Metadata-Version: 2.4
Name: hardbound
Version: 0.0.1
Summary: Public Protocol surface for the hardware-bound enterprise trust tier of Web4. Protocols an implementation must satisfy to anchor identity, vault, witness chain, and policy in TPM 2.0 / YubiKey / Secure Enclave hardware.
Author-email: dp-web4 <dp@metalinxx.io>
License-Expression: AGPL-3.0-or-later
Project-URL: Homepage, https://hestia.tools
Project-URL: Repository, https://github.com/dp-web4/hestia
Project-URL: Documentation, https://github.com/dp-web4/hestia/tree/main/hardbound-pak/python
Keywords: trust,tpm,attestation,web4,hardbound
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: Topic :: Security :: Cryptography
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Typing :: Typed
Requires-Python: >=3.10
Description-Content-Type: text/markdown
License-File: LICENSE
Dynamic: license-file

# hardbound (Python)

Public Protocol surface for the **hardware-bound enterprise trust tier
of Web4**. This package is the *contract*; implementations live
elsewhere.

```python
from hardbound import (
    TrustedKeyProvider,
    SealedVault,
    AttestationSigner,
    OversightPolicy,
    Attestation,
    PolicyAction,
    PolicyDecision,
    PolicyAllow,
    PolicyDeny,
    PolicyWarn,
    HardboundError,
)
```

## What this package is

Four Protocols (`typing.Protocol`, `runtime_checkable`) + supporting
dataclasses:

| Protocol | Replaces in consumer Hestia |
|---|---|
| `TrustedKeyProvider` | software-derived sovereign LCT |
| `SealedVault` | passphrase-derived AEAD key |
| `AttestationSigner` | Phase-1 placeholder signer LCT |
| `OversightPolicy` | default-allow stub |

## What this package is NOT

- A working implementation. The reference (closed-source) impl lives
  at [metalinxx.io](https://metalinxx.io). Contact `dp@metalinxx.io`
  for early access.

## See also

- [`hestia-plugin-sdk`](https://pypi.org/project/hestia-plugin-sdk/) —
  the Python SDK for plugging an agent into the OSS Hestia daemon
- [`hestia` Rust crate](https://crates.io/crates/hestia) — the daemon
  itself
- [`https://github.com/dp-web4/hestia/blob/main/demo/enterprise/README.md`](https://github.com/dp-web4/hestia/blob/main/demo/enterprise/README.md)
  — architectural pitch + integration plan

## License

AGPL-3.0-or-later. Contact `dp@metalinxx.io` if you need a permissive
license for a compatible implementation.
