edut/launcher
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Align launcher docs to EDUT ID route and terminology
Some checks are pending
check / launcher (push) Waiting to run
Details

Browse Source
This commit is contained in:
Joshua 2026-02-19 14:49:39 -08:00
parent de74e6f9a2
commit 1f2c608980
2 changed files with 15 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
README.md
View File

@ -6,7 +6,7 @@ Free control-plane application for EDUT onboarding and entitlement-aware install
1. Local wallet create/import/recovery UX. 1. Local wallet create/import/recovery UX.
2. Device readiness checks. 2. Device readiness checks.
3. Membership status and governance install controls. 3. EDUT ID status and governance install controls.
4. Signed package download and verification orchestrator. 4. Signed package download and verification orchestrator.
5. Member app-channel inbox. 5. Member app-channel inbox.
@ -30,10 +30,10 @@ Launcher never contains private kernel internals. It verifies and installs signe
Top-level control surface: Top-level control surface:
1. `Connect wallet` 1. `Connect wallet`
2. `Activate membership` 2. `Activate EDUT ID`
3. `Refresh status + feed` 3. `Refresh status + feed`
4. `Governance status` 4. `Governance status`
5. Wallet/session/membership/designation/last-sync overview cards 5. Wallet/session/EDUT ID/designation/last-sync overview cards
6. Pull-first updates feed + support ticket action 6. Pull-first updates feed + support ticket action
7. Identity assurance visibility (`none` / `crypto_direct_unattested` / `sponsored_unattested` / `onramp_attested`) 7. Identity assurance visibility (`none` / `crypto_direct_unattested` / `sponsored_unattested` / `onramp_attested`)
8. Explicit operator-visible mode toggles (`Human mode` / `Auto mode`) synced to governance `operation_mode` 8. Explicit operator-visible mode toggles (`Human mode` / `Auto mode`) synced to governance `operation_mode`
@ -43,7 +43,7 @@ Advanced integration controls (collapsible):
1. API/chain connection settings 1. API/chain connection settings
2. Wallet intent + verify primitives 2. Wallet intent + verify primitives
3. Membership quote + confirm primitives 3. EDUT ID quote + confirm primitives
4. Marketplace offer list + checkout quote/send/confirm primitives 4. Marketplace offer list + checkout quote/send/confirm primitives
5. Member channel register/poll primitives 5. Member channel register/poll primitives
6. Governance install + lease primitives (with explicit `operation_mode`) 6. Governance install + lease primitives (with explicit `operation_mode`)
@ -56,17 +56,17 @@ Wallet automation helpers remain available in advanced controls:
1. `Connect wallet` fills address from `window.ethereum`. 1. `Connect wallet` fills address from `window.ethereum`.
2. `Sign intent (EIP-712)` signs the current intent payload and fills `walletSignature`. 2. `Sign intent (EIP-712)` signs the current intent payload and fills `walletSignature`.
3. `Sign payer proof` signs distinct-payer ownership proof and fills `payerProof`. 3. `Sign payer proof` signs distinct-payer ownership proof and fills `payerProof`.
4. `Send membership tx` submits the quote transaction via `eth_sendTransaction` and fills `confirmTxHash`. 4. `Send EDUT ID tx` submits the quote transaction via `eth_sendTransaction` and fills `confirmTxHash`.
5. Membership confirm can optionally attach on-ramp attestation fields (`identity_assurance_level`, `identity_attested_by`, `identity_attestation_id`) for provider-integrated flows. 5. EDUT ID confirm can optionally attach on-ramp attestation fields (`identity_assurance_level`, `identity_attested_by`, `identity_attestation_id`) for provider-integrated flows.
6. Wallet verify returns a session token; launcher forwards it on marketplace/member/governance API calls via bearer + `X-Edut-Session`. 6. Wallet verify returns a session token; launcher forwards it on marketplace/member/governance API calls via bearer + `X-Edut-Session`.
7. Launcher proactively refreshes wallet sessions before expiry and clears local session state on terminal session errors (`invalid`, `expired`, `revoked`, `mismatch`). 7. Launcher proactively refreshes wallet sessions before expiry and clears local session state on terminal session errors (`invalid`, `expired`, `revoked`, `mismatch`).
Policy behavior in launcher shell: Policy behavior in launcher shell:
1. Membership is required for all member-channel polling flows. 1. EDUT ID is required for all member-channel polling flows.
2. `onramp_attested` identity assurance is required for owner support-ticket and governance install-token actions. 2. `onramp_attested` identity assurance is required for owner support-ticket and governance install-token actions.
3. Assurance state is displayed independently from membership state in the top summary cards. 3. Assurance state is displayed independently from EDUT ID state in the top summary cards.
4. Owner-only buttons are UI-disabled until both membership is active and assurance is `onramp_attested`. 4. Owner-only buttons are UI-disabled until both EDUT ID is active and assurance is `onramp_attested`.
5. Governance activation evidence must carry explicit signing authority class (`identity_human` or delegated). 5. Governance activation evidence must carry explicit signing authority class (`identity_human` or delegated).
Run locally: Run locally:

12
docs/integration-contract.md
View File

@ -6,9 +6,9 @@ Launcher integrates with EDUT web/backend contracts as follows:
1. `POST /secret/wallet/intent` 1. `POST /secret/wallet/intent`
2. `POST /secret/wallet/verify` 2. `POST /secret/wallet/verify`
3. `POST /secret/membership/quote` 3. `POST /secret/id/quote` (alias of `/secret/membership/quote`)
4. `POST /secret/membership/confirm` 4. `POST /secret/id/confirm` (alias of `/secret/membership/confirm`)
5. `GET /secret/membership/status` 5. `GET /secret/id/status` (alias of `/secret/membership/status`)
6. `GET /marketplace/offers` 6. `GET /marketplace/offers`
7. `POST /marketplace/checkout/quote` 7. `POST /marketplace/checkout/quote`
8. `POST /marketplace/checkout/confirm` 8. `POST /marketplace/checkout/confirm`
@ -25,7 +25,7 @@ Launcher integrates with EDUT web/backend contracts as follows:
- `Authorization: Bearer <session_token>` (preferred) - `Authorization: Bearer <session_token>` (preferred)
- `X-Edut-Session: <session_token>` (compatibility) - `X-Edut-Session: <session_token>` (compatibility)
3. Wallet change must clear cached session token before further calls. 3. Wallet change must clear cached session token before further calls.
4. Endpoints that require membership/admin authority can fail with: 4. Endpoints that require EDUT ID/admin authority can fail with:
- `wallet_session_required` - `wallet_session_required`
- `wallet_session_invalid` - `wallet_session_invalid`
- `wallet_session_expired` - `wallet_session_expired`
@ -40,8 +40,8 @@ Launcher integrates with EDUT web/backend contracts as follows:
1. No runtime activation without entitlement proof. 1. No runtime activation without entitlement proof.
2. All install packages verified by hash and signature. 2. All install packages verified by hash and signature.
3. Membership and entitlement unknown state fails closed. 3. EDUT ID and entitlement unknown state fails closed.
4. Event inbox polling remains canonical even if push unavailable. 4. Event inbox polling remains canonical even if push unavailable.
5. Identity assurance is evaluated independently from membership state. 5. Identity assurance is evaluated independently from EDUT ID state.
6. Owner/admin launcher actions must require `identity_assurance_level=onramp_attested`. 6. Owner/admin launcher actions must require `identity_assurance_level=onramp_attested`.
7. Governance activation evidence must include signing authority class (`identity_human` vs delegated). 7. Governance activation evidence must include signing authority class (`identity_human` vs delegated).