|
| 1 | +# DCT Protocol |
| 2 | + |
| 3 | +**Delegatable Capability Tokens** — a full-stack protocol for cryptographically-scoped AI agent authorization on Base. |
| 4 | + |
| 5 | +| Layer | Technology | |
| 6 | +|---|---| |
| 7 | +| Identity | ERC-8004 Agent NFT Registry | |
| 8 | +| Off-chain auth | Eclipse Biscuit WASM (Ed25519 + Datalog) | |
| 9 | +| On-chain enforcement | DCTRegistry + DCTEnforcer (UUPS, Base Sepolia) | |
| 10 | +| Action attestation | TLSNotary (Dockerized notary + server-side prover) | |
| 11 | +| Gas sponsorship | ERC-4337 via Pimlico bundler + paymaster | |
| 12 | +| Backend | Node.js / Express (`server/`) | |
| 13 | +| Frontend | React / Vite (`client/`) | |
| 14 | + |
| 15 | +--- |
| 16 | + |
| 17 | +## Quick start |
| 18 | + |
| 19 | +```bash |
| 20 | +# 1 — Install all deps |
| 21 | +npm install --prefix server |
| 22 | +npm install --prefix client |
| 23 | + |
| 24 | +# 2 — Copy and fill env |
| 25 | +cp server/.env.example server/.env |
| 26 | +# Required: PRIVATE_KEY, ALCHEMY_API_KEY (or RPC_URL) |
| 27 | +# Optional: PIMLICO_API_KEY, DATABASE_URL, TLSN_* |
| 28 | + |
| 29 | +# 3 — Start server (WASM module support required) |
| 30 | +cd server && npm start |
| 31 | +# → http://localhost:3000 |
| 32 | + |
| 33 | +# 4 — Start client |
| 34 | +cd client && npm run dev |
| 35 | +# → http://localhost:5173 (Live Demo at /live-demo) |
| 36 | + |
| 37 | +# 5 — (Optional) TLSNotary Docker notary |
| 38 | +docker compose -f docker-compose.tlsn.yml up -d |
| 39 | +# → notary on :7047, wstcp proxy on :55688 |
| 40 | + |
| 41 | +# 6 — (Optional) Dev TLS prover |
| 42 | +cd server && npm run tlsn-prover |
| 43 | +# → prover on :8090 |
| 44 | +``` |
| 45 | + |
| 46 | +--- |
| 47 | + |
| 48 | +## Contract addresses — Base Sepolia (chainId 84532) |
| 49 | + |
| 50 | +| Contract | Address | |
| 51 | +|---|---| |
| 52 | +| ERC8004IdentityRegistry | `0x8004A818BFB912233c491871b3d84c89A494BD9e` | |
| 53 | +| DCTRegistry | `0x2cec268a5934bfa5aa7f973ac7accf8ac17b89cf` | |
| 54 | +| DCTEnforcer | `0x256a633fa2c990a64ec4adf79685f59490a241f8` | |
| 55 | +| DCTCaveatEnforcer | `0x8e4c74b1a26663ba734fbeb7a7cc68204cf1eb68` | |
| 56 | +| NotaryAttestationVerifier | `0x58874114f6c28c1c782161ed0385680f4d26c558` | |
| 57 | + |
| 58 | +--- |
| 59 | + |
| 60 | +## Environment checklist |
| 61 | + |
| 62 | +``` |
| 63 | +# server/.env (never commit) |
| 64 | +PRIVATE_KEY=<deployer / signer EOA private key> |
| 65 | +ALCHEMY_API_KEY=<or set RPC_URL directly> |
| 66 | +PIMLICO_API_KEY=<for ERC-4337 sponsored gas; omit to use EOA fallback> |
| 67 | +DATABASE_URL=<Neon / Postgres connection string; omit to disable audit log> |
| 68 | +TLSN_NOTARY_URL=http://127.0.0.1:7047 |
| 69 | +TLSN_PROVER_URL=http://127.0.0.1:8090 |
| 70 | +``` |
| 71 | + |
| 72 | +Rotate any key that was ever logged, printed, or exposed in chat. |
| 73 | +`server/.env` is in `.gitignore` — confirm before every push with `git status`. |
| 74 | + |
| 75 | +--- |
| 76 | + |
| 77 | +## On-chain event stream |
| 78 | + |
| 79 | +`GET /api/events` — Server-Sent Events (SSE) endpoint. |
| 80 | +Emits `DelegationRegistered`, `DelegationRevoked`, `TrustUpdated`, `ActionValidated` from on-chain logs. |
| 81 | + |
| 82 | +```js |
| 83 | +const es = new EventSource('http://localhost:3000/api/events'); |
| 84 | +es.onmessage = (e) => console.log(JSON.parse(e.data)); |
| 85 | +``` |
| 86 | + |
| 87 | +Uses a WebSocket provider when `WS_RPC_URL` or `ALCHEMY_API_KEY` is set; |
| 88 | +falls back to HTTP polling every 6 s otherwise. |
| 89 | + |
| 90 | +The **Live Demo** (`/live-demo`) shows an embedded event log fed from this endpoint. |
| 91 | + |
| 92 | +--- |
| 93 | + |
| 94 | +## ERC-4337 execution |
| 95 | + |
| 96 | +`POST /api/execute/submit` tries the ERC-4337 (Pimlico) path first when `PIMLICO_API_KEY` is set: |
| 97 | + |
| 98 | +1. Looks up the token's scope metadata from the in-process Biscuit store. |
| 99 | +2. Builds and sends a `validateActionWithScope` UserOperation via Pimlico bundler + paymaster. |
| 100 | +3. Falls back to direct EOA `execute()` if `PIMLICO_API_KEY` is absent, the key is missing, or the AA path errors. |
| 101 | + |
| 102 | +Response includes `"path": "aa-4337"` or `"path": "eoa"` so the frontend can surface which was used. |
| 103 | + |
| 104 | +--- |
| 105 | + |
| 106 | +## Contracts |
| 107 | + |
| 108 | +``` |
| 109 | +contracts/ |
| 110 | + src/ |
| 111 | + DCTRegistry.sol — delegation lineage + trust scoring (UUPS) |
| 112 | + DCTEnforcer.sol — validateActionWithScope (UUPS) |
| 113 | + NotaryAttestationVerifier.sol — TLSNotary ECDSA oracle |
| 114 | + mocks/TestAgentRegistry.sol |
| 115 | + test/ |
| 116 | + DCTRegistry.t.sol — 18 unit tests incl. gas snapshots + security |
| 117 | + script/ |
| 118 | + DeployDCT.s.sol |
| 119 | + UpgradeDCTEnforcer.s.sol |
| 120 | +``` |
| 121 | + |
| 122 | +Run tests: |
| 123 | + |
| 124 | +```bash |
| 125 | +cd contracts && forge test -v |
| 126 | +``` |
| 127 | + |
| 128 | +Gas snapshots (from `test_Gas_*`) are printed inline. |
| 129 | +Security tests cover: scope mismatch, over-spend, expiry, wrong tool, scope commitment mismatch, double-registration, revoked-parent block, ancestor revoke, deprecated `validateAction`. |
| 130 | + |
| 131 | +--- |
| 132 | + |
| 133 | +## SDK |
| 134 | + |
| 135 | +```bash |
| 136 | +npm install @shaurya2k06/dctsdk |
| 137 | +``` |
| 138 | + |
| 139 | +```js |
| 140 | +import { mintRootToken, attenuateToken, authorizeToken, delegate, execute, revoke } from '@shaurya2k06/dctsdk'; |
| 141 | +``` |
| 142 | + |
| 143 | +See [`docs/LOCAL_DEV.md`](docs/LOCAL_DEV.md) for a full local Anvil walkthrough. |
| 144 | + |
| 145 | +--- |
| 146 | + |
| 147 | +## Live Demo |
| 148 | + |
| 149 | +Navigate to **`/live-demo`** in the client app for a 12-phase interactive demo: |
| 150 | + |
| 151 | +| Phase | What happens | |
| 152 | +|---|---| |
| 153 | +| 0 | Health checks (chain, registry, enforcer, ERC-8004, Pimlico, TLSNotary) | |
| 154 | +| 1 | Three agents registered on ERC-8004 | |
| 155 | +| 2 | Root Biscuit token minted (off-chain, timed) | |
| 156 | +| 3 | Orchestrator → Research delegation (on-chain) | |
| 157 | +| 4 | Research → Payment delegation (on-chain) | |
| 158 | +| 5 | Successful execution — 4-check trace (revocation, identity, scope, attestation) | |
| 159 | +| 6 | Off-chain Datalog rejection — zero gas | |
| 160 | +| 7 | On-chain revert for out-of-scope action | |
| 161 | +| 8 | Single-tx cascade revocation | |
| 162 | +| 9 | Lineage walk animation | |
| 163 | +| 10 | Trust score timeline | |
| 164 | +| 11 | Summary + stats | |
| 165 | + |
| 166 | +The right-hand column shows a live SSE event log from Base Sepolia. |
| 167 | + |
| 168 | +--- |
| 169 | + |
| 170 | +## Security notes |
| 171 | + |
| 172 | +- `server/.env` is `.gitignore`-listed; double-check with `git status` before any push. |
| 173 | +- `PRIVATE_KEY` / `PIMLICO_API_KEY` should be rotated if ever logged or printed to terminal. |
| 174 | +- `DCTEnforcer.validateAction` is permanently deprecated (always reverts); use `validateActionWithScope`. |
| 175 | +- All `ownerOf` calls in DCTRegistry use `view` (EVM STATICCALL), making reentrancy through the identity registry impossible by construction. `nonReentrant` guards are defense-in-depth. |
| 176 | +- Contract upgrades go through UUPS `upgradeToAndCall`; only the `owner` can upgrade. |
0 commit comments