invocation: WIP

2024-09-02 13:04:08 +02:00
45 changed files with 421 additions and 2096 deletions
--- a/capability/command/command.go
+++ b/capability/command/command.go
@@ -1,11 +1,54 @@
 package command

 import (
+	"errors"
 	"fmt"
 	"strings"
 )

-const separator = "/"
+const (
+	separator = "/"
+)
+
+// ErrNew indicates that the wrapped error was encountered while creating
+// a new Command.
+var ErrNew = errors.New("failed to create Command from elems")
+
+// ErrParse indicates that the wrapped error was encountered while
+// attempting to parse a string as a Command.
+var ErrParse = errors.New("failed to parse Command")
+
+// ErrorJoin indicates that the wrapped error was encountered while
+// attempting to join a new segment to a Command.
+var ErrJoin = errors.New("failed to join segments to Command")
+
+// ErrRequiresLeadingSlash is returned when a parsing a string that
+// doesn't start with a [leading slash character].
+//
+// [leading slash character]: https://github.com/ucan-wg/spec#segment-structure
+var ErrRequiresLeadingSlash = parseError("a command requires a leading slash character")
+
+// ErrDisallowsTrailingSlash is returned when parsing a string that [ends
+// with a trailing slash character].
+//
+// [ends with a trailing slash character]: https://github.com/ucan-wg/spec#segment-structure
+var ErrDisallowsTrailingSlash = parseError("a command must not include a trailing slash")
+
+// ErrUCANNamespaceReserved is returned to indicate that a Command's
+// first segment would contain the [reserved "ucan" namespace].
+//
+// [reserved "ucan" namespace]: https://github.com/ucan-wg/spec#ucan-namespace
+var ErrUCANNamespaceReserved = errors.New("the UCAN namespace is reserved")
+
+// ErrRequiresLowercase is returned if a Command contains, or would contain,
+// [uppercase unicode characters].
+//
+// [uppercase unicode characters]: https://github.com/ucan-wg/spec#segment-structure
+var ErrRequiresLowercase = parseError("UCAN path segments must must not contain upper-case characters")
+
+func parseError(msg string) error {
+	return fmt.Errorf("%w: %s", ErrParse, msg)
+}

 var _ fmt.Stringer = (*Command)(nil)

@@ -23,8 +66,18 @@ type Command struct {
 // New creates a validated command from the provided list of segment
 // strings.  An error is returned if an invalid Command would be
 // formed
-func New(segments ...string) *Command {
-	return &Command{segments: segments}
+func New(segments ...string) (*Command, error) {
+	return newCommand(ErrNew, segments...)
+}
+
+func newCommand(err error, segments ...string) (*Command, error) {
+	if len(segments) > 0 && segments[0] == "ucan" {
+		return nil, fmt.Errorf("%w: %w", err, ErrUCANNamespaceReserved)
+	}
+
+	cmd := Command{segments}
+
+	return &cmd, nil
 }

 // Parse verifies that the provided string contains the required
@@ -47,16 +100,7 @@ func Parse(s string) (*Command, error) {

 	// The leading slash will result in the first element from strings.Split
 	// being an empty string which is removed as strings.Join will ignore it.
-	return &Command{strings.Split(s, "/")[1:]}, nil
-}
-
-// MustParse is the same as Parse, but panic() if the parsing fail.
-func MustParse(s string) *Command {
-	c, err := Parse(s)
-	if err != nil {
-		panic(err)
-	}
-	return c
+	return newCommand(ErrParse, strings.Split(s, "/")[1:]...)
 }

 // [Top] is the most powerful capability.
@@ -67,19 +111,22 @@ func MustParse(s string) *Command {
 //
 // [Top]: https://github.com/ucan-wg/spec#-aka-top
 func Top() *Command {
-	return New()
+	cmd, _ := New()
+
+	return cmd
 }

 // IsValid returns true if the provided string is a valid UCAN command.
 func IsValid(s string) bool {
 	_, err := Parse(s)
+
 	return err == nil
 }

 // Join appends segments to the end of this command using the required
 // segment separator.
-func (c *Command) Join(segments ...string) *Command {
-	return &Command{append(c.segments, segments...)}
+func (c *Command) Join(segments ...string) (*Command, error) {
+	return newCommand(ErrJoin, append(c.segments, segments...)...)
 }

 // Segments returns the ordered segments that comprise the Command as a
@@ -91,5 +138,5 @@ func (c *Command) Segments() []string {
 // String returns the composed representation the command.  This is also
 // the required wire representation (before IPLD encoding occurs.)
 func (c *Command) String() string {
-	return "/" + strings.Join(c.segments, "/")
+	return "/" + strings.Join([]string(c.segments), "/")
 }
--- a/capability/command/command_errors.go
+++ b/capability/command/command_errors.go
@@ -1,21 +0,0 @@
-package command
-
-import "fmt"
-
-// ErrRequiresLeadingSlash is returned when a parsing a string that
-// doesn't start with a [leading slash character].
-//
-// [leading slash character]: https://github.com/ucan-wg/spec#segment-structure
-var ErrRequiresLeadingSlash = fmt.Errorf("a command requires a leading slash character")
-
-// ErrDisallowsTrailingSlash is returned when parsing a string that [ends
-// with a trailing slash character].
-//
-// [ends with a trailing slash character]: https://github.com/ucan-wg/spec#segment-structure
-var ErrDisallowsTrailingSlash = fmt.Errorf("a command must not include a trailing slash")
-
-// ErrRequiresLowercase is returned if a Command contains, or would contain,
-// [uppercase unicode characters].
-//
-// [uppercase unicode characters]: https://github.com/ucan-wg/spec#segment-structure
-var ErrRequiresLowercase = fmt.Errorf("UCAN path segments must must not contain upper-case characters")
--- a/capability/command/command_test.go
+++ b/capability/command/command_test.go
@@ -5,7 +5,7 @@ import (

 	"github.com/stretchr/testify/require"

-	"github.com/ucan-wg/go-ucan/capability/command"
+	"github.com/ucan-wg/go-ucan/v1/capability/command"
 )

 func TestTop(t *testing.T) {
@@ -73,6 +73,7 @@ func TestParseCommand(t *testing.T) {
 				t.Parallel()

 				cmd, err := command.Parse(testcase.inp)
+				require.ErrorIs(t, err, command.ErrParse)
 				require.ErrorIs(t, err, testcase.err)
 				require.Nil(t, cmd)
 			})
@@ -133,6 +134,20 @@ func invalidTestcases(t *testing.T) []errorTestcase {
 			},
 			err: command.ErrDisallowsTrailingSlash,
 		},
+		{
+			testcase: testcase{
+				name: "only reserved ucan namespace",
+				inp:  "/ucan",
+			},
+			err: command.ErrUCANNamespaceReserved,
+		},
+		{
+			testcase: testcase{
+				name: "reserved ucan namespace prefix",
+				inp:  "/ucan/elem0/elem1/elem2",
+			},
+			err: command.ErrUCANNamespaceReserved,
+		},
 		{
 			testcase: testcase{
 				name: "uppercase character are present",
--- a/capability/policy/ipld.go
+++ b/capability/policy/ipld.go
@@ -9,7 +9,7 @@ import (
 	"github.com/ipld/go-ipld-prime/must"
 	"github.com/ipld/go-ipld-prime/node/basicnode"

-	"github.com/ucan-wg/go-ucan/capability/policy/selector"
+	"github.com/ucan-wg/go-ucan/v1/capability/policy/selector"
 )

 func FromIPLD(node datamodel.Node) (Policy, error) {
@@ -40,14 +40,14 @@ func statementFromIPLD(path string, node datamodel.Node) (Statement, error) {
 	}
 	op := must.String(opNode)

-	arg2AsSelector := func(op string) (selector.Selector, error) {
+	arg2AsSelector := func() (selector.Selector, error) {
 		nd, _ := node.LookupByIndex(1)
 		if nd.Kind() != datamodel.Kind_String {
-			return nil, ErrNotAString(combinePath(path, op, 1))
+			return nil, ErrNotAString(path + "1/")
 		}
 		sel, err := selector.Parse(must.String(nd))
 		if err != nil {
-			return nil, ErrInvalidSelector(combinePath(path, op, 1), err)
+			return nil, ErrInvalidSelector(path+"1/", err)
 		}
 		return sel, nil
 	}
@@ -57,7 +57,7 @@ func statementFromIPLD(path string, node datamodel.Node) (Statement, error) {
 		switch op {
 		case KindNot:
 			arg2, _ := node.LookupByIndex(1)
-			statement, err := statementFromIPLD(combinePath(path, op, 1), arg2)
+			statement, err := statementFromIPLD(path+"1/", arg2)
 			if err != nil {
 				return nil, err
 			}
@@ -65,7 +65,7 @@ func statementFromIPLD(path string, node datamodel.Node) (Statement, error) {

 		case KindAnd, KindOr:
 			arg2, _ := node.LookupByIndex(1)
-			statement, err := statementsFromIPLD(combinePath(path, op, 1), arg2)
+			statement, err := statementsFromIPLD(path+"1/", arg2)
 			if err != nil {
 				return nil, err
 			}
@@ -77,7 +77,7 @@ func statementFromIPLD(path string, node datamodel.Node) (Statement, error) {
 	case 3:
 		switch op {
 		case KindEqual, KindLessThan, KindLessThanOrEqual, KindGreaterThan, KindGreaterThanOrEqual:
-			sel, err := arg2AsSelector(op)
+			sel, err := arg2AsSelector()
 			if err != nil {
 				return nil, err
 			}
@@ -85,31 +85,28 @@ func statementFromIPLD(path string, node datamodel.Node) (Statement, error) {
 			return equality{kind: op, selector: sel, value: arg3}, nil

 		case KindLike:
-			sel, err := arg2AsSelector(op)
+			sel, err := arg2AsSelector()
 			if err != nil {
 				return nil, err
 			}
 			pattern, _ := node.LookupByIndex(2)
 			if pattern.Kind() != datamodel.Kind_String {
-				return nil, ErrNotAString(combinePath(path, op, 2))
+				return nil, ErrNotAString(path + "2/")
 			}
 			res, err := Like(sel, must.String(pattern))
 			if err != nil {
-				return nil, ErrInvalidPattern(combinePath(path, op, 2), err)
+				return nil, ErrInvalidPattern(path+"2/", err)
 			}
 			return res, nil

 		case KindAll, KindAny:
-			sel, err := arg2AsSelector(op)
+			sel, err := arg2AsSelector()
 			if err != nil {
 				return nil, err
 			}
-			statementsNode, _ := node.LookupByIndex(2)
-			statement, err := statementFromIPLD(combinePath(path, op, 1), statementsNode)
-			if err != nil {
-				return nil, err
-			}
-			return quantifier{kind: op, selector: sel, statement: statement}, nil
+			statementsNodes, _ := node.LookupByIndex(2)
+			statements, err := statementsFromIPLD(path+"1/", statementsNodes)
+			return quantifier{kind: op, selector: sel, statements: statements}, nil

 		default:
 			return nil, ErrUnrecognizedOperator(path, op)
@@ -126,7 +123,7 @@ func statementsFromIPLD(path string, node datamodel.Node) ([]Statement, error) {
 		return nil, ErrNotATuple(path)
 	}
 	if node.Length() == 0 {
-		return nil, nil
+		return nil, ErrEmptyList(path)
 	}

 	res := make([]Statement, node.Length())
@@ -246,7 +243,7 @@ func statementToIPLD(statement Statement) (datamodel.Node, error) {
 		if err != nil {
 			return nil, err
 		}
-		args, err := statementToIPLD(statement.statement)
+		args, err := statementsToIPLD(statement.statements)
 		if err != nil {
 			return nil, err
 		}
@@ -263,7 +260,3 @@ func statementToIPLD(statement Statement) (datamodel.Node, error) {

 	return list.Build(), nil
 }
-
-func combinePath(prev string, operator string, index int) string {
-	return fmt.Sprintf("%s%d-%s/", prev, index, operator)
-}
--- a/capability/policy/ipld_errors.go
+++ b/capability/policy/ipld_errors.go
@@ -35,6 +35,10 @@ func ErrNotATuple(path string) error {
 	return errWithPath{path: path, msg: "not a tuple"}
 }

+func ErrEmptyList(path string) error {
+	return errWithPath{path: path, msg: "empty list"}
+}
+
 func safeStr(str string) string {
 	if len(str) > 10 {
 		return str[:10]
--- a/capability/policy/ipld_test.go
+++ b/capability/policy/ipld_test.go
@@ -11,12 +11,16 @@ import (
 func TestIpldRoundTrip(t *testing.T) {
 	const illustrativeExample = `
 [
-  ["==", ".status", "draft"],
-  ["all", ".reviewer", ["like", ".email", "*@example.com"]],
-  ["any", ".tags", 
-    ["or", [
-      ["==", ".", "news"], 
-      ["==", ".", "press"]]]
+    ["==", ".status", "draft"],
+    ["all", ".reviewer", [
+		["like", ".email", "*@example.com"]]
+	],
+    ["any", ".tags", [ 
+		["or", [
+			["==", ".", "news"], 
+			["==", ".", "press"]]
+      ]]
+	]
 ]`

 	for _, tc := range []struct {
--- a/capability/policy/match.go
+++ b/capability/policy/match.go
@@ -8,7 +8,7 @@ import (
 	"github.com/ipld/go-ipld-prime/datamodel"
 	"github.com/ipld/go-ipld-prime/must"

-	"github.com/ucan-wg/go-ucan/capability/policy/selector"
+	"github.com/ucan-wg/go-ucan/v1/capability/policy/selector"
 )

 // Match determines if the IPLD node matches the policy document.
@@ -110,7 +110,7 @@ func matchStatement(statement Statement, node ipld.Node) bool {
 				return false
 			}
 			for _, n := range many {
-				ok := matchStatement(s.statement, n)
+				ok := Match(s.statements, n)
 				if !ok {
 					return false
 				}
@@ -119,13 +119,12 @@ func matchStatement(statement Statement, node ipld.Node) bool {
 		}
 	case KindAny:
 		if s, ok := statement.(quantifier); ok {
-			// FIXME: line below return a single node, not many
 			_, many, err := selector.Select(s.selector, node)
 			if err != nil || many == nil {
 				return false
 			}
 			for _, n := range many {
-				ok := matchStatement(s.statement, n)
+				ok := Match(s.statements, n)
 				if ok {
 					return true
 				}
--- a/capability/policy/match_test.go
+++ b/capability/policy/match_test.go
@@ -6,13 +6,12 @@ import (

 	"github.com/ipfs/go-cid"
 	"github.com/ipld/go-ipld-prime"
-	"github.com/ipld/go-ipld-prime/codec/dagjson"
 	cidlink "github.com/ipld/go-ipld-prime/linking/cid"
 	"github.com/ipld/go-ipld-prime/node/basicnode"
 	"github.com/stretchr/testify/require"

-	"github.com/ucan-wg/go-ucan/capability/policy/literal"
-	"github.com/ucan-wg/go-ucan/capability/policy/selector"
+	"github.com/ucan-wg/go-ucan/v1/capability/policy/literal"
+	"github.com/ucan-wg/go-ucan/v1/capability/policy/selector"
 )

 func TestMatch(t *testing.T) {
@@ -401,7 +400,8 @@ func TestMatch(t *testing.T) {
 			pol := Policy{
 				Any(
 					selector.MustParse(".[]"),
-					GreaterThan(selector.MustParse(".value"), literal.Int(60)),
+					GreaterThan(selector.MustParse(".value"), literal.Int(10)),
+					LessThan(selector.MustParse(".value"), literal.Int(50)),
 				),
 			}
 			ok := Match(pol, nd)
@@ -418,75 +418,3 @@ func TestMatch(t *testing.T) {
 		})
 	})
 }
-
-func TestPolicyExamples(t *testing.T) {
-	makeNode := func(data string) ipld.Node {
-		nd, err := ipld.Decode([]byte(data), dagjson.Decode)
-		require.NoError(t, err)
-		return nd
-	}
-
-	evaluate := func(statement string, data ipld.Node) bool {
-		// we need to wrap statement with [] to make them a policy
-		policy := fmt.Sprintf("[%s]", statement)
-
-		pol, err := FromDagJson(policy)
-		require.NoError(t, err)
-		return Match(pol, data)
-	}
-
-	t.Run("And", func(t *testing.T) {
-		data := makeNode(`{ "name": "Katie", "age": 35, "nationalities": ["Canadian", "South African"] }`)
-
-		require.True(t, evaluate(`["and", []]`, data))
-		require.True(t, evaluate(`
-["and", [
-  ["==", ".name", "Katie"], 
-  [">=", ".age", 21]
-]]`, data))
-		require.False(t, evaluate(`
-["and", [
-  ["==", ".name", "Katie"], 
-  [">=", ".age", 21], 
-  ["==", ".nationalities", ["American"]]
-]]`, data))
-	})
-
-	t.Run("Or", func(t *testing.T) {
-		data := makeNode(`{ "name": "Katie", "age": 35, "nationalities": ["Canadian", "South African"] }`)
-
-		require.True(t, evaluate(`["or", []]`, data))
-		require.True(t, evaluate(`
-		["or", [
-		  ["==", ".name", "Katie"],
-		  [">", ".age", 45]
-		]]
-		`, data))
-
-	})
-
-	t.Run("Not", func(t *testing.T) {
-		data := makeNode(`{ "name": "Katie", "nationalities": ["Canadian", "South African"] }`)
-
-		require.True(t, evaluate(`
-["not", 
-  ["and", [
-    ["==", ".name", "Katie"], 
-    ["==", ".nationalities", ["American"]]
-  ]]
-]
-`, data))
-	})
-
-	t.Run("All", func(t *testing.T) {
-		data := makeNode(`{"a": [{"b": 1}, {"b": 2}, {"z": [7, 8, 9]}]}`)
-
-		require.False(t, evaluate(`["all", ".a", [">", ".b", 0]]`, data))
-	})
-
-	t.Run("Any", func(t *testing.T) {
-		data := makeNode(`{"a": [{"b": 1}, {"b": 2}, {"z": [7, 8, 9]}]}`)
-
-		require.True(t, evaluate(`["any", ".a", ["==", ".b", 2]]`, data))
-	})
-}
--- a/capability/policy/policy.go
+++ b/capability/policy/policy.go
@@ -6,7 +6,7 @@ import (
 	"github.com/gobwas/glob"
 	"github.com/ipld/go-ipld-prime"

-	"github.com/ucan-wg/go-ucan/capability/policy/selector"
+	"github.com/ucan-wg/go-ucan/v1/capability/policy/selector"
 )

 const (
@@ -40,23 +40,23 @@ func (e equality) Kind() string {
 }

 func Equal(selector selector.Selector, value ipld.Node) Statement {
-	return equality{kind: KindEqual, selector: selector, value: value}
+	return equality{KindEqual, selector, value}
 }

 func GreaterThan(selector selector.Selector, value ipld.Node) Statement {
-	return equality{kind: KindGreaterThan, selector: selector, value: value}
+	return equality{KindGreaterThan, selector, value}
 }

 func GreaterThanOrEqual(selector selector.Selector, value ipld.Node) Statement {
-	return equality{kind: KindGreaterThanOrEqual, selector: selector, value: value}
+	return equality{KindGreaterThanOrEqual, selector, value}
 }

 func LessThan(selector selector.Selector, value ipld.Node) Statement {
-	return equality{kind: KindLessThan, selector: selector, value: value}
+	return equality{KindLessThan, selector, value}
 }

 func LessThanOrEqual(selector selector.Selector, value ipld.Node) Statement {
-	return equality{kind: KindLessThanOrEqual, selector: selector, value: value}
+	return equality{KindLessThanOrEqual, selector, value}
 }

 type negation struct {
@@ -68,7 +68,7 @@ func (n negation) Kind() string {
 }

 func Not(stmt Statement) Statement {
-	return negation{statement: stmt}
+	return negation{stmt}
 }

 type connective struct {
@@ -81,11 +81,11 @@ func (c connective) Kind() string {
 }

 func And(stmts ...Statement) Statement {
-	return connective{kind: KindAnd, statements: stmts}
+	return connective{KindAnd, stmts}
 }

 func Or(stmts ...Statement) Statement {
-	return connective{kind: KindOr, statements: stmts}
+	return connective{KindOr, stmts}
 }

 type wildcard struct {
@@ -103,23 +103,23 @@ func Like(selector selector.Selector, pattern string) (Statement, error) {
 	if err != nil {
 		return nil, err
 	}
-	return wildcard{selector: selector, pattern: pattern, glob: g}, nil
+	return wildcard{selector, pattern, g}, nil
 }

 type quantifier struct {
-	kind      string
-	selector  selector.Selector
-	statement Statement
+	kind       string
+	selector   selector.Selector
+	statements []Statement
 }

 func (n quantifier) Kind() string {
 	return n.kind
 }

-func All(selector selector.Selector, statement Statement) Statement {
-	return quantifier{kind: KindAll, selector: selector, statement: statement}
+func All(selector selector.Selector, policy ...Statement) Statement {
+	return quantifier{KindAll, selector, policy}
 }

-func Any(selector selector.Selector, statement Statement) Statement {
-	return quantifier{kind: KindAny, selector: selector, statement: statement}
+func Any(selector selector.Selector, policy ...Statement) Statement {
+	return quantifier{KindAny, selector, policy}
 }
--- a/capability/policy/selector/selector.go
+++ b/capability/policy/selector/selector.go
@@ -183,12 +183,6 @@ func resolve(sel Selector, subject ipld.Node, at []string) (ipld.Node, []ipld.No
 				if idx < 0 {
 					idx = cur.Length() + idx
 				}
-				if idx < 0 {
-					// necessary until https://github.com/ipld/go-ipld-prime/pull/571
-					// after, isMissing() below will work
-					// TODO: remove
-					return nil, nil, newResolutionError(fmt.Sprintf("index out of bounds: %d", seg.Index()), at)
-				}
 				n, err := cur.LookupByIndex(idx)
 				if err != nil {
 					if isMissing(err) {
--- a/capability/policy/selector/supported_test.go
+++ b/capability/policy/selector/supported_test.go
@@ -12,7 +12,7 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"

-	"github.com/ucan-wg/go-ucan/capability/policy/selector"
+	"github.com/ucan-wg/go-ucan/v1/capability/policy/selector"
 )

 // TestSupported Forms runs tests against the Selector according to the
--- a/delegation/delegatiom_options.go
+++ b/delegation/delegatiom_options.go
@@ -1,46 +0,0 @@
-package delegation
-
-// Code generated by github.com/selesy/go-options.  DO NOT EDIT.
-
-import (
-	"github.com/ipld/go-ipld-prime/datamodel"
-	"time"
-)
-
-type Option func(c *config) error
-
-func newConfig(options ...Option) (config, error) {
-	var c config
-	err := applyConfigOptions(&c, options...)
-	return c, err
-}
-
-func applyConfigOptions(c *config, options ...Option) error {
-	for _, o := range options {
-		if err := o(c); err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func WithExpiration(o *time.Time) Option {
-	return func(c *config) error {
-		c.Expiration = o
-		return nil
-	}
-}
-
-func WithMeta(o map[string]datamodel.Node) Option {
-	return func(c *config) error {
-		c.Meta = o
-		return nil
-	}
-}
-
-func WithNotBefore(o *time.Time) Option {
-	return func(c *config) error {
-		c.NotBefore = o
-		return nil
-	}
-}
--- a/delegation/delegation.go
+++ b/delegation/delegation.go
@@ -1,225 +0,0 @@
-package delegation
-
-import (
-	"crypto/rand"
-	"errors"
-	"fmt"
-	"time"
-
-	"github.com/ipld/go-ipld-prime/datamodel"
-	"github.com/libp2p/go-libp2p/core/crypto"
-	"github.com/ucan-wg/go-ucan/capability/command"
-	"github.com/ucan-wg/go-ucan/capability/policy"
-	"github.com/ucan-wg/go-ucan/did"
-	"github.com/ucan-wg/go-ucan/internal/envelope"
-	"github.com/ucan-wg/go-ucan/internal/token"
-)
-
-const (
-	Tag = "ucan/dlg@1.0.0-rc.1"
-)
-
-type Delegation struct {
-	envel *envelope.Envelope
-}
-
-//go:generate -command options go run github.com/selesy/go-options
-//go:generate options -type=config -prefix=With -output=delegatiom_options.go -cmp=false -stringer=false -imports=time,github.com/ipld/go-ipld-prime/datamodel
-
-type config struct {
-	Expiration *time.Time
-	Meta       map[string]datamodel.Node
-	NotBefore  *time.Time
-}
-
-func New(privKey crypto.PrivKey, aud did.DID, sub *did.DID, cmd *command.Command, pol policy.Policy, nonce []byte, opts ...Option) (*Delegation, error) {
-	cfg, err := newConfig(opts...)
-	if err != nil {
-		return nil, err
-	}
-
-	issuer, err := did.FromPrivKey(privKey)
-	if err != nil {
-		return nil, err
-	}
-
-	if !aud.Defined() {
-		return nil, fmt.Errorf("%w: %s", token.ErrMissingRequiredDID, "aud")
-	}
-	audience := aud.String()
-
-	var subject *string
-	if sub != nil {
-		s := sub.String()
-		subject = &s
-	}
-
-	policy, err := pol.ToIPLD()
-	if err != nil {
-		return nil, err
-	}
-
-	var meta *token.Map__String__Any
-	if len(cfg.Meta) > 0 {
-		m := token.ToIPLDMapStringAny(cfg.Meta)
-		meta = &m
-	}
-
-	var notBefore *int
-	if cfg.NotBefore != nil {
-		n := int(cfg.NotBefore.Unix())
-		notBefore = &n
-	}
-
-	var expiration *int
-	if cfg.Expiration != nil {
-		e := int(cfg.Expiration.Unix())
-		expiration = &e
-	}
-
-	tkn := &token.Token{
-		Issuer:     issuer.String(),
-		Audience:   &audience,
-		Subject:    subject,
-		Command:    cmd.String(),
-		Policy:     &policy,
-		Nonce:      &nonce,
-		Meta:       meta,
-		NotBefore:  notBefore,
-		Expiration: expiration,
-	}
-
-	envel, err := envelope.New(privKey, tkn, Tag)
-	if err != nil {
-		return nil, err
-	}
-
-	dlg := &Delegation{envel: envel}
-
-	if err := dlg.Validate(); err != nil {
-		return nil, err
-	}
-
-	return dlg, nil
-}
-
-func Root(privKey crypto.PrivKey, aud did.DID, cmd *command.Command, pol policy.Policy, nonce []byte, opts ...Option) (*Delegation, error) {
-	sub, err := did.FromPrivKey(privKey)
-	if err != nil {
-		return nil, err
-	}
-
-	return New(privKey, aud, &sub, cmd, pol, nonce, opts...)
-}
-
-func (d *Delegation) Audience() did.DID {
-	id, _ := did.Parse(*d.envel.TokenPayload().Audience)
-
-	return id
-}
-
-func (d *Delegation) Command() *command.Command {
-	cmd, _ := command.Parse(d.envel.TokenPayload().Command)
-
-	return cmd
-}
-
-func (d *Delegation) IsPowerline() bool {
-	return d.envel.TokenPayload().Subject == nil
-}
-
-func (d *Delegation) IsRoot() bool {
-	return &d.envel.TokenPayload().Issuer == d.envel.TokenPayload().Subject
-}
-
-func (d *Delegation) Issuer() did.DID {
-	id, _ := did.Parse(d.envel.TokenPayload().Issuer)
-
-	return id
-}
-
-func (d *Delegation) Meta() map[string]datamodel.Node {
-	return d.envel.TokenPayload().Meta.Values
-}
-
-func (d *Delegation) Nonce() []byte {
-	return *d.envel.TokenPayload().Nonce
-}
-
-func (d *Delegation) Policy() policy.Policy {
-	pol, _ := policy.FromIPLD(*d.envel.TokenPayload().Policy)
-
-	return pol
-}
-
-func (d *Delegation) Subject() *did.DID {
-	if d.envel.TokenPayload().Subject == nil {
-		return nil
-	}
-
-	id, _ := did.Parse(*d.envel.TokenPayload().Subject)
-
-	return &id
-}
-
-func (d *Delegation) Validate() error {
-	return errors.Join(
-		d.validateDID("iss", &d.envel.TokenPayload().Issuer, false),
-		d.validateDID("aud", d.envel.TokenPayload().Audience, false),
-		d.validateDID("sub", d.envel.TokenPayload().Subject, true),
-		d.validateCommand(),
-		d.validatePolicy(),
-		d.validateNonce(),
-	)
-}
-
-func (d *Delegation) validateCommand() error {
-	_, err := command.Parse(d.envel.TokenPayload().Command)
-
-	return err
-}
-
-func (d *Delegation) validateDID(fieldName string, identity *string, nullableOrOptional bool) error {
-	if identity == nil && !nullableOrOptional {
-		return fmt.Errorf("a required DID is missing: %s", fieldName)
-	}
-
-	id, err := did.Parse(*identity)
-	if err != nil {
-
-	}
-
-	if !id.Defined() && !id.Key() {
-		return fmt.Errorf("a required DID is missing: %s", fieldName)
-	}
-
-	return nil
-}
-
-func (d *Delegation) validateNonce() error {
-	if d.envel.TokenPayload().Nonce == nil || len(*d.envel.TokenPayload().Nonce) < 1 {
-		return fmt.Errorf("nonce is required: must not be nil or empty")
-	}
-
-	return nil
-}
-
-func (d *Delegation) validatePolicy() error {
-	if d.envel.TokenPayload().Policy == nil {
-		return fmt.Errorf("the \"pol\" field is required")
-	}
-
-	_, err := policy.FromIPLD(*d.envel.TokenPayload().Policy)
-
-	return err
-}
-
-func Nonce() ([]byte, error) {
-	nonce := make([]byte, 32)
-
-	if _, err := rand.Read(nonce); err != nil {
-		return nil, err
-	}
-
-	return nonce, nil
-}
--- a/delegation/delegation.ipldsch
+++ b/delegation/delegation.ipldsch
@@ -0,0 +1,29 @@
+type DID string
+
+# The Delegation payload MUST describe the authorization claims, who is involved, and its validity period.
+type Payload struct {
+    # Issuer DID (sender)
+    iss DID
+    # Audience DID (receiver)
+    aud DID
+    # Principal that the chain is about (the Subject)
+    sub optional DID
+
+    # The Command to eventually invoke
+    cmd String
+
+    # The delegation policy
+    # It doesn't seem possible to represent it with a schema.
+    pol Any
+
+    # A unique, random nonce
+    nonce Bytes
+
+    # Arbitrary Metadata
+    meta {String : Any}
+
+    # "Not before" UTC Unix Timestamp in seconds (valid from), 53-bits integer
+    nbf optional Int
+    # The timestamp at which the Invocation becomes invalid
+    exp nullable Int
+}
--- a/delegation/delegation_test.go
+++ b/delegation/delegation_test.go
@@ -1,149 +0,0 @@
-package delegation_test
-
-import (
-	"crypto/rand"
-	"testing"
-	"time"
-
-	"github.com/ipld/go-ipld-prime/datamodel"
-	"github.com/ipld/go-ipld-prime/node/basicnode"
-	"github.com/libp2p/go-libp2p/core/crypto"
-	"github.com/stretchr/testify/require"
-	"github.com/ucan-wg/go-ucan/capability/command"
-	"github.com/ucan-wg/go-ucan/capability/policy"
-	"github.com/ucan-wg/go-ucan/delegation"
-	"github.com/ucan-wg/go-ucan/did"
-	"gotest.tools/v3/golden"
-)
-
-const (
-	nonce = "6roDhGi0kiNriQAz7J3d+bOeoI/tj8ENikmQNbtjnD0"
-
-	AudiencePrivKeyCfg = "CAESQL1hvbXpiuk2pWr/XFbfHJcZNpJ7S90iTA3wSCTc/BPRneCwPnCZb6c0vlD6ytDWqaOt0HEOPYnqEpnzoBDprSM="
-	AudienceDID        = "did:key:z6Mkq5YmbJcTrPExNDi26imrTCpKhepjBFBSHqrBDN2ArPkv"
-
-	issuerPrivKeyCfg = "CAESQLSql38oDmQXIihFFaYIjb73mwbPsc7MIqn4o8PN4kRNnKfHkw5gRP1IV9b6d0estqkZayGZ2vqMAbhRixjgkDU="
-	issuerDID        = "did:key:z6Mkpzn2n3ZGT2VaqMGSQC3tzmzV4TS9S71iFsDXE1WnoNH2"
-
-	subjectPrivKeyCfg = "CAESQL9RtjZ4dQBeXtvDe53UyvslSd64kSGevjdNiA1IP+hey5i/3PfRXSuDr71UeJUo1fLzZ7mGldZCOZL3gsIQz5c="
-	subjectDID        = "did:key:z6MktA1uBdCpq4uJBqE9jjMiLyxZBg9a6xgPPKJjMqss6Zc2"
-	subJectCmd        = "/foo/bar"
-	subjectPol        = `
-[
-	[
-		"==",
-		".status",
-		"draft"
-	],
-	[
-		"all",
-		".reviewer",
-		[
-			"like",
-			".email",
-			"*@example.com"
-		]
-	],
-	[
-		"any",
-		".tags",
-		[
-			"or",
-			[
-				[
-					"==",
-					".",
-					"news"
-				],
-				[
-					"==",
-					".",
-					"press"
-				]
-			]
-		]
-	]
-]
-`
-)
-
-func TestConstructors(t *testing.T) {
-	t.Parallel()
-
-	privKey := privKey(t, issuerPrivKeyCfg)
-
-	aud, err := did.Parse(AudienceDID)
-
-	sub, err := did.Parse(subjectDID)
-	require.NoError(t, err)
-
-	cmd, err := command.Parse(subJectCmd)
-	require.NoError(t, err)
-
-	pol, err := policy.FromDagJson(subjectPol)
-	require.NoError(t, err)
-
-	exp := time.Time{}
-
-	meta := map[string]datamodel.Node{
-		"foo": basicnode.NewString("fooo"),
-		"bar": basicnode.NewString("barr"),
-	}
-
-	t.Run("New", func(t *testing.T) {
-		dlg, err := delegation.New(privKey, aud, &sub, cmd, pol, []byte(nonce), delegation.WithExpiration(&exp), delegation.WithMeta(meta))
-		require.NoError(t, err)
-
-		data, err := dlg.ToDagJson()
-		require.NoError(t, err)
-
-		t.Log(string(data))
-
-		golden.Assert(t, string(data), "new.dagjson")
-	})
-
-	t.Run("Root", func(t *testing.T) {
-		t.Parallel()
-
-		dlg, err := delegation.Root(privKey, aud, cmd, pol, []byte(nonce), delegation.WithExpiration(&exp), delegation.WithMeta(meta))
-		require.NoError(t, err)
-
-		data, err := dlg.ToDagJson()
-		require.NoError(t, err)
-
-		t.Log(string(data))
-
-		golden.Assert(t, string(data), "root.dagjson")
-	})
-}
-
-func privKey(t *testing.T, privKeyCfg string) crypto.PrivKey {
-	t.Helper()
-
-	privKeyMar, err := crypto.ConfigDecodeKey(privKeyCfg)
-	require.NoError(t, err)
-
-	privKey, err := crypto.UnmarshalPrivateKey(privKeyMar)
-	require.NoError(t, err)
-
-	return privKey
-}
-
-func TestKey(t *testing.T) {
-	t.Skip()
-
-	priv, _, err := crypto.GenerateEd25519Key(rand.Reader)
-	require.NoError(t, err)
-
-	privMar, err := crypto.MarshalPrivateKey(priv)
-	require.NoError(t, err)
-
-	privCfg := crypto.ConfigEncodeKey(privMar)
-	t.Log(privCfg)
-
-	id, err := did.FromPubKey(priv.GetPublic())
-	require.NoError(t, err)
-	t.Log(id)
-
-	t.Fail()
-}
--- a/delegation/encoding.go
+++ b/delegation/encoding.go
@@ -1,113 +1,33 @@
 package delegation

 import (
-	"fmt"
-	"io"
-
 	"github.com/ipld/go-ipld-prime"
-	"github.com/ipld/go-ipld-prime/codec"
 	"github.com/ipld/go-ipld-prime/codec/dagcbor"
 	"github.com/ipld/go-ipld-prime/codec/dagjson"
-	"github.com/ipld/go-ipld-prime/datamodel"
-
-	"github.com/ucan-wg/go-ucan/internal/envelope"
 )

-// Encode marshals a Delegation to the format specified by the provided
-// codec.Encoder.
-func (d *Delegation) Encode(encFn codec.Encoder) ([]byte, error) {
-	node, err := d.ToIPLD()
+func (p *PayloadModel) EncodeDagCbor() ([]byte, error) {
+	return ipld.Marshal(dagcbor.Encode, p, PayloadType())
+}
+
+func (p *PayloadModel) EncodeDagJson() ([]byte, error) {
+	return ipld.Marshal(dagjson.Encode, p, PayloadType())
+}
+
+func DecodeDagCbor(data []byte) (*PayloadModel, error) {
+	var p PayloadModel
+	_, err := ipld.Unmarshal(data, dagcbor.Decode, &p, PayloadType())
 	if err != nil {
 		return nil, err
 	}
-
-	return ipld.Encode(node, encFn)
+	return &p, nil
 }

-// ToDagCbor marshals the Delegation to the DAG-CBOR format.
-func (d *Delegation) ToDagCbor() ([]byte, error) {
-	return d.Encode(dagcbor.Encode)
-}
-
-// ToDagJson marshals the Delegation to the DAG-JSON format.
-func (d *Delegation) ToDagJson() ([]byte, error) {
-	return d.Encode(dagjson.Encode)
-}
-
-// ToIPLD wraps the Delegation in an IPLD datamodel.Node.
-func (d *Delegation) ToIPLD() (datamodel.Node, error) {
-	return d.envel.Wrap()
-}
-
-// Decode unmarshals the input data using the format specified by the
-// provided codec.Decoder into a Delegation.
-//
-// An error is returned if the conversion fails, or if the resulting
-// Delegation is invalid.
-func Decode(b []byte, decFn codec.Decoder) (*Delegation, error) {
-	node, err := ipld.Decode(b, decFn)
+func DecodeDagJson(data []byte) (*PayloadModel, error) {
+	var p PayloadModel
+	_, err := ipld.Unmarshal(data, dagjson.Decode, &p, PayloadType())
 	if err != nil {
 		return nil, err
 	}
-	return FromIPLD(node)
-}
-
-// DecodeReader is the same as Decode, but accept an io.Reader.
-func DecodeReader(r io.Reader, decFn codec.Decoder) (*Delegation, error) {
-	node, err := ipld.DecodeStreaming(r, decFn)
-	if err != nil {
-		return nil, err
-	}
-	return FromIPLD(node)
-}
-
-// FromDagCbor unmarshals the input data into a Delegation.
-//
-// An error is returned if the conversion fails, or if the resulting
-// Delegation is invalid.
-func FromDagCbor(data []byte) (*Delegation, error) {
-	return Decode(data, dagcbor.Decode)
-}
-
-// FromDagCborReader is the same as FromDagCbor, but accept an io.Reader.
-func FromDagCborReader(r io.Reader) (*Delegation, error) {
-	return DecodeReader(r, dagcbor.Decode)
-}
-
-// FromDagJson unmarshals the input data into a Delegation.
-//
-// An error is returned if the conversion fails, or if the resulting
-// Delegation is invalid.
-func FromDagJson(data []byte) (*Delegation, error) {
-	return Decode(data, dagjson.Decode)
-}
-
-// FromDagJsonReader is the same as FromDagJson, but accept an io.Reader.
-func FromDagJsonReader(r io.Reader) (*Delegation, error) {
-	return DecodeReader(r, dagjson.Decode)
-}
-
-// FromIPLD unwraps a Delegation from the provided IPLD datamodel.Node
-//
-// An error is returned if the conversion fails, or if the resulting
-// Delegation is invalid.
-func FromIPLD(node datamodel.Node) (*Delegation, error) {
-	envel, err := envelope.Unwrap(node)
-	if err != nil {
-		return nil, err
-	}
-
-	if envel.Tag() != Tag {
-		return nil, fmt.Errorf("wrong tag for TokenPayload: received %s but expected %s", envel.Tag(), Tag)
-	}
-
-	dlg := &Delegation{
-		envel: envel,
-	}
-
-	if err := dlg.Validate(); err != nil {
-		return nil, err
-	}
-
-	return dlg, nil
+	return &p, nil
 }
--- a/delegation/encoding_test.go
+++ b/delegation/encoding_test.go
@@ -1,101 +0,0 @@
-package delegation_test
-
-import (
-	"fmt"
-	"testing"
-
-	"github.com/stretchr/testify/require"
-	"github.com/ucan-wg/go-ucan/delegation"
-)
-
-func TestEncodingRoundTrip(t *testing.T) {
-	const delegationJson = `
-[
-  {
-    "/": {
-      "bytes": "QWr0Pk+sSWE1nszuBMQzggbHX4ofJb8QRdwrLJK/AGCx2p4s/xaCRieomfstDjsV4ezBzX1HARvcoNgdwDQ8Aw"
-    }
-  },
-  {
-    "h": {
-      "/": {
-        "bytes": "NO0BcQ"
-      }
-    },
-    "ucan/dlg@1.0.0-rc.1": {
-      "aud": "did:key:z6Mkpzn2n3ZGT2VaqMGSQC3tzmzV4TS9S71iFsDXE1WnoNH2",
-      "cmd": "/foo/bar",
-      "exp": -62135596800,
-      "iss": "did:key:z6Mkpzn2n3ZGT2VaqMGSQC3tzmzV4TS9S71iFsDXE1WnoNH2",
-      "meta": {
-        "bar": "barr",
-        "foo": "fooo"
-      },
-      "nbf": -62135596800,
-      "nonce": {
-        "/": {
-          "bytes": "X93ORvN1QIXrKPyEP5m5XoVK9VLX9nX8VV/+HlWrp9c"
-        }
-      },
-      "pol": [
-        [
-          "==",
-          ".status",
-          "draft"
-        ],
-        [
-          "all",
-          ".reviewer",
-          [
-            "like",
-            ".email",
-            "*@example.com"
-          ]
-        ],
-        [
-          "any",
-          ".tags",
-          [
-            "or",
-            [
-              [
-                "==",
-                ".",
-                "news"
-              ],
-              [
-                "==",
-                ".",
-                "press"
-              ]
-            ]
-          ]
-        ]
-      ],
-      "sub": "did:key:z6MktA1uBdCpq4uJBqE9jjMiLyxZBg9a6xgPPKJjMqss6Zc2"
-    }
-  }
-]
-`
-	// format:    dagJson   -->   Delegation   -->   dagCbor   -->   Delegation   -->   dagJson
-	// function:        FromDagJson()       ToDagCbor()    FromDagCbor()       ToDagJson()
-
-	p1, err := delegation.FromDagJson([]byte(delegationJson))
-	require.NoError(t, err)
-
-	cborBytes, err := p1.ToDagCbor()
-	require.NoError(t, err)
-	fmt.Println("cborBytes length", len(cborBytes))
-	fmt.Println("cbor", string(cborBytes))
-
-	p2, err := delegation.FromDagCbor(cborBytes)
-	require.NoError(t, err)
-	fmt.Println("read Cbor", p2)
-
-	readJson, err := p2.ToDagJson()
-	require.NoError(t, err)
-	fmt.Println("readJson length", len(readJson))
-	fmt.Println("json: ", string(readJson))
-
-	require.JSONEq(t, delegationJson, string(readJson))
-}
--- a/delegation/schema.go
+++ b/delegation/schema.go
@@ -0,0 +1,69 @@
+package delegation
+
+import (
+	_ "embed"
+	"fmt"
+	"sync"
+
+	"github.com/ipld/go-ipld-prime"
+	"github.com/ipld/go-ipld-prime/datamodel"
+	"github.com/ipld/go-ipld-prime/schema"
+)
+
+//go:embed delegation.ipldsch
+var schemaBytes []byte
+
+var (
+	once sync.Once
+	ts   *schema.TypeSystem
+	err  error
+)
+
+func mustLoadSchema() *schema.TypeSystem {
+	once.Do(func() {
+		ts, err = ipld.LoadSchemaBytes(schemaBytes)
+	})
+	if err != nil {
+		panic(fmt.Errorf("failed to load IPLD schema: %s", err))
+	}
+	return ts
+}
+
+func PayloadType() schema.Type {
+	return mustLoadSchema().TypeByName("Payload")
+}
+
+type PayloadModel struct {
+	// Issuer DID (sender)
+	Iss string
+	// Audience DID (receiver)
+	Aud string
+	// Principal that the chain is about (the Subject)
+	// optional: can be nil
+	Sub *string
+
+	// The Command to eventually invoke
+	Cmd string
+
+	// The delegation policy
+	Pol datamodel.Node
+
+	// A unique, random nonce
+	Nonce []byte
+
+	// Arbitrary Metadata
+	// optional: can be nil
+	Meta MetaModel
+
+	// "Not before" UTC Unix Timestamp in seconds (valid from), 53-bits integer
+	// optional: can be nil
+	Nbf *int64
+	// The timestamp at which the Invocation becomes invalid
+	// optional: can be nil
+	Exp *int64
+}
+
+type MetaModel struct {
+	Keys   []string
+	Values map[string]datamodel.Node
+}
--- a/internal/token/schema_test.go
+++ b/internal/token/schema_test.go
@@ -1,20 +1,13 @@
-package token_test
+package delegation

 import (
-	_ "embed"
 	"fmt"
 	"testing"

 	"github.com/ipld/go-ipld-prime"
-	"github.com/ipld/go-ipld-prime/codec/dagcbor"
-	"github.com/ipld/go-ipld-prime/codec/dagjson"
 	"github.com/stretchr/testify/require"
-	"github.com/ucan-wg/go-ucan/internal/token"
 )

-//go:embed token.ipldsch
-var schemaBytes []byte
-
 func TestSchemaRoundTrip(t *testing.T) {
 	const delegationJson = `
 {
@@ -47,27 +40,22 @@ func TestSchemaRoundTrip(t *testing.T) {
  "sub":""
 }
 `
-	// format:    dagJson --> IPLD node --> token --> dagCbor --> IPLD node   -->   dagJson
-	// function:                     Unwrap()   Wrap()
+	// format:    dagJson   -->   PayloadModel   -->   dagCbor   -->   PayloadModel   -->   dagJson
+	// function:      DecodeDagJson()      EncodeDagCbor()   DecodeDagCbor()     EncodeDagJson()

-	n1, err := ipld.DecodeUsingPrototype([]byte(delegationJson), dagjson.Decode, token.Prototype())
+	p1, err := DecodeDagJson([]byte(delegationJson))
 	require.NoError(t, err)

-	cborBytes, err := ipld.Encode(n1, dagcbor.Encode)
+	cborBytes, err := p1.EncodeDagCbor()
 	require.NoError(t, err)
 	fmt.Println("cborBytes length", len(cborBytes))
 	fmt.Println("cbor", string(cborBytes))

-	n2, err := ipld.DecodeUsingPrototype(cborBytes, dagcbor.Decode, token.Prototype())
+	p2, err := DecodeDagCbor(cborBytes)
 	require.NoError(t, err)
-	fmt.Println("read Cbor", n2)
+	fmt.Println("read Cbor", p2)

-	t1, err := token.Unwrap(n2)
-	require.NoError(t, err)
-
-	n3 := t1.Wrap()
-
-	readJson, err := ipld.Encode(n3, dagjson.Encode)
+	readJson, err := p2.EncodeDagJson()
 	require.NoError(t, err)
 	fmt.Println("readJson length", len(readJson))
 	fmt.Println("json: ", string(readJson))
@@ -77,7 +65,6 @@ func TestSchemaRoundTrip(t *testing.T) {

 func BenchmarkSchemaLoad(b *testing.B) {
 	b.ReportAllocs()
-
 	for i := 0; i < b.N; i++ {
 		_, _ = ipld.LoadSchemaBytes(schemaBytes)
 	}
--- a/delegation/testdata/new.dagjson
+++ b/delegation/testdata/new.dagjson
@@ -1 +0,0 @@
-[{"/":{"bytes":"P2lPLfdMuZuc4NPZ0mbozU+/bn5xoWlJsu+Fvaxi4ICYXVJb9/wiTTht3WJEFqjxXLxfTl4BMZF3J1CNvMPqBg"}},{"h":{"/":{"bytes":"NO0BcQ"}},"ucan/dlg@1.0.0-rc.1":{"aud":"did:key:z6Mkq5YmbJcTrPExNDi26imrTCpKhepjBFBSHqrBDN2ArPkv","cmd":"/foo/bar","exp":-62135596800,"iss":"did:key:z6Mkpzn2n3ZGT2VaqMGSQC3tzmzV4TS9S71iFsDXE1WnoNH2","meta":{"bar":"barr","foo":"fooo"},"nonce":{"/":{"bytes":"NnJvRGhHaTBraU5yaVFBejdKM2QrYk9lb0kvdGo4RU5pa21RTmJ0am5EMA"}},"pol":[["==",".status","draft"],["all",".reviewer",["like",".email","*@example.com"]],["any",".tags",["or",[["==",".","news"],["==",".","press"]]]]],"sub":"did:key:z6MktA1uBdCpq4uJBqE9jjMiLyxZBg9a6xgPPKJjMqss6Zc2"}}]
--- a/delegation/testdata/root.dagjson
+++ b/delegation/testdata/root.dagjson
@@ -1 +0,0 @@
-[{"/":{"bytes":"0sjiwG9BOgpezz6qw5UiD+rqOeqFLn4+Qds1PvbnsUBoc3RhF6IVxIeoOXDh1ufv3RHaI/zg4wjYpUwAMpTACw"}},{"h":{"/":{"bytes":"NO0BcQ"}},"ucan/dlg@1.0.0-rc.1":{"aud":"did:key:z6Mkq5YmbJcTrPExNDi26imrTCpKhepjBFBSHqrBDN2ArPkv","cmd":"/foo/bar","exp":-62135596800,"iss":"did:key:z6Mkpzn2n3ZGT2VaqMGSQC3tzmzV4TS9S71iFsDXE1WnoNH2","meta":{"bar":"barr","foo":"fooo"},"nonce":{"/":{"bytes":"NnJvRGhHaTBraU5yaVFBejdKM2QrYk9lb0kvdGo4RU5pa21RTmJ0am5EMA"}},"pol":[["==",".status","draft"],["all",".reviewer",["like",".email","*@example.com"]],["any",".tags",["or",[["==",".","news"],["==",".","press"]]]]],"sub":"did:key:z6Mkpzn2n3ZGT2VaqMGSQC3tzmzV4TS9S71iFsDXE1WnoNH2"}}]
--- a/delegation/view.go
+++ b/delegation/view.go
@@ -0,0 +1,87 @@
+package delegation
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/ipld/go-ipld-prime/datamodel"
+
+	"github.com/ucan-wg/go-ucan/v1/capability/command"
+	"github.com/ucan-wg/go-ucan/v1/capability/policy"
+	"github.com/ucan-wg/go-ucan/v1/did"
+)
+
+type View struct {
+	// Issuer DID (sender)
+	Issuer did.DID
+	// Audience DID (receiver)
+	Audience did.DID
+	// Principal that the chain is about (the Subject)
+	Subject did.DID
+	// The Command to eventually invoke
+	Command *command.Command
+	// The delegation policy
+	Policy policy.Policy
+	// A unique, random nonce
+	Nonce []byte
+	// Arbitrary Metadata
+	Meta map[string]datamodel.Node
+	// "Not before" UTC Unix Timestamp in seconds (valid from), 53-bits integer
+	NotBefore time.Time
+	// The timestamp at which the Invocation becomes invalid
+	Expiration time.Time
+}
+
+// ViewFromModel build a decoded view of the raw IPLD data.
+// This function also serves as validation.
+func ViewFromModel(m PayloadModel) (*View, error) {
+	var view View
+	var err error
+
+	view.Issuer, err = did.Parse(m.Iss)
+	if err != nil {
+		return nil, fmt.Errorf("parse iss: %w", err)
+	}
+
+	view.Audience, err = did.Parse(m.Aud)
+	if err != nil {
+		return nil, fmt.Errorf("parse audience: %w", err)
+	}
+
+	if m.Sub != nil {
+		view.Subject, err = did.Parse(*m.Sub)
+		if err != nil {
+			return nil, fmt.Errorf("parse subject: %w", err)
+		}
+	} else {
+		view.Subject = did.Undef
+	}
+
+	view.Command, err = command.Parse(m.Cmd)
+	if err != nil {
+		return nil, fmt.Errorf("parse command: %w", err)
+	}
+
+	view.Policy, err = policy.FromIPLD(m.Pol)
+	if err != nil {
+		return nil, fmt.Errorf("parse policy: %w", err)
+	}
+
+	if len(m.Nonce) == 0 {
+		return nil, fmt.Errorf("nonce is required")
+	}
+	view.Nonce = m.Nonce
+
+	// TODO: copy?
+	view.Meta = m.Meta.Values
+
+	if m.Nbf != nil {
+		view.NotBefore = time.Unix(*m.Nbf, 0)
+	}
+
+	if m.Exp != nil {
+		view.Expiration = time.Unix(*m.Exp, 0)
+	}
+
+	return &view, nil
+}
--- a/did/crypto.go
+++ b/did/crypto.go
@@ -1,48 +0,0 @@
-package did
-
-import (
-	"errors"
-
-	crypto "github.com/libp2p/go-libp2p/core/crypto"
-	"github.com/libp2p/go-libp2p/core/crypto/pb"
-	"github.com/multiformats/go-multicodec"
-	"github.com/multiformats/go-varint"
-)
-
-func FromPrivKey(privKey crypto.PrivKey) (DID, error) {
-	return FromPubKey(privKey.GetPublic())
-}
-
-func FromPubKey(pubKey crypto.PubKey) (DID, error) {
-	code, ok := map[pb.KeyType]multicodec.Code{
-		pb.KeyType_Ed25519:   multicodec.Ed25519Pub,
-		pb.KeyType_RSA:       multicodec.RsaPub,
-		pb.KeyType_Secp256k1: multicodec.Secp256k1Pub,
-		pb.KeyType_ECDSA:     multicodec.Es256,
-	}[pubKey.Type()]
-	if !ok {
-		return Undef, errors.New("Blah")
-	}
-
-	buf := varint.ToUvarint(uint64(code))
-
-	pubBytes, err := pubKey.Raw()
-	if err != nil {
-		return Undef, err
-	}
-
-	return DID{
-		str:  string(append(buf, pubBytes...)),
-		code: uint64(code),
-		key:  true,
-	}, nil
-}
-
-func ToPubKey(s string) (crypto.PubKey, error) {
-	id, err := Parse(s)
-	if err != nil {
-		return nil, err
-	}
-
-	return id.PubKey()
-}
--- a/did/crypto_test.go
+++ b/did/crypto_test.go
@@ -1,51 +0,0 @@
-package did_test
-
-import (
-	"testing"
-
-	"github.com/libp2p/go-libp2p/core/crypto"
-	"github.com/stretchr/testify/require"
-	"github.com/ucan-wg/go-ucan/did"
-)
-
-const (
-	exampleDIDStr    = "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"
-	examplePubKeyStr = "Lm/M42cB3HkUiODQsXRcweM6TByfzEHGO9ND274JcOY="
-)
-
-func TestFromPubKey(t *testing.T) {
-	t.Parallel()
-
-	id, err := did.FromPubKey(examplePubKey(t))
-	require.NoError(t, err)
-	require.Equal(t, exampleDID(t), id)
-}
-
-func TestToPubKey(t *testing.T) {
-	t.Parallel()
-
-	pubKey, err := did.ToPubKey(exampleDIDStr)
-	require.NoError(t, err)
-	require.Equal(t, examplePubKey(t), pubKey)
-}
-
-func exampleDID(t *testing.T) did.DID {
-	t.Helper()
-
-	id, err := did.Parse(exampleDIDStr)
-	require.NoError(t, err)
-
-	return id
-}
-
-func examplePubKey(t *testing.T) crypto.PubKey {
-	t.Helper()
-
-	pubKeyCfg, err := crypto.ConfigDecodeKey(examplePubKeyStr)
-	require.NoError(t, err)
-
-	pubKey, err := crypto.UnmarshalEd25519PublicKey(pubKeyCfg)
-	require.NoError(t, err)
-
-	return pubKey
-}
--- a/did/did.go
+++ b/did/did.go
@@ -4,9 +4,7 @@ import (
 	"fmt"
 	"strings"

-	crypto "github.com/libp2p/go-libp2p/core/crypto"
 	mbase "github.com/multiformats/go-multibase"
-	"github.com/multiformats/go-multicodec"
 	varint "github.com/multiformats/go-varint"
 )

@@ -15,16 +13,12 @@ const KeyPrefix = "did:key:"

 const DIDCore = 0x0d1d
 const Ed25519 = 0xed
-const RSA = uint64(multicodec.RsaPub)

 var MethodOffset = varint.UvarintSize(uint64(DIDCore))

-//
-// [did:key format]: https://w3c-ccg.github.io/did-method-key/
 type DID struct {
-	key  bool
-	code uint64
-	str  string
+	key bool
+	str string
 }

 // Undef can be used to represent a nil or undefined DID, using DID{}
@@ -42,36 +36,10 @@ func (d DID) Bytes() []byte {
 	return []byte(d.str)
 }

-func (d DID) Code() uint64 {
-	return d.code
-}
-
 func (d DID) DID() DID {
 	return d
 }

-func (d DID) Key() bool {
-	return d.key
-}
-
-func (d DID) PubKey() (crypto.PubKey, error) {
-	if !d.key {
-		return nil, fmt.Errorf("unsupported did type: %s", d.String())
-	}
-
-	unmarshaler, ok := map[multicodec.Code]crypto.PubKeyUnmarshaller{
-		multicodec.Ed25519Pub:   crypto.UnmarshalEd25519PublicKey,
-		multicodec.RsaPub:       crypto.UnmarshalRsaPublicKey,
-		multicodec.Secp256k1Pub: crypto.UnmarshalSecp256k1PublicKey,
-		multicodec.Es256:        crypto.UnmarshalECDSAPublicKey,
-	}[multicodec.Code(d.code)]
-	if !ok {
-		return nil, fmt.Errorf("unsupported multicodec: %d", d.code)
-	}
-
-	return unmarshaler(d.Bytes()[varint.UvarintSize(d.code):])
-}
-
 // String formats the decentralized identity document (DID) as a string.
 func (d DID) String() string {
 	if d.key {
@@ -86,8 +54,8 @@ func Decode(bytes []byte) (DID, error) {
 	if err != nil {
 		return Undef, err
 	}
-	if code == Ed25519 || code == RSA {
-		return DID{str: string(bytes), code: code, key: true}, nil
+	if code == Ed25519 {
+		return DID{str: string(bytes), key: true}, nil
 	} else if code == DIDCore {
 		return DID{str: string(bytes)}, nil
 	}
@@ -114,5 +82,5 @@ func Parse(str string) (DID, error) {
 	varint.PutUvarint(buf, DIDCore)
 	suffix, _ := strings.CutPrefix(str, Prefix)
 	buf = append(buf, suffix...)
-	return DID{str: string(buf), code: DIDCore}, nil
+	return DID{str: string(buf)}, nil
 }
--- a/doc.go
+++ b/doc.go
@@ -1,5 +0,0 @@
-// Package ucan provides the core functionality required to grant and
-// revoke privileges via [UCAN] tokens.
-//
-// [UCAN]: https://ucan.xyz
-package ucan
--- a/go.mod
+++ b/go.mod
@@ -1,42 +1,31 @@
-module github.com/ucan-wg/go-ucan
+module github.com/ucan-wg/go-ucan/v1

-go 1.22.0
+go 1.21

-toolchain go1.22.4
+toolchain go1.22.1

 require (
 	github.com/gobwas/glob v0.2.3
 	github.com/ipfs/go-cid v0.4.1
 	github.com/ipld/go-ipld-prime v0.21.0
-	github.com/libp2p/go-libp2p v0.36.2
-	github.com/multiformats/go-multibase v0.2.0
-	github.com/multiformats/go-multicodec v0.9.0
-	github.com/multiformats/go-multihash v0.2.3
-	github.com/multiformats/go-varint v0.0.7
-	github.com/selesy/go-options v0.0.0-20240912020512-ed2658318e52
+	github.com/multiformats/go-multibase v0.0.3
+	github.com/multiformats/go-varint v0.0.6
 	github.com/stretchr/testify v1.9.0
-	gotest.tools/v3 v3.5.1
 )

 require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 // indirect
-	github.com/fatih/structtag v1.2.0 // indirect
-	github.com/google/go-cmp v0.6.0 // indirect
-	github.com/klauspost/cpuid/v2 v2.2.8 // indirect
-	github.com/minio/sha256-simd v1.0.1 // indirect
+	github.com/klauspost/cpuid/v2 v2.0.9 // indirect
+	github.com/minio/sha256-simd v1.0.0 // indirect
 	github.com/mr-tron/base58 v1.2.0 // indirect
-	github.com/multiformats/go-base32 v0.1.0 // indirect
-	github.com/multiformats/go-base36 v0.2.0 // indirect
+	github.com/multiformats/go-base32 v0.0.3 // indirect
+	github.com/multiformats/go-base36 v0.1.0 // indirect
+	github.com/multiformats/go-multihash v0.2.3 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/polydawn/refmt v0.89.0 // indirect
 	github.com/spaolacci/murmur3 v1.1.0 // indirect
-	golang.org/x/crypto v0.25.0 // indirect
-	golang.org/x/mod v0.21.0 // indirect
-	golang.org/x/sync v0.8.0 // indirect
-	golang.org/x/sys v0.25.0 // indirect
-	golang.org/x/tools v0.25.0 // indirect
-	google.golang.org/protobuf v1.34.2 // indirect
+	golang.org/x/crypto v0.1.0 // indirect
+	golang.org/x/sys v0.1.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	lukechampine.com/blake3 v1.3.0 // indirect
+	lukechampine.com/blake3 v1.1.6 // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -2,19 +2,13 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03
 github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/decred/dcrd/crypto/blake256 v1.0.1 h1:7PltbUIQB7u/FfZ39+DGa/ShuMyJ5ilcvdfma9wOH6Y=
-github.com/decred/dcrd/crypto/blake256 v1.0.1/go.mod h1:2OfgNZ5wDpcsFmHmCK5gZTPcCXqlm2ArzUIkw9czNJo=
-github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 h1:rpfIENRNNilwHwZeG5+P150SMrnNEcHYvcCuK6dPZSg=
-github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0=
-github.com/fatih/structtag v1.2.0 h1:/OdNE99OxoI/PqaW/SuSK9uxxT3f/tcSZgon/ssNSx4=
-github.com/fatih/structtag v1.2.0/go.mod h1:mBJUNpUnHmRKrKlQQlmCrh5PuhftFbNv8Ys4/aAZl94=
 github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
 github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
 github.com/go-yaml/yaml v2.1.0+incompatible/go.mod h1:w2MrLa16VYP0jy6N7M5kHaCkaLENm+P+Tv+MfurjSw0=
 github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y=
 github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8=
-github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
-github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
+github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8=
 github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
 github.com/ipfs/go-cid v0.4.1 h1:A/T3qGvxi4kpKWWcPC/PgbvDA2bjVLO7n4UeVwnbs/s=
@@ -23,34 +17,30 @@ github.com/ipld/go-ipld-prime v0.21.0 h1:n4JmcpOlPDIxBcY037SVfpd1G+Sj1nKZah0m6QH
 github.com/ipld/go-ipld-prime v0.21.0/go.mod h1:3RLqy//ERg/y5oShXXdx5YIp50cFGOanyMctpPjsvxQ=
 github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=
 github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
-github.com/klauspost/cpuid/v2 v2.2.8 h1:+StwCXwm9PdpiEkPyzBXIy+M9KUb4ODm0Zarf1kS5BM=
-github.com/klauspost/cpuid/v2 v2.2.8/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws=
+github.com/klauspost/cpuid/v2 v2.0.4/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
+github.com/klauspost/cpuid/v2 v2.0.9 h1:lgaqFMSdTdQYdZ04uHyN2d/eKdOMyi2YLSvlQIBFYa4=
+github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
-github.com/libp2p/go-buffer-pool v0.1.0 h1:oK4mSFcQz7cTQIfqbe4MIj9gLW+mnanjyFtc6cdF0Y8=
-github.com/libp2p/go-buffer-pool v0.1.0/go.mod h1:N+vh8gMqimBzdKkSMVuydVDq+UV5QTWy5HSiZacSbPg=
-github.com/libp2p/go-libp2p v0.36.2 h1:BbqRkDaGC3/5xfaJakLV/BrpjlAuYqSB0lRvtzL3B/U=
-github.com/libp2p/go-libp2p v0.36.2/go.mod h1:XO3joasRE4Eup8yCTTP/+kX+g92mOgRaadk46LmPhHY=
-github.com/minio/sha256-simd v1.0.1 h1:6kaan5IFmwTNynnKKpDHe6FWHohJOHhCPchzK49dzMM=
-github.com/minio/sha256-simd v1.0.1/go.mod h1:Pz6AKMiUdngCLpeTL/RJY1M9rUuPMYujV5xJjtbRSN8=
+github.com/minio/sha256-simd v1.0.0 h1:v1ta+49hkWZyvaKwrQB8elexRqm6Y0aMLjCNsrYxo6g=
+github.com/minio/sha256-simd v1.0.0/go.mod h1:OuYzVNI5vcoYIAmbIvHPl3N3jUzVedXbKy5RFepssQM=
+github.com/mr-tron/base58 v1.1.0/go.mod h1:xcD2VGqlgYjBdcBLw+TuYLr8afG+Hj8g2eTVqeSzSU8=
 github.com/mr-tron/base58 v1.2.0 h1:T/HDJBh4ZCPbU39/+c3rRvE0uKBQlU27+QI8LJ4t64o=
 github.com/mr-tron/base58 v1.2.0/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc=
-github.com/multiformats/go-base32 v0.1.0 h1:pVx9xoSPqEIQG8o+UbAe7DNi51oej1NtK+aGkbLYxPE=
-github.com/multiformats/go-base32 v0.1.0/go.mod h1:Kj3tFY6zNr+ABYMqeUNeGvkIC/UYgtWibDcT0rExnbI=
-github.com/multiformats/go-base36 v0.2.0 h1:lFsAbNOGeKtuKozrtBsAkSVhv1p9D0/qedU9rQyccr0=
-github.com/multiformats/go-base36 v0.2.0/go.mod h1:qvnKE++v+2MWCfePClUEjE78Z7P2a1UV0xHgWc0hkp4=
-github.com/multiformats/go-multiaddr v0.13.0 h1:BCBzs61E3AGHcYYTv8dqRH43ZfyrqM8RXVPT8t13tLQ=
-github.com/multiformats/go-multiaddr v0.13.0/go.mod h1:sBXrNzucqkFJhvKOiwwLyqamGa/P5EIXNPLovyhQCII=
-github.com/multiformats/go-multibase v0.2.0 h1:isdYCVLvksgWlMW9OZRYJEa9pZETFivncJHmHnnd87g=
-github.com/multiformats/go-multibase v0.2.0/go.mod h1:bFBZX4lKCA/2lyOFSAoKH5SS6oPyjtnzK/XTFDPkNuk=
+github.com/multiformats/go-base32 v0.0.3 h1:tw5+NhuwaOjJCC5Pp82QuXbrmLzWg7uxlMFp8Nq/kkI=
+github.com/multiformats/go-base32 v0.0.3/go.mod h1:pLiuGC8y0QR3Ue4Zug5UzK9LjgbkL8NSQj0zQ5Nz/AA=
+github.com/multiformats/go-base36 v0.1.0 h1:JR6TyF7JjGd3m6FbLU2cOxhC0Li8z8dLNGQ89tUg4F4=
+github.com/multiformats/go-base36 v0.1.0/go.mod h1:kFGE83c6s80PklsHO9sRn2NCoffoRdUUOENyW/Vv6sM=
+github.com/multiformats/go-multibase v0.0.3 h1:l/B6bJDQjvQ5G52jw4QGSYeOTZoAwIO77RblWplfIqk=
+github.com/multiformats/go-multibase v0.0.3/go.mod h1:5+1R4eQrT3PkYZ24C3W2Ue2tPwIdYQD509ZjSb5y9Oc=
 github.com/multiformats/go-multicodec v0.9.0 h1:pb/dlPnzee/Sxv/j4PmkDRxCOi3hXTz3IbPKOXWJkmg=
 github.com/multiformats/go-multicodec v0.9.0/go.mod h1:L3QTQvMIaVBkXOXXtVmYE+LI16i14xuaojr/H7Ai54k=
 github.com/multiformats/go-multihash v0.2.3 h1:7Lyc8XfX/IY2jWb/gI7JP+o7JEq9hOa7BFvVU9RSh+U=
 github.com/multiformats/go-multihash v0.2.3/go.mod h1:dXgKXCXjBzdscBLk9JkjINiEsCKRVch90MdaGiKsvSM=
-github.com/multiformats/go-varint v0.0.7 h1:sWSGR+f/eu5ABZA2ZpYKBILXTTs9JWpdEM/nEGOHFS8=
-github.com/multiformats/go-varint v0.0.7/go.mod h1:r8PUYw/fD/SjBCiKOoDlGF6QawOELpZAu9eioSos/OU=
+github.com/multiformats/go-varint v0.0.6 h1:gk85QWKxh3TazbLxED/NlDVv8+q+ReFJk7Y2W/KhfNY=
+github.com/multiformats/go-varint v0.0.6/go.mod h1:3Ls8CIEsrijN6+B7PbrXRPxHRPuXSrVKRY101jdMZYE=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/polydawn/refmt v0.89.0 h1:ADJTApkvkeBZsN0tBTx8QjpD9JkmxbKp0cxfr9qszm4=
@@ -58,8 +48,6 @@ github.com/polydawn/refmt v0.89.0/go.mod h1:/zvteZs/GwLtCgZ4BL6CBsk9IKIlexP43ObX
 github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=
 github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
 github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
-github.com/selesy/go-options v0.0.0-20240912020512-ed2658318e52 h1:poNWlojS+o3229ZuatLMzK9wFiLuLxo7O170Edggs0o=
-github.com/selesy/go-options v0.0.0-20240912020512-ed2658318e52/go.mod h1:Cn8TrnJWCWd3dAmejFTpLN8tNVNKNoVVlZzL8ux5EWQ=
 github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
 github.com/smartystreets/assertions v1.2.0 h1:42S6lae5dvLc7BrLu/0ugRtcFVjoJNMC/N3yZFZkDFs=
 github.com/smartystreets/assertions v1.2.0/go.mod h1:tcbTF8ujkAEcZ8TElKY+i30BzYlVhC/LOxJk7iOWnoo=
@@ -73,25 +61,14 @@ github.com/urfave/cli v1.22.10/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60Nt
 github.com/warpfork/go-wish v0.0.0-20220906213052-39a1cc7a02d0 h1:GDDkbFiaK8jsSDJfjId/PEGEShv6ugrt4kYsC5UIDaQ=
 github.com/warpfork/go-wish v0.0.0-20220906213052-39a1cc7a02d0/go.mod h1:x6AKhvSSexNrVSrViXSHUEbICjmGXhtgABaHIySUSGw=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30=
-golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M=
-golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8=
-golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY=
-golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0=
-golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
+golang.org/x/crypto v0.1.0 h1:MDRAIl0xIo9Io2xV565hzXHw3zVseKrJKodhohM5CjU=
+golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
-golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34=
-golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.1.0 h1:kunALQeHf1/185U1i0GOB/fy1IPRDDpuoOOqRReG57U=
+golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
-golang.org/x/tools v0.25.0 h1:oFU9pkj/iJgs+0DT+VMHrx+oBKs/LJMV+Uvg78sl+fE=
-golang.org/x/tools v0.25.0/go.mod h1:/vtpO8WL1N9cQC3FN5zPqb//fRXskFHbLKk4OW1Q7rg=
-google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
-google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
@@ -99,7 +76,5 @@ gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gotest.tools/v3 v3.5.1 h1:EENdUnS3pdur5nybKYIh2Vfgc8IUNBjxDPSjtiJcOzU=
-gotest.tools/v3 v3.5.1/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU=
-lukechampine.com/blake3 v1.3.0 h1:sJ3XhFINmHSrYCgl958hscfIa3bw8x4DqMP3u1YvoYE=
-lukechampine.com/blake3 v1.3.0/go.mod h1:0OFRp7fBtAylGVCO40o87sbupkyIGgbpv1+M1k1LM6k=
+lukechampine.com/blake3 v1.1.6 h1:H3cROdztr7RCfoaTpGZFQsrqvweFLrqS73j7L7cmR5c=
+lukechampine.com/blake3 v1.1.6/go.mod h1:tkKEOtDkNtklkXtLNEOGNq5tcV90tJiA1vAA12R78LA=
--- a/internal/cmd/token/main.go
+++ b/internal/cmd/token/main.go
@@ -1,54 +0,0 @@
-package main
-
-import (
-	"bytes"
-	"log/slog"
-	"os"
-
-	"github.com/ipld/go-ipld-prime"
-	"github.com/ipld/go-ipld-prime/node/bindnode"
-)
-
-const header = `// Code generated by internal/cmd/token - DO NOT EDIT.
-
-package token
-
-import "github.com/ipld/go-ipld-prime/datamodel"
-
-`
-
-func main() {
-	slog.Info("Generating Go types for token.ipldsch")
-
-	if err := Run(); err != nil {
-		slog.Error(err.Error())
-		slog.Error("Finished but failed to generate and write token_gen.go")
-
-		os.Exit(1)
-	}
-
-	slog.Info("Finished generating and writing token_gen.go")
-	os.Exit(0)
-}
-
-func Run() error {
-	schema, err := os.ReadFile("token.ipldsch")
-	if err != nil {
-		return err
-	}
-
-	slog.Debug(string(schema))
-
-	typeSystem, err := ipld.LoadSchemaBytes(schema)
-	if err != nil {
-		return err
-	}
-
-	buf := bytes.NewBufferString(header)
-
-	if err := bindnode.ProduceGoTypes(buf, typeSystem); err != nil {
-		return err
-	}
-
-	return os.WriteFile("token_gen.go", buf.Bytes(), 0o600)
-}
--- a/internal/envelope/envelope.go
+++ b/internal/envelope/envelope.go
@@ -1,309 +0,0 @@
-package envelope
-
-import (
-	"bytes"
-	"errors"
-	"fmt"
-	"strings"
-
-	"github.com/ipld/go-ipld-prime/codec/dagcbor"
-	"github.com/ipld/go-ipld-prime/datamodel"
-	"github.com/ipld/go-ipld-prime/fluent/qp"
-	"github.com/ipld/go-ipld-prime/node/basicnode"
-	"github.com/ipld/go-ipld-prime/node/bindnode"
-	crypto "github.com/libp2p/go-libp2p/core/crypto"
-	"github.com/libp2p/go-libp2p/core/crypto/pb"
-	"github.com/ucan-wg/go-ucan/did"
-	"github.com/ucan-wg/go-ucan/internal/token"
-	"github.com/ucan-wg/go-ucan/internal/varsig"
-)
-
-// [Envelope] is a signed enclosure for a UCAN v1 Token.
-//
-// While the types and functions in this package are not exported,
-// the names used for types, fields, variables, etc generally use the
-// names from the specification
-//
-// [Envelope]: https://github.com/ucan-wg/spec#envelope
-type Envelope struct {
-	signature  []byte
-	sigPayload *sigPayload
-}
-
-// New creates an Envelope containing a VarsigHeader and Signature for
-// the data resulting from wrapping the provided Token in an IPLD
-// datamodel.Node and encoding it using DAG-CBOR.
-func New(privKey crypto.PrivKey, token *token.Token, tag string) (*Envelope, error) {
-	sigPayload, err := newSigPayload(privKey.Type(), token, tag)
-	if err != nil {
-		return nil, err
-	}
-
-	cbor, err := sigPayload.cbor()
-	if err != nil {
-		return nil, err
-	}
-
-	signature, err := privKey.Sign(cbor)
-	if err != nil {
-		return nil, err
-	}
-
-	return &Envelope{
-		signature:  signature,
-		sigPayload: sigPayload,
-	}, nil
-}
-
-// Wrap is syntactic sugar for creating an Envelope and wrapping it as an
-// IPLD datamodel.Node in a single operation.
-//
-// Since the Envelope itself isn't returned, use this method only when
-// the IPLD datamodel.Node is used directly.  If the Envelope is also
-// required, use New followed by Envelope.Wrap to avoid the need to
-// unwrap the newly created datamodel.Node.
-func Wrap(privKey crypto.PrivKey, token *token.Token, tag string) (datamodel.Node, error) {
-	env, err := New(privKey, token, tag)
-	if err != nil {
-		return nil, err
-	}
-
-	return env.Wrap()
-}
-
-// Unwrap attempts to crate an Envelope from a datamodel.Node
-//
-// There are lots of ways that this can fail and therefore there are
-// an almost excessive number of check included here and while
-// attempting to extract the token.Token from one of the inner IPLD
-// nodes.
-func Unwrap(node datamodel.Node) (*Envelope, error) {
-	signatureNode, err := node.LookupByIndex(0)
-	if err != nil {
-		return nil, err
-	}
-
-	signature, err := signatureNode.AsBytes()
-	if err != nil {
-		return nil, err
-	}
-
-	sigPayloadNode, err := node.LookupByIndex(1)
-	if err != nil {
-		return nil, err
-	}
-
-	sigPayload, err := unwrapSigPayload(sigPayloadNode)
-	if err != nil {
-		return nil, err
-	}
-
-	envel := &Envelope{
-		signature:  signature,
-		sigPayload: sigPayload,
-	}
-
-	if ok, err := envel.Verify(); !ok || err != nil {
-		return nil, fmt.Errorf("envelope was not signed by issuer")
-	}
-
-	return envel, nil
-}
-
-// Signature returns the cryptographic signature of the Envelope's
-// SigPayload.
-func (e *Envelope) Signature() []byte {
-	return e.signature
-}
-
-// Tag returns the key that's used to reference the TokenPayload within
-// this Envelope.
-func (e *Envelope) Tag() string {
-	return e.sigPayload.tag
-}
-
-// TokenPayload returns the *token.Token enclosed within this Envelope.
-func (e *Envelope) TokenPayload() *token.Token {
-	return e.sigPayload.tokenPayload
-}
-
-// VarsigHeader is an accessor that returns the [VarsigHeader] from the
-// underlying [SigPayload] from the [Envelope].
-//
-// [Envelope]: https://github.com/ucan-wg/spec#envelope
-// [SigPayload]: https://github.com/ucan-wg/spec#envelope
-// [VarsigHeader]: https://github.com/ucan-wg/spec#envelope
-func (e *Envelope) VarsigHeader() []byte {
-	return e.sigPayload.varsigHeader
-}
-
-// Verify checks that the [Envelope]'s signature is correct for the
-// data created by encoding the SigPayload as DAG-CBOR and the public
-// key passed as the only argument.
-//
-// Note that for Delegation and Invocation tokens, the public key
-// is retrieved from the DID's method specific identifier for the
-// Issuer field.
-//
-// [Envelope]: https://github.com/ucan-wg/spec#envelope
-func (e *Envelope) Verify() (bool, error) {
-	pubKey, err := did.ToPubKey(e.sigPayload.tokenPayload.Issuer)
-	if err != nil {
-		return false, err
-	}
-
-	cbor, err := e.sigPayload.cbor()
-	if err != nil {
-		return false, err
-	}
-
-	return pubKey.Verify(cbor, e.signature)
-}
-
-// Wrap encodes the Envelope as an IPLD datamodel.Node.
-func (e *Envelope) Wrap() (datamodel.Node, error) {
-	spn, err := e.sigPayload.wrap()
-	if err != nil {
-		return nil, err
-	}
-
-	return qp.BuildList(basicnode.Prototype.Any, 2, func(la datamodel.ListAssembler) {
-		qp.ListEntry(la, qp.Bytes(e.signature))
-		qp.ListEntry(la, qp.Node(spn))
-	})
-}
-
-//
-// The types below are strictly to make it easier to Wrap and Unwrap the
-// Envelope with an IPLD datamodel.Node.  The Envelope itself provides
-// accessors to the internals of these types.
-//
-
-type sigPayload struct {
-	varsigHeader []byte
-	tokenPayload *token.Token
-	tag          string
-}
-
-func newSigPayload(keyType pb.KeyType, token *token.Token, tag string) (*sigPayload, error) {
-	varsigHeader, err := varsig.Encode(keyType)
-	if err != nil {
-		return nil, err
-	}
-
-	return &sigPayload{
-		varsigHeader: varsigHeader,
-		tokenPayload: token,
-		tag:          tag,
-	}, nil
-}
-
-func unwrapSigPayload(node datamodel.Node) (*sigPayload, error) {
-	// Normally we could look up the VarsigHeader and TokenPayload using
-	// node.LookupByString() - this works for the "h" key used for the
-	// VarsigHeader but not for the TokenPayload's key (tag) as all we
-	// know is that it starts with "ucan/" and as explained below, must
-	// decode to a schema.TypedNode for the representation provided by the
-	// token.Prototype().
-	// vvv
-	mi := node.MapIterator()
-	if mi == nil {
-		return nil, fmt.Errorf("the SigPayload node is not a map: %s", node.Kind().String())
-	}
-
-	var (
-		hdrNode datamodel.Node
-		tknNode datamodel.Node
-		tag     string
-	)
-
-	keyCount := 0
-
-	for !mi.Done() {
-		k, v, err := mi.Next()
-		if err != nil {
-			return nil, err
-		}
-
-		kStr, err := k.AsString()
-		if err != nil {
-			return nil, fmt.Errorf("the SigPayload keys are not strings: %w", err)
-		}
-
-		keyCount++
-
-		if kStr == "h" {
-			hdrNode = v
-
-			continue
-		}
-
-		if strings.HasPrefix(kStr, "ucan/") {
-			tknNode = v
-			tag = kStr
-		}
-	}
-
-	if keyCount != 2 {
-		return nil, fmt.Errorf("the SigPayload map should have exactly two keys: %d", keyCount)
-	}
-	// ^^^
-
-	// Replaces the datamodel.Node in tokenPayloadNode with a
-	// schema.TypedNode so that we can cast it to a *token.Token after
-	// unwrapping it.
-	// vvv
-	nb := token.Prototype().Representation().NewBuilder()
-
-	err := nb.AssignNode(tknNode)
-	if err != nil {
-		return nil, err
-	}
-
-	tknNode = nb.Build()
-	// ^^^
-
-	tokenPayload := bindnode.Unwrap(tknNode)
-	if tokenPayload == nil {
-		return nil, errors.New("failed to Unwrap the TokenPayload")
-	}
-
-	tkn, ok := tokenPayload.(*token.Token)
-	if !ok {
-		return nil, errors.New("failed to assert the TokenPayload type as *token.Token")
-	}
-
-	hdr, err := hdrNode.AsBytes()
-	if err != nil {
-		return nil, err
-	}
-
-	return &sigPayload{
-		varsigHeader: hdr,
-		tokenPayload: tkn,
-		tag:          tag,
-	}, nil
-}
-
-func (sp *sigPayload) cbor() ([]byte, error) {
-	node, err := sp.wrap()
-	if err != nil {
-		return nil, err
-	}
-
-	buf := &bytes.Buffer{}
-	if err = dagcbor.Encode(node, buf); err != nil {
-		return nil, err
-	}
-
-	return buf.Bytes(), nil
-}
-
-func (sp *sigPayload) wrap() (datamodel.Node, error) {
-	tpn := bindnode.Wrap(sp.tokenPayload, token.Prototype().Type())
-
-	return qp.BuildMap(basicnode.Prototype.Any, 2, func(ma datamodel.MapAssembler) {
-		qp.MapEntry(ma, "h", qp.Bytes(sp.varsigHeader))
-		qp.MapEntry(ma, sp.tag, qp.Node(tpn.Representation()))
-	})
-}
--- a/internal/envelope/envelope_test.go
+++ b/internal/envelope/envelope_test.go
@@ -1,200 +0,0 @@
-package envelope_test
-
-import (
-	"encoding/base64"
-	"testing"
-
-	"github.com/ipld/go-ipld-prime"
-	"github.com/ipld/go-ipld-prime/codec/dagcbor"
-	"github.com/ipld/go-ipld-prime/codec/dagjson"
-	"github.com/ipld/go-ipld-prime/datamodel"
-	"github.com/ipld/go-ipld-prime/fluent/qp"
-	"github.com/ipld/go-ipld-prime/node/basicnode"
-	crypto "github.com/libp2p/go-libp2p/core/crypto"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-	"github.com/ucan-wg/go-ucan/did"
-	"github.com/ucan-wg/go-ucan/internal/envelope"
-	"github.com/ucan-wg/go-ucan/internal/token"
-	"gotest.tools/v3/golden"
-)
-
-const (
-	exampleDID             = "did:key:z6MkpuK2Amsu1RqcLGgmHHQHhvmeXCCBVsM4XFSg2cCyg4Nh"
-	examplePrivKeyCfg      = "CAESQP9v2uqECTuIi45dyg3znQvsryvf2IXmOF/6aws6aCehm0FVrj0zHR5RZSDxWNjcpcJqsGym3sjCungX9Zt5oA4="
-	exampleSignatureStr    = "PZV6A2aI7n+MlyADqcqmWhkuyNrgUCDz+qSLSnI9bpasOwOhKUTx95m5Nu5CO/INa1LqzHGioD9+PVf6qdtTBg"
-	exampleTag             = "ucan/example@v1.0.0-rc.1"
-	exampleVarsigHeaderStr = "NO0BcQ"
-
-	invalidSignatureStr = "PZV6A2aI7n+MlyADqcqmWhkuyNrgUCDz+qSLSnI9bpasOwOhKUTx95m5Nu5CO/INa1LqzHGioD9+PVf6qdtTBK"
-
-	exampleDAGCBORFilename = "example.dagcbor"
-	exampleDAGJSONFilename = "example.dagjson"
-)
-
-func TestNew(t *testing.T) {
-	t.Parallel()
-
-	envel := exampleEnvelope(t)
-	assert.NotZero(t, envel)
-
-	assert.Equal(t, exampleSignature(t), envel.Signature())
-	assert.Equal(t, exampleTag, envel.Tag())
-	assert.Equal(t, exampleVarsigHeader(t), envel.VarsigHeader())
-	assert.EqualValues(t, exampleGoldenTokenPayload(t), envel.TokenPayload())
-}
-
-func TestWrap(t *testing.T) {
-	t.Parallel()
-
-	node, err := envelope.Wrap(examplePrivKey(t), exampleToken(t), exampleTag)
-	require.NoError(t, err)
-
-	cbor, err := ipld.Encode(node, dagcbor.Encode)
-	require.NoError(t, err)
-
-	golden.AssertBytes(t, cbor, exampleDAGCBORFilename)
-
-	json, err := ipld.Encode(node, dagjson.Encode)
-	require.NoError(t, err)
-
-	golden.Assert(t, string(json), exampleDAGJSONFilename)
-}
-
-func TestEnvelope_Verify(t *testing.T) {
-	t.Parallel()
-
-	t.Run("valid signature by issuer", func(t *testing.T) {
-		t.Parallel()
-
-		envel := exampleEnvelope(t)
-		ok, err := envel.Verify()
-		require.NoError(t, err)
-		assert.True(t, ok)
-	})
-
-	t.Run("invalid signature by wrong issuer", func(t *testing.T) {
-		t.Parallel()
-
-		envel, err := envelope.Unwrap(invalidNodeFromGolden(t))
-		require.NoError(t, err)
-
-		ok, _ := envel.Verify()
-		assert.False(t, ok)
-	})
-}
-
-func TestEnvelope_Wrap(t *testing.T) {
-	t.Parallel()
-
-	envel := exampleEnvelope(t)
-
-	node, err := envel.Wrap()
-	require.NoError(t, err)
-
-	cbor, err := ipld.Encode(node, dagcbor.Encode)
-	require.NoError(t, err)
-
-	assert.Equal(t, golden.Get(t, exampleDAGCBORFilename), cbor)
-}
-
-func exampleGoldenEnvelope(t *testing.T) *envelope.Envelope {
-	t.Helper()
-
-	envel, err := envelope.Unwrap(exampleGoldenNode(t))
-	require.NoError(t, err)
-
-	return envel
-}
-
-func exampleGoldenNode(t *testing.T) datamodel.Node {
-	t.Helper()
-
-	cbor := golden.Get(t, exampleDAGCBORFilename)
-
-	node, err := ipld.Decode(cbor, dagcbor.Decode)
-	require.NoError(t, err)
-
-	return node
-}
-
-func exampleGoldenTokenPayload(t *testing.T) *token.Token {
-	t.Helper()
-
-	return exampleGoldenEnvelope(t).TokenPayload()
-}
-
-func examplePrivKey(t *testing.T) crypto.PrivKey {
-	t.Helper()
-
-	privKeyEnc, err := crypto.ConfigDecodeKey(examplePrivKeyCfg)
-	require.NoError(t, err)
-
-	privKey, err := crypto.UnmarshalPrivateKey(privKeyEnc)
-	require.NoError(t, err)
-
-	return privKey
-}
-
-func exampleEnvelope(t *testing.T) *envelope.Envelope {
-	t.Helper()
-
-	envel, err := envelope.New(examplePrivKey(t), exampleToken(t), exampleTag)
-	require.NoError(t, err)
-
-	return envel
-}
-
-func examplePubKey(t *testing.T) crypto.PubKey {
-	t.Helper()
-
-	return examplePrivKey(t).GetPublic()
-}
-
-func exampleSignature(t *testing.T) []byte {
-	t.Helper()
-
-	sig, err := base64.RawStdEncoding.DecodeString(exampleSignatureStr)
-	require.NoError(t, err)
-
-	return sig
-}
-
-func exampleToken(t *testing.T) *token.Token {
-	t.Helper()
-
-	id, err := did.FromPubKey(examplePubKey(t))
-	require.NoError(t, err)
-
-	return &token.Token{
-		Issuer: id.String(),
-	}
-}
-
-func exampleVarsigHeader(t *testing.T) []byte {
-	t.Helper()
-
-	hdr, err := base64.RawStdEncoding.DecodeString(exampleVarsigHeaderStr)
-	require.NoError(t, err)
-
-	return hdr
-}
-
-func invalidNodeFromGolden(t *testing.T) datamodel.Node {
-	t.Helper()
-
-	invalidSig, err := base64.RawStdEncoding.DecodeString(invalidSignatureStr)
-	require.NoError(t, err)
-
-	envelNode := exampleGoldenNode(t)
-	sigPayloadNode, err := envelNode.LookupByIndex(1)
-	require.NoError(t, err)
-
-	node, err := qp.BuildList(basicnode.Prototype.Any, 2, func(la datamodel.ListAssembler) {
-		qp.ListEntry(la, qp.Bytes(invalidSig))
-		qp.ListEntry(la, qp.Node(sigPayloadNode))
-	})
-	require.NoError(t, err)
-
-	return node
-}
--- a/internal/envelope/testdata/example.dagcbor
+++ b/internal/envelope/testdata/example.dagcbor
@@ -1 +0,0 @@
-‚X@=•zfˆîŒ— ©Ê¦Z.ÈÚàP óú¤‹Jr=n–¬;¡)Dñ÷™¹6îB;ò
--- a/internal/envelope/testdata/example.dagjson
+++ b/internal/envelope/testdata/example.dagjson
@@ -1,20 +0,0 @@
-[
-  {
-    "/": {
-      "bytes": "PZV6A2aI7n+MlyADqcqmWhkuyNrgUCDz+qSLSnI9bpasOwOhKUTx95m5Nu5CO/INa1LqzHGioD9+PVf6qdtTBg"
-    }
-  },
-  {
-    "h": {
-      "/": {
-        "bytes": "NO0BcQ"
-      }
-    },
-    "ucan/example@v1.0.0-rc.1": {
-      "cmd": "",
-      "exp": null,
-      "iss": "did:key:z6MkpuK2Amsu1RqcLGgmHHQHhvmeXCCBVsM4XFSg2cCyg4Nh",
-      "sub": null
-    }
-  }
-]
--- a/internal/token/conversion.go
+++ b/internal/token/conversion.go
@@ -1,24 +0,0 @@
-package token
-
-import (
-	"github.com/ipld/go-ipld-prime/datamodel"
-)
-
-func ToIPLDMapStringAny(m map[string]datamodel.Node) Map__String__Any {
-	keys := make([]string, len(m))
-	i := 0
-
-	for k := range m {
-		keys[i] = k
-		i++
-	}
-
-	return Map__String__Any{
-		Keys:   keys,
-		Values: m,
-	}
-}
-
-func FromIPLDMapStringAny(m Map__String__Any) map[string]datamodel.Node {
-	return m.Values
-}
--- a/internal/token/doc.go
+++ b/internal/token/doc.go
@@ -1,33 +0,0 @@
-// Package token provides a generic model of the [TokenPayload] required
-// within an Envelope.
-//
-// # Field requirements
-//
-// While the Token object represents the wire format of both a UCAN
-// Delegation token and a UCAN Invocation token, the delegation and
-// invocation packages are, respectively, responsible for making sure
-// required fields are included when creating a new Token or when
-// validating the contents of an Envelope as it's received from
-// another party.  The following table shows the current (as of
-// 2024-09-11) relationship between optional and nullable fields in
-// the delegation and invocation views and the payload model:
-//
-//	| Name  |     Delegation      |     Invocation      |  Token   |
-//	|       | Required | Nullable | Required | Nullable |          |
-//	| ----- | -------- | -------- | -------- | -------- | -------- |
-//	| iss   | Yes      | No       | Yes      | No       |          |
-//	| aud   | Yes      | No       | No       | N/A      | Optional |
-//	| sub   | Yes      | Yes      | Yes      | No       | Nullable |
-//	| cmd   | Yes      | No       | Yes      | No       |          |
-//	| pol   | Yes      | No       | X        | X        | Optional |
-//	| nonce | Yes      | No       | No       | N/A      | Optional |
-//	| meta  | No       | N/A      | No       | N/A      | Optional |
-//	| nbf   | No       | N/A      | X        | X        | Optional |
-//	| exp   | Yes      | Yes      | Yes      | Yes      |          |
-//	| args  | X        | X        | Yes      | No       | Optional |
-//	| prf   | X        | X        | Yes      | No       | Optional |
-//	| iat   | X        | X        | No       | N/A      | Optional |
-//	| cause | X        | X        | No       | N/A      | Optional |
-//
-// [TokenPayload]: https://github.com/ucan-wg/spec?tab=readme-ov-file#envelope
-package token
--- a/internal/token/errors.go
+++ b/internal/token/errors.go
@@ -1,11 +0,0 @@
-package token
-
-import "errors"
-
-var ErrFailedSchemaLoad = errors.New("failed to load IPLD Schema")
-
-var ErrNoSchemaType = errors.New("schema does not contain type")
-
-var ErrNodeNotToken = errors.New("IPLD node is not a Token")
-
-var ErrMissingRequiredDID = errors.New("a required DID is missing")
--- a/internal/token/schema.go
+++ b/internal/token/schema.go
@@ -1,46 +0,0 @@
-package token
-
-import (
-	_ "embed"
-	"fmt"
-	"sync"
-
-	"github.com/ipld/go-ipld-prime"
-	"github.com/ipld/go-ipld-prime/node/bindnode"
-	"github.com/ipld/go-ipld-prime/schema"
-)
-
-const tokenTypeName = "Token"
-
-//go:embed token.ipldsch
-var schemaBytes []byte
-
-var (
-	once sync.Once
-	ts   *schema.TypeSystem
-	err  error
-)
-
-func mustLoadSchema() *schema.TypeSystem {
-	once.Do(func() {
-		ts, err = ipld.LoadSchemaBytes(schemaBytes)
-	})
-	if err != nil {
-		panic(fmt.Errorf("%w: %w", ErrFailedSchemaLoad, err))
-	}
-
-	tknType := ts.TypeByName(tokenTypeName)
-	if tknType == nil {
-		panic(fmt.Errorf("%w: %s", ErrNoSchemaType, tokenTypeName))
-	}
-
-	return ts
-}
-
-func tokenType() schema.Type {
-	return mustLoadSchema().TypeByName(tokenTypeName)
-}
-
-func Prototype() schema.TypedPrototype {
-	return bindnode.Prototype((*Token)(nil), tokenType())
-}
--- a/internal/token/token.go
+++ b/internal/token/token.go
@@ -1,33 +0,0 @@
-package token
-
-import (
-	"github.com/ipld/go-ipld-prime/datamodel"
-	"github.com/ipld/go-ipld-prime/node/bindnode"
-)
-
-//go:generate go run ../cmd/token/...
-
-// Unwrap creates a Token from an arbitrary IPLD node or returns an
-// error if at least the required model fields are not present.
-//
-// It is the responsibility of the Delegation and Invocation views
-// to further validate the presence of the required fields and the
-// content as needed.
-func Unwrap(node datamodel.Node) (*Token, error) {
-	iface := bindnode.Unwrap(node)
-	if iface == nil {
-		return nil, ErrNodeNotToken
-	}
-
-	tkn, ok := iface.(*Token)
-	if !ok {
-		return nil, ErrNodeNotToken
-	}
-
-	return tkn, nil
-}
-
-// Wrap creates an IPLD node representing the Token.
-func (t *Token) Wrap() datamodel.Node {
-	return bindnode.Wrap(t, tokenType())
-}
--- a/internal/token/token.ipldsch
+++ b/internal/token/token.ipldsch
@@ -1,63 +0,0 @@
-
-type CID string
-
-type Command string
-
-type DID string
-
-# Field requirements:
-#
-# | Name  |     Delegation      |     Invocation      |  Token   |
-# |       | Required | Nullable | Required | Nullable |          |
-# | ----- | -------- | -------- | -------- | -------- | -------- |
-# | iss   | Yes      | No       | Yes      | No       |          |
-# | aud   | Yes      | No       | No       | N/A      | Optional |
-# | sub   | Yes      | Yes      | Yes      | No       | Nullable |
-# | cmd   | Yes      | No       | Yes      | No       |          |
-# | pol   | Yes      | No       | X        | X        | Optional |
-# | nonce | Yes      | No       | No       | N/A      | Optional |
-# | meta  | No       | N/A      | No       | N/A      | Optional |
-# | nbf   | No       | N/A      | X        | X        | Optional |
-# | exp   | Yes      | Yes      | Yes      | Yes      | Nullable |
-# | args  | X        | X        | Yes      | No       | Optional |
-# | prf   | X        | X        | Yes      | No       | Optional |
-# | iat   | X        | X        | No       | N/A      | Optional |
-# | cause | X        | X        | No       | N/A      | Optional |
-
-type Token struct {
-    # Issuer DID (sender)
-    issuer DID (rename "iss")
-    # Audience DID (receiver)
-    audience optional DID (rename "aud")
-    # Principal that the chain is about (the Subject)
-    subject nullable DID (rename "sub")
-
-    # The Command to eventually invoke
-    command Command (rename "cmd")
-
-    # The delegation policy
-    # It doesn't seem possible to represent it with a schema.
-    policy optional Any (rename "pol")
-
-    # The invocation's arguments
-    arguments optional {String: Any} (rename "args")
-
-    # Delegations that prove the chain of authority
-    Proofs optional [CID] (rename "prf")
-
-    # A unique, random nonce
-    nonce optional Bytes
-    
-    # Arbitrary Metadata
-    meta optional {String : Any}
-
-    # "Not before" UTC Unix Timestamp in seconds (valid from), 53-bits integer
-    notBefore optional Int (rename "nbf")
-    # The timestamp at which the delegation becomes invalid
-    expiration nullable Int (rename "exp")
-    # The timestamp at which the invocation was created
-    issuedAt optional Int
-
-    # An optional CID of the receipt that enqueued this invocation
-    cause optional CID
-}
--- a/internal/token/token_gen.go
+++ b/internal/token/token_gen.go
@@ -1,31 +0,0 @@
-// Code generated by internal/cmd/token - DO NOT EDIT.
-
-package token
-
-import "github.com/ipld/go-ipld-prime/datamodel"
-
-type Map struct {
-	Keys   []string
-	Values map[string]datamodel.Node
-}
-type List []datamodel.Node
-type Map__String__Any struct {
-	Keys   []string
-	Values map[string]datamodel.Node
-}
-type List__CID []string
-type Token struct {
-	Issuer     string
-	Audience   *string
-	Subject    *string
-	Command    string
-	Policy     *datamodel.Node
-	Arguments  *Map__String__Any
-	Proofs     *List__CID
-	Nonce      *[]uint8
-	Meta       *Map__String__Any
-	NotBefore  *int
-	Expiration *int
-	IssuedAt   *int
-	Cause      *string
-}
--- a/internal/token/token_test.go
+++ b/internal/token/token_test.go
@@ -1,55 +0,0 @@
-package token_test
-
-import (
-	"testing"
-
-	"github.com/ipld/go-ipld-prime"
-	"github.com/ipld/go-ipld-prime/codec/dagjson"
-	"github.com/stretchr/testify/require"
-	"github.com/ucan-wg/go-ucan/internal/token"
-)
-
-func TestEncode(t *testing.T) {
-	t.Parallel()
-
-	tkn := &token.Token{}
-
-	node := tkn.Wrap()
-
-	json, err := ipld.Encode(node, dagjson.Encode)
-	require.NoError(t, err)
-
-	t.Log(string(json))
-
-	t.Fail()
-}
-
-func TestPrototype(t *testing.T) {
-	t.Parallel()
-
-	tkn := &token.Token{
-		Issuer: "blah",
-	}
-	n1 := tkn.Wrap()
-	json, err := ipld.Encode(n1, dagjson.Encode)
-	require.NoError(t, err)
-
-	t.Log(string(json))
-
-	n2, err := ipld.Decode(json, dagjson.Decode)
-	require.NoError(t, err)
-
-	nb := token.Prototype().Representation().NewBuilder()
-	require.NoError(t, nb.AssignNode(n2))
-
-	n3 := nb.Build()
-
-	tkn2, err := token.Unwrap(n3)
-	require.NoError(t, err)
-
-	t.Log(tkn2)
-
-	require.Equal(t, tkn, tkn2)
-
-	t.Fail()
-}
--- a/internal/tools/tools.go
+++ b/internal/tools/tools.go
@@ -1,7 +0,0 @@
-//go:build tools
-
-package tools
-
-import (
-	_ "github.com/selesy/go-options"
-)
--- a/internal/varsig/varsig.go
+++ b/internal/varsig/varsig.go
@@ -1,134 +0,0 @@
-// Package varsig implements the portion of the [varsig specification]
-// that's needed for the UCAN [Envelope].
-//
-// While the [Envelope] specification has a field that's labelled
-// "VarsigHeader", this field is actually the prefix, header and segments
-// of the body excluding the signature itself (which is a different field
-// in the [Envelope]).
-//
-// Given that [go-ucan] supports a limited number of public key types,
-// and that the signature isn't part of the resulting field, the values
-// that are used are constants.  Note that for key types that are fully
-// specified in the [did:key], the [VarsigHeader] field isn't technically
-// needed and could theoretically conflict with the DID.
-//
-// Treating these values as constants has no impact when issuing or
-// delegating tokens.  When decoding tokens, simply matching the strings
-// will allow us to detect errors but won't provide as much detail (e.g.
-// we can't indicate that the signature was incorrectly generated from
-// a DAG-JSON encoding.)
-//
-// [varsig specification]: https://github.com/ChainAgnostic/varsig
-// [Envelope]:https://github.com/ucan-wg/spec#envelope
-// [go-ucan]: https://github.com/ucan-wg/go-ucan
-package varsig
-
-import (
-	"encoding/base64"
-	"encoding/binary"
-	"errors"
-	"fmt"
-
-	"github.com/libp2p/go-libp2p/core/crypto/pb"
-	"github.com/multiformats/go-multicodec"
-)
-
-const (
-	Prefix = 0x34
-)
-
-// ErrUnknownHeader is returned when it's not possible to decode the
-// provided string into a libp2p public key type.
-var ErrUnknownHeader = errors.New("could not decode unknown header")
-
-// ErrUnknownKeyType is returned when value provided is not a valid
-// libp2p public key type.
-var ErrUnknownKeyType = errors.New("could not encode unsupported key type")
-
-var (
-	decMap = headerToKeyType()
-	encMap = keyTypeToHeader()
-)
-
-// Decode returns either the pb.KeyType associated with the provided Header
-// or an error.
-//
-// Currently, only the four key types supported by the [go-libp2p/core/crypto]
-// library are supported.
-//
-// [go-libp2p/core/crypto]: github.com/libp2p/go-libp2p/core/crypto
-func Decode(header []byte) (pb.KeyType, error) {
-	keyType, ok := decMap[base64.RawStdEncoding.EncodeToString(header)]
-	if !ok {
-		return -1, fmt.Errorf("%w: %s", ErrUnknownHeader, header)
-	}
-
-	return keyType, nil
-}
-
-// Encode returns either the header associated with the provided pb.KeyType
-// or an error indicating the header was unknown.
-//
-// Currently, only the four key types supported by the [go-libp2p/core/crypto]
-// library are supported.
-//
-// [go-libp2p/core/crypto]: github.com/libp2p/go-libp2p/core/crypto
-func Encode(keyType pb.KeyType) ([]byte, error) {
-	header, ok := encMap[keyType]
-	if !ok {
-		return nil, fmt.Errorf("%w: %s", ErrUnknownKeyType, keyType.String())
-	}
-
-	return []byte(header), nil
-}
-
-func keyTypeToHeader() map[pb.KeyType][]byte {
-	const rsaSigLen = 0x100
-
-	return map[pb.KeyType][]byte{
-		pb.KeyType_RSA: header(
-			Prefix,
-			multicodec.RsaPub,
-			multicodec.Sha2_256,
-			rsaSigLen,
-			multicodec.DagCbor,
-		),
-		pb.KeyType_Ed25519: header(
-			Prefix,
-			multicodec.Ed25519Pub,
-			multicodec.DagCbor,
-		),
-		pb.KeyType_Secp256k1: header(
-			Prefix,
-			multicodec.Secp256k1Pub,
-			multicodec.Sha2_256,
-			multicodec.DagCbor,
-		),
-		pb.KeyType_ECDSA: header(
-			Prefix,
-			multicodec.Es256,
-			multicodec.Sha2_256,
-			multicodec.DagCbor,
-		),
-	}
-}
-
-func headerToKeyType() map[string]pb.KeyType {
-	out := make(map[string]pb.KeyType, len(encMap))
-
-	for keyType, header := range encMap {
-		out[base64.RawStdEncoding.EncodeToString(header)] = keyType
-	}
-
-	return out
-}
-
-func header(vals ...multicodec.Code) []byte {
-	var buf []byte
-
-	for _, val := range vals {
-		buf = binary.AppendUvarint(buf, uint64(val))
-	}
-
-	return buf
-}
--- a/internal/varsig/varsig_test.go
+++ b/internal/varsig/varsig_test.go
@@ -1,51 +0,0 @@
-package varsig_test
-
-import (
-	"encoding/base64"
-	"fmt"
-	"testing"
-
-	"github.com/libp2p/go-libp2p/core/crypto/pb"
-	"github.com/stretchr/testify/assert"
-
-	"github.com/ucan-wg/go-ucan/internal/varsig"
-)
-
-func TestDecode(t *testing.T) {
-	t.Parallel()
-
-	notAHeader := base64.RawStdEncoding.EncodeToString([]byte("not a header"))
-	keyType, err := varsig.Decode([]byte(notAHeader))
-	assert.Equal(t, pb.KeyType(-1), keyType)
-	assert.ErrorIs(t, err, varsig.ErrUnknownHeader)
-}
-
-func ExampleDecode() {
-	hdr, err := base64.RawStdEncoding.DecodeString("NIUkEoACcQ")
-	if err != nil {
-		fmt.Println(err.Error())
-
-		return
-	}
-
-	keyType, _ := varsig.Decode(hdr)
-	fmt.Println(keyType.String())
-	// Output:
-	// RSA
-}
-
-func TestEncode(t *testing.T) {
-	t.Parallel()
-
-	header, err := varsig.Encode(pb.KeyType(99))
-	assert.Nil(t, header)
-	assert.ErrorIs(t, err, varsig.ErrUnknownKeyType)
-}
-
-func ExampleEncode() {
-	header, _ := varsig.Encode(pb.KeyType_RSA)
-	fmt.Println(base64.RawStdEncoding.EncodeToString(header))
-
-	// Output:
-	// NIUkEoACcQ
-}
--- a/invocation/invocation.ipldsch
+++ b/invocation/invocation.ipldsch
@@ -0,0 +1,37 @@
+# The Invocation Payload attaches sender, receiver, and provenance to the Task.
+# type Payload struct {
+#   # The DID of the Invoker
+#   iss DID
+#   # The Subject being invoked
+#   sub DID
+#   # The DID of the intended Executor if different from the Subject
+#   aud optional DID
+#
+#   # The Command
+#   cmd Command
+#   # The Command's Arguments
+#   args {String : Any}
+#
+#   # A unique, random nonce
+#   nonce optional String
+#
+#   # Arbitrary Metadata
+#   meta optional {String : Any}
+#   # Delegations that prove the chain of authority
+#   prf [&Delegation]
+#   # The timestamp at which the Invocation becomes invalid
+#   exp optional Integer
+#   # An OPTIONAL timestamp at which the Invocation was created
+#   iat optional Integer
+#
+#   # An OPTIONAL CID of the Receipt that enqueued the Task
+#   cause optional &Receipt
+# }
+
+type DID string
+
+type Foo struct {
+    iss DID
+    exp optional Int
+    prf [String]
+}
				`@@ -1 +0,0 @@`
				[{"/":{"bytes":"P2lPLfdMuZuc4NPZ0mbozU+/bn5xoWlJsu+Fvaxi4ICYXVJb9/wiTTht3WJEFqjxXLxfTl4BMZF3J1CNvMPqBg"}},{"h":{"/":{"bytes":"NO0BcQ"}},"ucan/dlg@1.0.0-rc.1":{"aud":"did:key:z6Mkq5YmbJcTrPExNDi26imrTCpKhepjBFBSHqrBDN2ArPkv","cmd":"/foo/bar","exp":-62135596800,"iss":"did:key:z6Mkpzn2n3ZGT2VaqMGSQC3tzmzV4TS9S71iFsDXE1WnoNH2","meta":{"bar":"barr","foo":"fooo"},"nonce":{"/":{"bytes":"NnJvRGhHaTBraU5yaVFBejdKM2QrYk9lb0kvdGo4RU5pa21RTmJ0am5EMA"}},"pol":[["==",".status","draft"],["all",".reviewer",["like",".email","*@example.com"]],["any",".tags",["or",[["==",".","news"],["==",".","press"]]]]],"sub":"did:key:z6MktA1uBdCpq4uJBqE9jjMiLyxZBg9a6xgPPKJjMqss6Zc2"}}]
				`@@ -1 +0,0 @@`
				[{"/":{"bytes":"0sjiwG9BOgpezz6qw5UiD+rqOeqFLn4+Qds1PvbnsUBoc3RhF6IVxIeoOXDh1ufv3RHaI/zg4wjYpUwAMpTACw"}},{"h":{"/":{"bytes":"NO0BcQ"}},"ucan/dlg@1.0.0-rc.1":{"aud":"did:key:z6Mkq5YmbJcTrPExNDi26imrTCpKhepjBFBSHqrBDN2ArPkv","cmd":"/foo/bar","exp":-62135596800,"iss":"did:key:z6Mkpzn2n3ZGT2VaqMGSQC3tzmzV4TS9S71iFsDXE1WnoNH2","meta":{"bar":"barr","foo":"fooo"},"nonce":{"/":{"bytes":"NnJvRGhHaTBraU5yaVFBejdKM2QrYk9lb0kvdGo4RU5pa21RTmJ0am5EMA"}},"pol":[["==",".status","draft"],["all",".reviewer",["like",".email","*@example.com"]],["any",".tags",["or",[["==",".","news"],["==",".","press"]]]]],"sub":"did:key:z6Mkpzn2n3ZGT2VaqMGSQC3tzmzV4TS9S71iFsDXE1WnoNH2"}}]
				`@@ -1 +0,0 @@`
				`‚X@=•zfˆîŒ— ©Ê¦Z.ÈÚàP óú¤‹Jr=n–¬;¡)Dñ÷™¹6îB;ò`