752e9d680ac315025c5252e9e36836217fe9bdb4b8514f04e8d9\n",
"Root Token Envelope: <nuc.envelope.NucTokenEnvelope object at 0x10778f560>\n"
"Root Token (raw string): eyJhbGciOiJFUzI1NksifQ.eyJpc3MiOiJkaWQ6bmlsOjAzNTIwZTcwYmQ5N2E1ZmE2ZDcwYzYxNGQ1MGVlNDdiZjQ0NWFlMGIwOTQxYTFkNjFkZGQ1YWZhMDIyYjk3YWIxNCIsImF1ZCI6ImRpZDpuaWw6MDMwOTIzZjJlNzEyMGM1MGU0MjkwNWI4NTdkZGQyOTQ3ZjZlY2NlZDZiYjAyYWFiNjRlNjNiMjhlOWUyZTA2ZDEwIiwic3ViIjoiZGlkOm5pbDowMzA5MjNmMmU3MTIwYzUwZTQyOTA1Yjg1N2RkZDI5NDdmNmVjY2VkNmJiMDJhYWI2NGU2M2IyOGU5ZTJlMDZkMTAiLCJleHAiOjE3NDk3MjgxNDksImNtZCI6Ii9uaWwvYWkiLCJwb2wiOltdLCJub25jZSI6IjYzNDc1YzkyZjE3ZTZlMjgwMWRkZGNlYzFjYjcwNmFlIiwicHJmIjpbXX0.oKd_heCtzZr6sh-q8fqZOXL3rsxvy1gROugUMIEefRJXyBhtSA4YWrK9xHQlprCHIF0dlWSGN_y68D3Fi1OU4g\n",
"Builder Private Key (bytes): 97f49889fceed88a9cdddb16a161d13f6a12307c2b39163f3c3c397c3c2d2434\n",
"Builder Public Key (hex): 030923f2e7120c50e42905b857ddd2947f6ecced6bb02aab64e63b28e9e2e06d10\n",
"Delegated Private Key (bytes): a3c69fe94746509d4b44d213b582e72f3e891568cd8004725ada12d4b139db8a\n",
"Delegated Public Key (hex): 03dda3f7bba93edddf6659660e69f14653cdb8c56b8a7253a22d914ac3cfffc6aa\n",
"Root Token Envelope (parsed object): <nuc.envelope.NucTokenEnvelope object at 0x10ae7fc80>\n"
]
}
],
"source": [
"# %% Request Root Token from NilAuth\n",
"# Use the key associated with the subscription to request the base NUC token\n",
"root_token = nilauth_client.request_token(key=builder_private_key)\n",
"root_token = nilauth_client.request_token(\n",
" key=builder_private_key, blind_module=BlindModule.NILAI\n",
")\n",
"print(f\"Root Token (raw string): {root_token}\")\n",
"\n",
"# %% Display Builder Key Details (Owner of Root Token)\n",
Expand Down Expand Up @@ -228,15 +231,15 @@
},
{
"cell_type": "code",
"execution_count": 5,
"execution_count": 3,
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"Delegation Token: eyJhbGciOiJFUzI1NksifQ.eyJpc3MiOiAiZGlkOm5pbDowMzA5MjNmMmU3MTIwYzUwZTQyOTA1Yjg1N2RkZDI5NDdmNmVjY2VkNmJiMDJhYWI2NGU2M2IyOGU5ZTJlMDZkMTAiLCAiYXVkIjogImRpZDpuaWw6MDNmNjViYjNiZTRiZDc3NTJlOWQ2ODBhYzMxNTAyNWM1MjUyZTllMzY4MzYyMTdmZTliZGI0Yjg1MTRmMDRlOGQ5IiwgInN1YiI6ICJkaWQ6bmlsOjAzMDkyM2YyZTcxMjBjNTBlNDI5MDViODU3ZGRkMjk0N2Y2ZWNjZWQ2YmIwMmFhYjY0ZTYzYjI4ZTllMmUwNmQxMCIsICJjbWQiOiAiL25pbC9haS9nZW5lcmF0ZSIsICJwb2wiOiBbXSwgIm5vbmNlIjogImZlNTE1ZDA0MGY3MWEyYmY0NzdlYjc2MzBjOWE5YjViIiwgInByZiI6IFsiYWU3ZmY3NTkxYjcxMjQ1MjY3Nzg0NTBmMDZlZDlkYjlkYTU2YmIwZjRmOTIzZmI1YTUzMzMyNWViYWU5ZmQ5MSJdfQ.CguMqBWX0YX2rErcpiHX4PvExo6kiEmnE3QOJMPZ1KU_iiQD1p6kzjY5YRHHT_mWVjgQVNsVR2B9swr7Zk63mw/eyJhbGciOiJFUzI1NksifQ.eyJpc3MiOiJkaWQ6bmlsOjAzNTIwZTcwYmQ5N2E1ZmE2ZDcwYzYxNGQ1MGVlNDdiZjQ0NWFlMGIwOTQxYTFkNjFkZGQ1YWZhMDIyYjk3YWIxNCIsImF1ZCI6ImRpZDpuaWw6MDMwOTIzZjJlNzEyMGM1MGU0MjkwNWI4NTdkZGQyOTQ3ZjZlY2NlZDZiYjAyYWFiNjRlNjNiMjhlOWUyZTA2ZDEwIiwic3ViIjoiZGlkOm5pbDowMzA5MjNmMmU3MTIwYzUwZTQyOTA1Yjg1N2RkZDI5NDdmNmVjY2VkNmJiMDJhYWI2NGU2M2IyOGU5ZTJlMDZkMTAiLCJleHAiOjE3NDU1MDg2OTcsImNtZCI6Ii9uaWwiLCJwb2wiOltdLCJub25jZSI6ImMxNDE0MTIwYjg5ODk3ZTdlM2YyN2ZiZGE0OWEyZDAwIiwicHJmIjpbXX0.3csz4DdLahcYmc6vbwE-HdweGF6TCFUiatoO6AAssSJNUR0VGiRHmCSU3rlmdYAHPHEPcLWNBBLo-e9bMOQXUg\n",
"Delegated Token Envelope: <nuc.envelope.NucTokenEnvelope object at 0x10d6d3290>\n"
"Delegation Token (raw string): eyJhbGciOiJFUzI1NksifQ.eyJpc3MiOiAiZGlkOm5pbDowMzA5MjNmMmU3MTIwYzUwZTQyOTA1Yjg1N2RkZDI5NDdmNmVjY2VkNmJiMDJhYWI2NGU2M2IyOGU5ZTJlMDZkMTAiLCAiYXVkIjogImRpZDpuaWw6MDNkZGEzZjdiYmE5M2VkZGRmNjY1OTY2MGU2OWYxNDY1M2NkYjhjNTZiOGE3MjUzYTIyZDkxNGFjM2NmZmZjNmFhIiwgInN1YiI6ICJkaWQ6bmlsOjAzMDkyM2YyZTcxMjBjNTBlNDI5MDViODU3ZGRkMjk0N2Y2ZWNjZWQ2YmIwMmFhYjY0ZTYzYjI4ZTllMmUwNmQxMCIsICJjbWQiOiAiL25pbC9haS9nZW5lcmF0ZSIsICJwb2wiOiBbXSwgIm5vbmNlIjogIjE4OTg4ODcxMjk2YTRmN2NkNTliYzgyNGNhNWY2NDc4IiwgInByZiI6IFsiNmRkNTlhYmU4Y2ZiMTJmYmQ1MzFiODdkMmIxYmIwYzY1N2NjMGNjMjgyYTIyMzAzMjk0MWE1ZWU2YmYzMzVhOSJdfQ.WfukyFvrLOQIs7sAYkrkg2BnhJKSLTYJGlPxxHl8nHg6s92_eyOZaKcXAgTlL59YL98FciIGkxpCRIxc6wFVUA/eyJhbGciOiJFUzI1NksifQ.eyJpc3MiOiJkaWQ6bmlsOjAzNTIwZTcwYmQ5N2E1ZmE2ZDcwYzYxNGQ1MGVlNDdiZjQ0NWFlMGIwOTQxYTFkNjFkZGQ1YWZhMDIyYjk3YWIxNCIsImF1ZCI6ImRpZDpuaWw6MDMwOTIzZjJlNzEyMGM1MGU0MjkwNWI4NTdkZGQyOTQ3ZjZlY2NlZDZiYjAyYWFiNjRlNjNiMjhlOWUyZTA2ZDEwIiwic3ViIjoiZGlkOm5pbDowMzA5MjNmMmU3MTIwYzUwZTQyOTA1Yjg1N2RkZDI5NDdmNmVjY2VkNmJiMDJhYWI2NGU2M2IyOGU5ZTJlMDZkMTAiLCJleHAiOjE3NDk3MjgxNDksImNtZCI6Ii9uaWwvYWkiLCJwb2wiOltdLCJub25jZSI6IjYzNDc1YzkyZjE3ZTZlMjgwMWRkZGNlYzFjYjcwNmFlIiwicHJmIjpbXX0.oKd_heCtzZr6sh-q8fqZOXL3rsxvy1gROugUMIEefRJXyBhtSA4YWrK9xHQlprCHIF0dlWSGN_y68D3Fi1OU4g\n",
"Delegated Token Envelope (parsed object): <nuc.envelope.NucTokenEnvelope object at 0x109db05c0>\n"
]
}
],
Expand Down Expand Up @@ -293,17 +296,17 @@
},
{
"cell_type": "code",
"execution_count": 6,
"execution_count": 4,
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"New Private Key: 6288b98e03a595f54788137b0a9353d334b363af30c71d469ae8368a2257ab0e\n",
"Delegated Key: 02e24769ba1fc9aa1dd819ca12cc8179b5417e3bebf9c9c9e5880342d48246f420\n",
"Delegated Token Envelope: <nuc.envelope.NucTokenEnvelope object at 0x10d6d3290>\n",
"Invocation: eyJhbGciOiJFUzI1NksifQ.eyJpc3MiOiAiZGlkOm5pbDowM2Y2NWJiM2JlNGJkNzc1MmU5ZDY4MGFjMzE1MDI1YzUyNTJlOWUzNjgzNjIxN2ZlOWJkYjRiODUxNGYwNGU4ZDkiLCAiYXVkIjogImRpZDpuaWw6MDJlMjQ3NjliYTFmYzlhYTFkZDgxOWNhMTJjYzgxNzliNTQxN2UzYmViZjljOWM5ZTU4ODAzNDJkNDgyNDZmNDIwIiwgInN1YiI6ICJkaWQ6bmlsOjAzMDkyM2YyZTcxMjBjNTBlNDI5MDViODU3ZGRkMjk0N2Y2ZWNjZWQ2YmIwMmFhYjY0ZTYzYjI4ZTllMmUwNmQxMCIsICJjbWQiOiAiL25pbC9haS9nZW5lcmF0ZSIsICJhcmdzIjoge30sICJub25jZSI6ICI1ZmRkODk1NjE4MWM1YTZiZjRlNDVhMzBlYzc1YmE0NSIsICJwcmYiOiBbIjBjYWY3MWU3ZGVjMWEwNjc3Y2M0ZWNhYjJhYzY5Nzk1MWRjZDBjZDc4MTM4MDA4MzVkZjY2MmE2ODQzNTNjYzAiXX0.2D5Z7JcodjWyPcRqPx2OIn2Marnk-46XCJAlYIBzdTZCPQSs99gfWslQdoaC84pWYqiaoTvYuogqTDTdrtXaeA/eyJhbGciOiJFUzI1NksifQ.eyJpc3MiOiAiZGlkOm5pbDowMzA5MjNmMmU3MTIwYzUwZTQyOTA1Yjg1N2RkZDI5NDdmNmVjY2VkNmJiMDJhYWI2NGU2M2IyOGU5ZTJlMDZkMTAiLCAiYXVkIjogImRpZDpuaWw6MDNmNjViYjNiZTRiZDc3NTJlOWQ2ODBhYzMxNTAyNWM1MjUyZTllMzY4MzYyMTdmZTliZGI0Yjg1MTRmMDRlOGQ5IiwgInN1YiI6ICJkaWQ6bmlsOjAzMDkyM2YyZTcxMjBjNTBlNDI5MDViODU3ZGRkMjk0N2Y2ZWNjZWQ2YmIwMmFhYjY0ZTYzYjI4ZTllMmUwNmQxMCIsICJjbWQiOiAiL25pbC9haS9nZW5lcmF0ZSIsICJwb2wiOiBbXSwgIm5vbmNlIjogImZlNTE1ZDA0MGY3MWEyYmY0NzdlYjc2MzBjOWE5YjViIiwgInByZiI6IFsiYWU3ZmY3NTkxYjcxMjQ1MjY3Nzg0NTBmMDZlZDlkYjlkYTU2YmIwZjRmOTIzZmI1YTUzMzMyNWViYWU5ZmQ5MSJdfQ.CguMqBWX0YX2rErcpiHX4PvExo6kiEmnE3QOJMPZ1KU_iiQD1p6kzjY5YRHHT_mWVjgQVNsVR2B9swr7Zk63mw/eyJhbGciOiJFUzI1NksifQ.eyJpc3MiOiJkaWQ6bmlsOjAzNTIwZTcwYmQ5N2E1ZmE2ZDcwYzYxNGQ1MGVlNDdiZjQ0NWFlMGIwOTQxYTFkNjFkZGQ1YWZhMDIyYjk3YWIxNCIsImF1ZCI6ImRpZDpuaWw6MDMwOTIzZjJlNzEyMGM1MGU0MjkwNWI4NTdkZGQyOTQ3ZjZlY2NlZDZiYjAyYWFiNjRlNjNiMjhlOWUyZTA2ZDEwIiwic3ViIjoiZGlkOm5pbDowMzA5MjNmMmU3MTIwYzUwZTQyOTA1Yjg1N2RkZDI5NDdmNmVjY2VkNmJiMDJhYWI2NGU2M2IyOGU5ZTJlMDZkMTAiLCJleHAiOjE3NDU1MDg2OTcsImNtZCI6Ii9uaWwiLCJwb2wiOltdLCJub25jZSI6ImMxNDE0MTIwYjg5ODk3ZTdlM2YyN2ZiZGE0OWEyZDAwIiwicHJmIjpbXX0.3csz4DdLahcYmc6vbwE-HdweGF6TCFUiatoO6AAssSJNUR0VGiRHmCSU3rlmdYAHPHEPcLWNBBLo-e9bMOQXUg\n",
"Placeholder Target Private Key (bytes): 1366a4fb211fedaf9f35ed507caa5c1c69e7c12e05aac59004ee8af82c28f353\n",
"Placeholder Target Public Key (hex): 03557a9b7632c332967c9e49ef04b4eeee65f238a58e05123afd67c6440643ec45\n",
"Delegated Token Envelope (used for invocation): <nuc.envelope.NucTokenEnvelope object at 0x109db05c0>\n",
"Invocation Token (raw string): eyJhbGciOiJFUzI1NksifQ.eyJpc3MiOiAiZGlkOm5pbDowM2RkYTNmN2JiYTkzZWRkZGY2NjU5NjYwZTY5ZjE0NjUzY2RiOGM1NmI4YTcyNTNhMjJkOTE0YWMzY2ZmZmM2YWEiLCAiYXVkIjogImRpZDpuaWw6MDM1NTdhOWI3NjMyYzMzMjk2N2M5ZTQ5ZWYwNGI0ZWVlZTY1ZjIzOGE1OGUwNTEyM2FmZDY3YzY0NDA2NDNlYzQ1IiwgInN1YiI6ICJkaWQ6bmlsOjAzMDkyM2YyZTcxMjBjNTBlNDI5MDViODU3ZGRkMjk0N2Y2ZWNjZWQ2YmIwMmFhYjY0ZTYzYjI4ZTllMmUwNmQxMCIsICJjbWQiOiAiL25pbC9haS9nZW5lcmF0ZSIsICJhcmdzIjoge30sICJub25jZSI6ICJlY2I5ZmRlMDE1MDQyZTVlOWQ4YTAwNWIwN2EyMTUwOCIsICJwcmYiOiBbIjU1OTVhYmM3MjY4NTYzYjVjMWVkOWFjMzFmZmYwYmZkMzc0ZGY1ODE1YjI2OWZiOGUxMDg3OTllNzhkMWE1MDkiXX0.Z61s5nYqi_EJVWfl_VNHhw16oLELABuP1hhe4NIMr8JFGBk7fyvuToCFaWKGx6aBGR8wrLcLcC1qctZWkvVOlQ/eyJhbGciOiJFUzI1NksifQ.eyJpc3MiOiAiZGlkOm5pbDowMzA5MjNmMmU3MTIwYzUwZTQyOTA1Yjg1N2RkZDI5NDdmNmVjY2VkNmJiMDJhYWI2NGU2M2IyOGU5ZTJlMDZkMTAiLCAiYXVkIjogImRpZDpuaWw6MDNkZGEzZjdiYmE5M2VkZGRmNjY1OTY2MGU2OWYxNDY1M2NkYjhjNTZiOGE3MjUzYTIyZDkxNGFjM2NmZmZjNmFhIiwgInN1YiI6ICJkaWQ6bmlsOjAzMDkyM2YyZTcxMjBjNTBlNDI5MDViODU3ZGRkMjk0N2Y2ZWNjZWQ2YmIwMmFhYjY0ZTYzYjI4ZTllMmUwNmQxMCIsICJjbWQiOiAiL25pbC9haS9nZW5lcmF0ZSIsICJwb2wiOiBbXSwgIm5vbmNlIjogIjE4OTg4ODcxMjk2YTRmN2NkNTliYzgyNGNhNWY2NDc4IiwgInByZiI6IFsiNmRkNTlhYmU4Y2ZiMTJmYmQ1MzFiODdkMmIxYmIwYzY1N2NjMGNjMjgyYTIyMzAzMjk0MWE1ZWU2YmYzMzVhOSJdfQ.WfukyFvrLOQIs7sAYkrkg2BnhJKSLTYJGlPxxHl8nHg6s92_eyOZaKcXAgTlL59YL98FciIGkxpCRIxc6wFVUA/eyJhbGciOiJFUzI1NksifQ.eyJpc3MiOiJkaWQ6bmlsOjAzNTIwZTcwYmQ5N2E1ZmE2ZDcwYzYxNGQ1MGVlNDdiZjQ0NWFlMGIwOTQxYTFkNjFkZGQ1YWZhMDIyYjk3YWIxNCIsImF1ZCI6ImRpZDpuaWw6MDMwOTIzZjJlNzEyMGM1MGU0MjkwNWI4NTdkZGQyOTQ3ZjZlY2NlZDZiYjAyYWFiNjRlNjNiMjhlOWUyZTA2ZDEwIiwic3ViIjoiZGlkOm5pbDowMzA5MjNmMmU3MTIwYzUwZTQyOTA1Yjg1N2RkZDI5NDdmNmVjY2VkNmJiMDJhYWI2NGU2M2IyOGU5ZTJlMDZkMTAiLCJleHAiOjE3NDk3MjgxNDksImNtZCI6Ii9uaWwvYWkiLCJwb2wiOltdLCJub25jZSI6IjYzNDc1YzkyZjE3ZTZlMjgwMWRkZGNlYzFjYjcwNmFlIiwicHJmIjpbXX0.oKd_heCtzZr6sh-q8fqZOXL3rsxvy1gROugUMIEefRJXyBhtSA4YWrK9xHQlprCHIF0dlWSGN_y68D3Fi1OU4g\n",
"--------------------------------\n"
]
}
Expand Down Expand Up @@ -371,24 +374,20 @@
},
{
"cell_type": "code",
"execution_count": 8,
"execution_count": 6,
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"Nilauth Public Key: did:nil:03520e70bd97a5fa6d70c614d50ee47bf445ae0b0941a1d61ddd5afa022b97ab14\n",
"Invocation Envelope: <nuc.envelope.NucTokenEnvelope object at 0x10778dbe0>\n",
"Invocation Envelope Token Proofs: 2\n",
"Validating Root Token Envelope\n",
"Validating Delegated Token Envelope\n",
"None\n",
"Validating Invocation Envelope\n",
"InvocationRequirement(audience=Did(public_key=b'\\x02\\xe2Gi\\xba\\x1f\\xc9\\xaa\\x1d\\xd8\\x19\\xca\\x12\\xcc\\x81y\\xb5A~;\\xeb\\xf9\\xc9\\xc9\\xe5\\x88\\x03B\\xd4\\x82F\\xf4 '))\n",
"{\"iss\": \"did:nil:03f65bb3be4bd7752e9d680ac315025c5252e9e36836217fe9bdb4b8514f04e8d9\", \"aud\": \"did:nil:02e24769ba1fc9aa1dd819ca12cc8179b5417e3bebf9c9c9e5880342d48246f420\", \"sub\": \"did:nil:030923f2e7120c50e42905b857ddd2947f6ecced6bb02aab64e63b28e9e2e06d10\", \"cmd\": \"/nil/ai/generate\", \"args\": {}, \"nonce\": \"5fdd8956181c5a6bf4e45a30ec75ba45\", \"prf\": [\"0caf71e7dec1a0677cc4ecab2ac697951dcd0cd7813800835df662a684353cc0\"]}\n",
"Expected audience: did:nil:02e24769ba1fc9aa1dd819ca12cc8179b5417e3bebf9c9c9e5880342d48246f420\n",
"Token audience: did:nil:02e24769ba1fc9aa1dd819ca12cc8179b5417e3bebf9c9c9e5880342d48246f420\n"
"Nilauth Public Key (Trust Anchor): did:nil:03520e70bd97a5fa6d70c614d50ee47bf445ae0b0941a1d61ddd5afa022b97ab14\n",
"Invocation Envelope (parsed object): <nuc.envelope.NucTokenEnvelope object at 0x10b20a900>\n",
"Invocation Envelope Token Proofs Count: 2\n",
"Validating Delegated Token Envelope...\n",
"Delegated Token is Valid.\n",
"Validating Invocation Envelope...\n",
"Invocation Token is Valid (including audience check).\n"
]
}
],
Expand Down Expand Up @@ -421,7 +420,7 @@
"print(\"Validating Delegated Token Envelope...\")\n",
"try:\n",
" # Basic validation checks structure and signature relative to the root\n",
" validator.validate(delegated_token_envelope)\n",
" validator.validate(delegated_token_envelope, {})\n",
" print(\"Delegated Token is Valid.\")\n",
"except ValidationException as e:\n",
" print(f\"Delegated Token Validation Failed: {e}\")\n",
Expand Down
5 changes: 4 additions & 1 deletion nilai-auth/nilai-auth-server/src/nilai_auth_server/app.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,12 +38,15 @@ def delegate(request: DelegateRequest) -> DelegationToken:
)
nilauth_client = NilauthClient(f"http://{NILAUTH_TRUSTED_ROOT_ISSUER}")

if not server_private_key.pubkey:
raise Exception("Failed to get public key")

# Pay for the subscription
pay_for_subscription(
nilauth_client,
server_wallet,
server_keypair,
server_private_key,
server_private_key.pubkey,
f"http://{NILCHAIN_GRPC}",
)

Expand Down
4 changes: 2 additions & 2 deletions nilai-auth/nuc-helpers/pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,15 +9,15 @@ authors = [
requires-python = ">=3.12"
dependencies = [
"cosmpy==0.9.2",
"nuc",
"pydantic>=2.11.2",
"secp256k1>=0.14.0",
"httpx>=0.28.1",
"nuc",
]

[build-system]
requires = ["hatchling"]
build-backend = "hatchling.build"

[tool.uv.sources]
nuc = { git = "https://github.com/NillionNetwork/nuc-py.git" }
nuc = { git = "https://github.com/NillionNetwork/nuc-py.git", tag = "4922b5e9354e611cc31322d681eb29da05be584e" }
Loading
Loading