fix length check per-kind bug

2024-09-16 14:04:01 +02:00
45 changed files with 294 additions and 2515 deletions
--- a/capability/command/command.go
+++ b/capability/command/command.go
@@ -20,10 +20,11 @@ type Command struct {
 	segments []string
 }

-// New creates a validated command from the provided list of segment strings.
-// An error is returned if an invalid Command would be formed
-func New(segments ...string) Command {
-	return Command{segments: segments}
+// New creates a validated command from the provided list of segment
+// strings.  An error is returned if an invalid Command would be
+// formed
+func New(segments ...string) *Command {
+	return &Command{segments: segments}
 }

 // Parse verifies that the provided string contains the required
@@ -31,26 +32,26 @@ func New(segments ...string) Command {
 // Command.
 //
 // [segment structure]: https://github.com/ucan-wg/spec#segment-structure
-func Parse(s string) (Command, error) {
+func Parse(s string) (*Command, error) {
 	if !strings.HasPrefix(s, "/") {
-		return Command{}, ErrRequiresLeadingSlash
+		return nil, ErrRequiresLeadingSlash
 	}

 	if len(s) > 1 && strings.HasSuffix(s, "/") {
-		return Command{}, ErrDisallowsTrailingSlash
+		return nil, ErrDisallowsTrailingSlash
 	}

 	if s != strings.ToLower(s) {
-		return Command{}, ErrRequiresLowercase
+		return nil, ErrRequiresLowercase
 	}

 	// The leading slash will result in the first element from strings.Split
 	// being an empty string which is removed as strings.Join will ignore it.
-	return Command{strings.Split(s, "/")[1:]}, nil
+	return &Command{strings.Split(s, "/")[1:]}, nil
 }

 // MustParse is the same as Parse, but panic() if the parsing fail.
-func MustParse(s string) Command {
+func MustParse(s string) *Command {
 	c, err := Parse(s)
 	if err != nil {
 		panic(err)
@@ -61,10 +62,11 @@ func MustParse(s string) Command {
 // [Top] is the most powerful capability.
 //
 // This function returns a Command that is a wildcard and therefore represents the
-// most powerful ability. As such, it should be handled with care and used sparingly.
+// most powerful abilily.  As such it should be handle with care and used
+// sparingly.
 //
 // [Top]: https://github.com/ucan-wg/spec#-aka-top
-func Top() Command {
+func Top() *Command {
 	return New()
 }

@@ -76,18 +78,18 @@ func IsValid(s string) bool {

 // Join appends segments to the end of this command using the required
 // segment separator.
-func (c Command) Join(segments ...string) Command {
-	return Command{append(c.segments, segments...)}
+func (c *Command) Join(segments ...string) *Command {
+	return &Command{append(c.segments, segments...)}
 }

 // Segments returns the ordered segments that comprise the Command as a
 // slice of strings.
-func (c Command) Segments() []string {
+func (c *Command) Segments() []string {
 	return c.segments
 }

 // String returns the composed representation the command.  This is also
 // the required wire representation (before IPLD encoding occurs.)
-func (c Command) String() string {
+func (c *Command) String() string {
 	return "/" + strings.Join(c.segments, "/")
 }
--- a/capability/command/command_errors.go
+++ b/capability/command/command_errors.go
--- a/capability/command/command_test.go
+++ b/capability/command/command_test.go
@@ -5,7 +5,7 @@ import (

 	"github.com/stretchr/testify/require"

-	"github.com/ucan-wg/go-ucan/pkg/command"
+	"github.com/ucan-wg/go-ucan/capability/command"
 )

 func TestTop(t *testing.T) {
@@ -74,7 +74,7 @@ func TestParseCommand(t *testing.T) {

 				cmd, err := command.Parse(testcase.inp)
 				require.ErrorIs(t, err, testcase.err)
-				require.Equal(t, command.Command{}, cmd)
+				require.Nil(t, cmd)
 			})
 		}
 	})
--- a/capability/policy/ipld.go
+++ b/capability/policy/ipld.go
@@ -9,7 +9,7 @@ import (
 	"github.com/ipld/go-ipld-prime/must"
 	"github.com/ipld/go-ipld-prime/node/basicnode"

-	"github.com/ucan-wg/go-ucan/pkg/policy/selector"
+	"github.com/ucan-wg/go-ucan/capability/policy/selector"
 )

 func FromIPLD(node datamodel.Node) (Policy, error) {
@@ -232,7 +232,7 @@ func statementToIPLD(statement Statement) (datamodel.Node, error) {
 		if err != nil {
 			return nil, err
 		}
-		err = listBuilder.AssembleValue().AssignString(string(statement.pattern))
+		err = listBuilder.AssembleValue().AssignString(statement.pattern)
 		if err != nil {
 			return nil, err
 		}
--- a/capability/policy/ipld_errors.go
+++ b/capability/policy/ipld_errors.go
--- a/capability/policy/ipld_test.go
+++ b/capability/policy/ipld_test.go
--- a/capability/policy/literal/literal.go
+++ b/capability/policy/literal/literal.go
--- a/capability/policy/match.go
+++ b/capability/policy/match.go
@@ -8,35 +8,17 @@ import (
 	"github.com/ipld/go-ipld-prime/datamodel"
 	"github.com/ipld/go-ipld-prime/must"

-	"github.com/ucan-wg/go-ucan/pkg/policy/selector"
+	"github.com/ucan-wg/go-ucan/capability/policy/selector"
 )

-func (p Policy) Filter(sel selector.Selector) Policy {
-	return p.FilterWithMatcher(sel, selector.SegmentEquals)
-}
-
-// FilterWithMatcher extracts a subset of the policy related to the specified selector,
-// by matching each segment using the given selector.SegmentMatcher.
-func (p Policy) FilterWithMatcher(sel selector.Selector, matcher selector.SegmentMatcher) Policy {
-	var filtered Policy
-	for _, stmt := range p {
-		if stmt.Selector().Matches(sel, matcher) {
-			filtered = append(filtered, stmt)
-		}
-	}
-
-	return filtered
-}
-
 // Match determines if the IPLD node matches the policy document.
-func (p Policy) Match(node datamodel.Node) bool {
-	for _, stmt := range p {
+func Match(policy Policy, node ipld.Node) bool {
+	for _, stmt := range policy {
 		ok := matchStatement(stmt, node)
 		if !ok {
 			return false
 		}
 	}
-
 	return true
 }

@@ -130,7 +112,7 @@ func matchStatement(statement Statement, node ipld.Node) bool {
 			if err != nil {
 				return false
 			}
-			return s.pattern.Match(v)
+			return s.glob.Match(v)
 		}
 	case KindAll:
 		if s, ok := statement.(quantifier); ok {
--- a/capability/policy/match_test.go
+++ b/capability/policy/match_test.go
@@ -1,9 +1,7 @@
 package policy

 import (
-	"encoding/json"
 	"fmt"
-	"reflect"
 	"testing"

 	"github.com/ipfs/go-cid"
@@ -11,11 +9,10 @@ import (
 	"github.com/ipld/go-ipld-prime/codec/dagjson"
 	cidlink "github.com/ipld/go-ipld-prime/linking/cid"
 	"github.com/ipld/go-ipld-prime/node/basicnode"
-	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"

-	"github.com/ucan-wg/go-ucan/pkg/policy/literal"
-	"github.com/ucan-wg/go-ucan/pkg/policy/selector"
+	"github.com/ucan-wg/go-ucan/capability/policy/literal"
+	"github.com/ucan-wg/go-ucan/capability/policy/selector"
 )

 func TestMatch(t *testing.T) {
@@ -27,15 +24,15 @@ func TestMatch(t *testing.T) {
 			nd := nb.Build()

 			pol := Policy{Equal(selector.MustParse("."), literal.String("test"))}
-			ok := pol.Match(nd)
+			ok := Match(pol, nd)
 			require.True(t, ok)

 			pol = Policy{Equal(selector.MustParse("."), literal.String("test2"))}
-			ok = pol.Match(nd)
+			ok = Match(pol, nd)
 			require.False(t, ok)

 			pol = Policy{Equal(selector.MustParse("."), literal.Int(138))}
-			ok = pol.Match(nd)
+			ok = Match(pol, nd)
 			require.False(t, ok)
 		})

@@ -46,15 +43,15 @@ func TestMatch(t *testing.T) {
 			nd := nb.Build()

 			pol := Policy{Equal(selector.MustParse("."), literal.Int(138))}
-			ok := pol.Match(nd)
+			ok := Match(pol, nd)
 			require.True(t, ok)

 			pol = Policy{Equal(selector.MustParse("."), literal.Int(1138))}
-			ok = pol.Match(nd)
+			ok = Match(pol, nd)
 			require.False(t, ok)

 			pol = Policy{Equal(selector.MustParse("."), literal.String("138"))}
-			ok = pol.Match(nd)
+			ok = Match(pol, nd)
 			require.False(t, ok)
 		})

@@ -65,15 +62,15 @@ func TestMatch(t *testing.T) {
 			nd := nb.Build()

 			pol := Policy{Equal(selector.MustParse("."), literal.Float(1.138))}
-			ok := pol.Match(nd)
+			ok := Match(pol, nd)
 			require.True(t, ok)

 			pol = Policy{Equal(selector.MustParse("."), literal.Float(11.38))}
-			ok = pol.Match(nd)
+			ok = Match(pol, nd)
 			require.False(t, ok)

 			pol = Policy{Equal(selector.MustParse("."), literal.String("138"))}
-			ok = pol.Match(nd)
+			ok = Match(pol, nd)
 			require.False(t, ok)
 		})

@@ -87,15 +84,15 @@ func TestMatch(t *testing.T) {
 			nd := nb.Build()

 			pol := Policy{Equal(selector.MustParse("."), literal.Link(l0))}
-			ok := pol.Match(nd)
+			ok := Match(pol, nd)
 			require.True(t, ok)

 			pol = Policy{Equal(selector.MustParse("."), literal.Link(l1))}
-			ok = pol.Match(nd)
+			ok = Match(pol, nd)
 			require.False(t, ok)

 			pol = Policy{Equal(selector.MustParse("."), literal.String("bafybeif4owy5gno5lwnixqm52rwqfodklf76hsetxdhffuxnplvijskzqq"))}
-			ok = pol.Match(nd)
+			ok = Match(pol, nd)
 			require.False(t, ok)
 		})

@@ -109,19 +106,19 @@ func TestMatch(t *testing.T) {
 			nd := nb.Build()

 			pol := Policy{Equal(selector.MustParse(".foo"), literal.String("bar"))}
-			ok := pol.Match(nd)
+			ok := Match(pol, nd)
 			require.True(t, ok)

 			pol = Policy{Equal(selector.MustParse(".[\"foo\"]"), literal.String("bar"))}
-			ok = pol.Match(nd)
+			ok = Match(pol, nd)
 			require.True(t, ok)

 			pol = Policy{Equal(selector.MustParse(".foo"), literal.String("baz"))}
-			ok = pol.Match(nd)
+			ok = Match(pol, nd)
 			require.False(t, ok)

 			pol = Policy{Equal(selector.MustParse(".foobar"), literal.String("bar"))}
-			ok = pol.Match(nd)
+			ok = Match(pol, nd)
 			require.False(t, ok)
 		})

@@ -134,11 +131,11 @@ func TestMatch(t *testing.T) {
 			nd := nb.Build()

 			pol := Policy{Equal(selector.MustParse(".[0]"), literal.String("foo"))}
-			ok := pol.Match(nd)
+			ok := Match(pol, nd)
 			require.True(t, ok)

 			pol = Policy{Equal(selector.MustParse(".[1]"), literal.String("foo"))}
-			ok = pol.Match(nd)
+			ok = Match(pol, nd)
 			require.False(t, ok)
 		})
 	})
@@ -151,7 +148,7 @@ func TestMatch(t *testing.T) {
 			nd := nb.Build()

 			pol := Policy{GreaterThan(selector.MustParse("."), literal.Int(1))}
-			ok := pol.Match(nd)
+			ok := Match(pol, nd)
 			require.True(t, ok)
 		})

@@ -162,11 +159,11 @@ func TestMatch(t *testing.T) {
 			nd := nb.Build()

 			pol := Policy{GreaterThanOrEqual(selector.MustParse("."), literal.Int(1))}
-			ok := pol.Match(nd)
+			ok := Match(pol, nd)
 			require.True(t, ok)

 			pol = Policy{GreaterThanOrEqual(selector.MustParse("."), literal.Int(138))}
-			ok = pol.Match(nd)
+			ok = Match(pol, nd)
 			require.True(t, ok)
 		})

@@ -177,7 +174,7 @@ func TestMatch(t *testing.T) {
 			nd := nb.Build()

 			pol := Policy{GreaterThan(selector.MustParse("."), literal.Float(1))}
-			ok := pol.Match(nd)
+			ok := Match(pol, nd)
 			require.True(t, ok)
 		})

@@ -188,11 +185,11 @@ func TestMatch(t *testing.T) {
 			nd := nb.Build()

 			pol := Policy{GreaterThanOrEqual(selector.MustParse("."), literal.Float(1))}
-			ok := pol.Match(nd)
+			ok := Match(pol, nd)
 			require.True(t, ok)

 			pol = Policy{GreaterThanOrEqual(selector.MustParse("."), literal.Float(1.38))}
-			ok = pol.Match(nd)
+			ok = Match(pol, nd)
 			require.True(t, ok)
 		})

@@ -203,7 +200,7 @@ func TestMatch(t *testing.T) {
 			nd := nb.Build()

 			pol := Policy{LessThan(selector.MustParse("."), literal.Int(1138))}
-			ok := pol.Match(nd)
+			ok := Match(pol, nd)
 			require.True(t, ok)
 		})

@@ -214,11 +211,11 @@ func TestMatch(t *testing.T) {
 			nd := nb.Build()

 			pol := Policy{LessThanOrEqual(selector.MustParse("."), literal.Int(1138))}
-			ok := pol.Match(nd)
+			ok := Match(pol, nd)
 			require.True(t, ok)

 			pol = Policy{LessThanOrEqual(selector.MustParse("."), literal.Int(138))}
-			ok = pol.Match(nd)
+			ok = Match(pol, nd)
 			require.True(t, ok)
 		})
 	})
@@ -230,11 +227,11 @@ func TestMatch(t *testing.T) {
 		nd := nb.Build()

 		pol := Policy{Not(Equal(selector.MustParse("."), literal.Bool(true)))}
-		ok := pol.Match(nd)
+		ok := Match(pol, nd)
 		require.True(t, ok)

 		pol = Policy{Not(Equal(selector.MustParse("."), literal.Bool(false)))}
-		ok = pol.Match(nd)
+		ok = Match(pol, nd)
 		require.False(t, ok)
 	})

@@ -250,7 +247,7 @@ func TestMatch(t *testing.T) {
 				LessThan(selector.MustParse("."), literal.Int(1138)),
 			),
 		}
-		ok := pol.Match(nd)
+		ok := Match(pol, nd)
 		require.True(t, ok)

 		pol = Policy{
@@ -259,11 +256,11 @@ func TestMatch(t *testing.T) {
 				Equal(selector.MustParse("."), literal.Int(1138)),
 			),
 		}
-		ok = pol.Match(nd)
+		ok = Match(pol, nd)
 		require.False(t, ok)

 		pol = Policy{And()}
-		ok = pol.Match(nd)
+		ok = Match(pol, nd)
 		require.True(t, ok)
 	})

@@ -279,7 +276,7 @@ func TestMatch(t *testing.T) {
 				LessThan(selector.MustParse("."), literal.Int(1138)),
 			),
 		}
-		ok := pol.Match(nd)
+		ok := Match(pol, nd)
 		require.True(t, ok)

 		pol = Policy{
@@ -288,11 +285,11 @@ func TestMatch(t *testing.T) {
 				Equal(selector.MustParse("."), literal.Int(1138)),
 			),
 		}
-		ok = pol.Match(nd)
+		ok = Match(pol, nd)
 		require.False(t, ok)

 		pol = Policy{Or()}
-		ok = pol.Match(nd)
+		ok = Match(pol, nd)
 		require.True(t, ok)
 	})

@@ -316,7 +313,7 @@ func TestMatch(t *testing.T) {
 					require.NoError(t, err)

 					pol := Policy{statement}
-					ok := pol.Match(nd)
+					ok := Match(pol, nd)
 					require.True(t, ok)
 				})
 			}(s)
@@ -340,7 +337,7 @@ func TestMatch(t *testing.T) {
 					require.NoError(t, err)

 					pol := Policy{statement}
-					ok := pol.Match(nd)
+					ok := Match(pol, nd)
 					require.False(t, ok)
 				})
 			}(s)
@@ -376,7 +373,7 @@ func TestMatch(t *testing.T) {
 					GreaterThan(selector.MustParse(".value"), literal.Int(2)),
 				),
 			}
-			ok := pol.Match(nd)
+			ok := Match(pol, nd)
 			require.True(t, ok)

 			pol = Policy{
@@ -385,7 +382,7 @@ func TestMatch(t *testing.T) {
 					GreaterThan(selector.MustParse(".value"), literal.Int(20)),
 				),
 			}
-			ok = pol.Match(nd)
+			ok = Match(pol, nd)
 			require.False(t, ok)
 		})

@@ -407,7 +404,7 @@ func TestMatch(t *testing.T) {
 					GreaterThan(selector.MustParse(".value"), literal.Int(60)),
 				),
 			}
-			ok := pol.Match(nd)
+			ok := Match(pol, nd)
 			require.True(t, ok)

 			pol = Policy{
@@ -416,7 +413,7 @@ func TestMatch(t *testing.T) {
 					GreaterThan(selector.MustParse(".value"), literal.Int(100)),
 				),
 			}
-			ok = pol.Match(nd)
+			ok = Match(pol, nd)
 			require.False(t, ok)
 		})
 	})
@@ -435,7 +432,7 @@ func TestPolicyExamples(t *testing.T) {

 		pol, err := FromDagJson(policy)
 		require.NoError(t, err)
-		return pol.Match(data)
+		return Match(pol, data)
 	}

 	t.Run("And", func(t *testing.T) {
@@ -493,150 +490,3 @@ func TestPolicyExamples(t *testing.T) {
 		require.True(t, evaluate(`["any", ".a", ["==", ".b", 2]]`, data))
 	})
 }
-
-func FuzzMatch(f *testing.F) {
-	// Policy + Data examples
-	f.Add([]byte(`[["==", ".status", "draft"]]`), []byte(`{"status": "draft"}`))
-	f.Add([]byte(`[["all", ".reviewer", ["like", ".email", "*@example.com"]]]`), []byte(`{"reviewer": [{"email": "alice@example.com"}, {"email": "bob@example.com"}]}`))
-	f.Add([]byte(`[["any", ".tags", ["or", [["==", ".", "news"], ["==", ".", "press"]]]]]`), []byte(`{"tags": ["news", "press"]}`))
-	f.Add([]byte(`[["==", ".name", "Alice"]]`), []byte(`{"name": "Alice"}`))
-	f.Add([]byte(`[[">", ".age", 30]]`), []byte(`{"age": 31}`))
-	f.Add([]byte(`[["<=", ".height", 180]]`), []byte(`{"height": 170}`))
-	f.Add([]byte(`[["not", ["==", ".status", "inactive"]]]`), []byte(`{"status": "active"}`))
-	f.Add([]byte(`[["and", [["==", ".role", "admin"], [">=", ".experience", 5]]]]`), []byte(`{"role": "admin", "experience": 6}`))
-	f.Add([]byte(`[["or", [["==", ".department", "HR"], ["==", ".department", "Finance"]]]]`), []byte(`{"department": "HR"}`))
-	f.Add([]byte(`[["like", ".email", "*@company.com"]]`), []byte(`{"email": "user@company.com"}`))
-	f.Add([]byte(`[["all", ".projects", [">", ".budget", 10000]]]`), []byte(`{"projects": [{"budget": 15000}, {"budget": 8000}]}`))
-	f.Add([]byte(`[["any", ".skills", ["==", ".", "Go"]]]`), []byte(`{"skills": ["Go", "Python", "JavaScript"]}`))
-	f.Add(
-		[]byte(`[["and", [
-			["==", ".name", "Bob"],
-			["or", [[">", ".age", 25],["==", ".status", "active"]]],
-			["all", ".tasks", ["==", ".completed", true]]
-		]]]`),
-		[]byte(`{
-			"name": "Bob",
-			"age": 26,
-			"status": "active",
-			"tasks": [{"completed": true}, {"completed": true}, {"completed": false}]
-		}`),
-	)
-
-	f.Fuzz(func(t *testing.T, policyBytes []byte, dataBytes []byte) {
-		policyNode, err := ipld.Decode(policyBytes, dagjson.Decode)
-		if err != nil {
-			t.Skip()
-		}
-
-		dataNode, err := ipld.Decode(dataBytes, dagjson.Decode)
-		if err != nil {
-			t.Skip()
-		}
-
-		// policy node -> policy object
-		policy, err := FromIPLD(policyNode)
-		if err != nil {
-			t.Skip()
-		}
-
-		policy.Match(dataNode)
-	})
-}
-
-func TestPolicyFilter(t *testing.T) {
-	sel1 := selector.Selector{selector.NewFieldSegment("http")}
-	sel2 := selector.Selector{selector.NewFieldSegment("jsonrpc")}
-
-	stmt1 := Equal(sel1, basicnode.NewString("value1"))
-	stmt2 := Equal(sel2, basicnode.NewString("value2"))
-
-	p := Policy{stmt1, stmt2}
-
-	filtered := p.Filter(sel1)
-	assert.Len(t, filtered, 1)
-	assert.Equal(t, stmt1, filtered[0])
-
-	filtered = p.Filter(sel2)
-	assert.Len(t, filtered, 1)
-	assert.Equal(t, stmt2, filtered[0])
-
-	sel3 := selector.Selector{selector.NewFieldSegment("nonexistent")}
-	filtered = p.Filter(sel3)
-	assert.Len(t, filtered, 0)
-
-	stmt1 = Equal(
-		selector.Selector{selector.NewFieldSegment(".http.host")},
-		basicnode.NewString("mainnet.infura.io"),
-	)
-	stmt2, err := Like(
-		selector.Selector{selector.NewFieldSegment(".jsonrpc.method")},
-		"eth_*",
-	)
-	require.NoError(t, err)
-
-	p = Policy{stmt1, stmt2}
-	filtered = p.FilterWithMatcher(selector.Selector{selector.NewFieldSegment(".http")}, selector.SegmentStartsWith)
-	assert.Len(t, filtered, 1)
-	assert.Equal(t, stmt1, filtered[0])
-}
-
-func FuzzPolicyFilter(f *testing.F) {
-	f.Add([]byte(`{"selector": [{"field": "http"}], "value": "value1"}`))
-	f.Add([]byte(`{"selector": [{"field": "jsonrpc"}], "value": "value2"}`))
-
-	f.Fuzz(func(t *testing.T, data []byte) {
-		var input struct {
-			Selector []struct {
-				Field string `json:"field"` // because selector.segment is not public
-			} `json:"selector"`
-			Value string `json:"value"`
-		}
-		if err := json.Unmarshal(data, &input); err != nil {
-			t.Skip()
-		}
-
-		var sel selector.Selector
-		for _, seg := range input.Selector {
-			sel = append(sel, selector.NewFieldSegment(seg.Field))
-		}
-		stmt := Equal(sel, basicnode.NewString(input.Value))
-
-		// create a policy and filter it based on the fuzzy input selector
-		p := Policy{stmt}
-		filtered := p.Filter(sel)
-
-		// verify that the filtered policy contains the statement
-		if len(filtered) != 1 || !reflect.DeepEqual(filtered[0], stmt) {
-			t.Errorf("filtered policy does not contain the expected statement")
-		}
-	})
-}
-
-func BenchmarkPolicyFilter(b *testing.B) {
-	sel1 := selector.Selector{selector.NewFieldSegment("http")}
-	sel2 := selector.Selector{selector.NewFieldSegment("jsonrpc")}
-
-	stmt1 := Equal(sel1, basicnode.NewString("value1"))
-	stmt2 := Equal(sel2, basicnode.NewString("value2"))
-
-	p := Policy{stmt1, stmt2}
-
-	b.Run("Filter by sel1", func(b *testing.B) {
-		for i := 0; i < b.N; i++ {
-			p.Filter(sel1)
-		}
-	})
-
-	b.Run("Filter by sel2", func(b *testing.B) {
-		for i := 0; i < b.N; i++ {
-			p.Filter(sel2)
-		}
-	})
-
-	sel3 := selector.Selector{selector.NewFieldSegment("nonexistent")}
-	b.Run("Filter by sel3", func(b *testing.B) {
-		for i := 0; i < b.N; i++ {
-			p.Filter(sel3)
-		}
-	})
-}
--- a/capability/policy/policy.go
+++ b/capability/policy/policy.go
@@ -3,9 +3,10 @@ package policy
 // https://github.com/ucan-wg/delegation/blob/4094d5878b58f5d35055a3b93fccda0b8329ebae/README.md#policy

 import (
+	"github.com/gobwas/glob"
 	"github.com/ipld/go-ipld-prime"

-	"github.com/ucan-wg/go-ucan/pkg/policy/selector"
+	"github.com/ucan-wg/go-ucan/capability/policy/selector"
 )

 const (
@@ -26,7 +27,6 @@ type Policy []Statement

 type Statement interface {
 	Kind() string
-	Selector() selector.Selector
 }

 type equality struct {
@@ -39,10 +39,6 @@ func (e equality) Kind() string {
 	return e.kind
 }

-func (e equality) Selector() selector.Selector {
-	return e.selector
-}
-
 func Equal(selector selector.Selector, value ipld.Node) Statement {
 	return equality{kind: KindEqual, selector: selector, value: value}
 }
@@ -71,10 +67,6 @@ func (n negation) Kind() string {
 	return KindNot
 }

-func (n negation) Selector() selector.Selector {
-	return n.statement.Selector()
-}
-
 func Not(stmt Statement) Statement {
 	return negation{statement: stmt}
 }
@@ -88,15 +80,6 @@ func (c connective) Kind() string {
 	return c.kind
 }

-func (c connective) Selector() selector.Selector {
-	// assuming the first statement's selector is representative
-	if len(c.statements) > 0 {
-		return c.statements[0].Selector()
-	}
-
-	return selector.Selector{}
-}
-
 func And(stmts ...Statement) Statement {
 	return connective{kind: KindAnd, statements: stmts}
 }
@@ -107,24 +90,20 @@ func Or(stmts ...Statement) Statement {

 type wildcard struct {
 	selector selector.Selector
-	pattern  glob
+	pattern  string
+	glob     glob.Glob // not serialized
 }

 func (n wildcard) Kind() string {
 	return KindLike
 }

-func (n wildcard) Selector() selector.Selector {
-	return n.selector
-}
-
 func Like(selector selector.Selector, pattern string) (Statement, error) {
-	g, err := parseGlob(pattern)
+	g, err := glob.Compile(pattern)
 	if err != nil {
 		return nil, err
 	}
-
-	return wildcard{selector: selector, pattern: g}, nil
+	return wildcard{selector: selector, pattern: pattern, glob: g}, nil
 }

 type quantifier struct {
@@ -137,10 +116,6 @@ func (n quantifier) Kind() string {
 	return n.kind
 }

-func (n quantifier) Selector() selector.Selector {
-	return n.selector
-}
-
 func All(selector selector.Selector, statement Statement) Statement {
 	return quantifier{kind: KindAll, selector: selector, statement: statement}
 }
--- a/capability/policy/selector/parsing.go
+++ b/capability/policy/selector/parsing.go
--- a/capability/policy/selector/selector.go
+++ b/capability/policy/selector/selector.go
@@ -23,21 +23,6 @@ func (s Selector) String() string {
 	return res.String()
 }

-// Matches checks if the selector matches another selector.
-func (s Selector) Matches(other Selector, matcher SegmentMatcher) bool {
-	if len(s) != len(other) {
-		return false
-	}
-
-	for i, seg := range s {
-		if !matcher(seg, other[i]) {
-			return false
-		}
-	}
-
-	return true
-}
-
 var Identity = segment{".", true, false, false, nil, "", 0}

 var (
@@ -56,48 +41,6 @@ type segment struct {
 	index    int
 }

-// NewFieldSegment creates a new segment for a field.
-func NewFieldSegment(field string) segment {
-	return segment{
-		str:   fmt.Sprintf(".%s", field),
-		field: field,
-	}
-}
-
-// NewIndexSegment creates a new segment for an index.
-func NewIndexSegment(index int) segment {
-	return segment{
-		str:   fmt.Sprintf("[%d]", index),
-		index: index,
-	}
-}
-
-// NewSliceSegment creates a new segment for a slice.
-func NewSliceSegment(slice []int) segment {
-	return segment{
-		str:   fmt.Sprintf("[%d:%d]", slice[0], slice[1]),
-		slice: slice,
-	}
-}
-
-// NewIteratorSegment creates a new segment for an iterator.
-func NewIteratorSegment() segment {
-	return segment{
-		str:      "*",
-		iterator: true,
-	}
-}
-
-type SegmentMatcher func(s1, s2 segment) bool
-
-var SegmentEquals SegmentMatcher = func(s1, s2 segment) bool {
-	return s1.str == s2.str
-}
-
-var SegmentStartsWith SegmentMatcher = func(s1, s2 segment) bool {
-	return strings.HasPrefix(s1.str, s2.str)
-}
-
 // String returns the segment's string representation.
 func (s segment) String() string {
 	return s.str
--- a/capability/policy/selector/selector_test.go
+++ b/capability/policy/selector/selector_test.go
--- a/capability/policy/selector/supported_test.go
+++ b/capability/policy/selector/supported_test.go
@@ -12,7 +12,7 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"

-	"github.com/ucan-wg/go-ucan/pkg/policy/selector"
+	"github.com/ucan-wg/go-ucan/capability/policy/selector"
 )

 // TestSupported Forms runs tests against the Selector according to the
--- a/tokens/delegation/delegation.ipldsch
+++ b/tokens/delegation/delegation.ipldsch
--- a/delegation/encoding.go
+++ b/delegation/encoding.go
@@ -0,0 +1,33 @@
+package delegation
+
+import (
+	"github.com/ipld/go-ipld-prime"
+	"github.com/ipld/go-ipld-prime/codec/dagcbor"
+	"github.com/ipld/go-ipld-prime/codec/dagjson"
+)
+
+func (p *PayloadModel) EncodeDagCbor() ([]byte, error) {
+	return ipld.Marshal(dagcbor.Encode, p, PayloadType())
+}
+
+func (p *PayloadModel) EncodeDagJson() ([]byte, error) {
+	return ipld.Marshal(dagjson.Encode, p, PayloadType())
+}
+
+func DecodeDagCbor(data []byte) (*PayloadModel, error) {
+	var p PayloadModel
+	_, err := ipld.Unmarshal(data, dagcbor.Decode, &p, PayloadType())
+	if err != nil {
+		return nil, err
+	}
+	return &p, nil
+}
+
+func DecodeDagJson(data []byte) (*PayloadModel, error) {
+	var p PayloadModel
+	_, err := ipld.Unmarshal(data, dagjson.Decode, &p, PayloadType())
+	if err != nil {
+		return nil, err
+	}
+	return &p, nil
+}
--- a/tokens/delegation/schema.go
+++ b/tokens/delegation/schema.go
@@ -7,21 +7,9 @@ import (

 	"github.com/ipld/go-ipld-prime"
 	"github.com/ipld/go-ipld-prime/datamodel"
-	"github.com/ipld/go-ipld-prime/node/bindnode"
 	"github.com/ipld/go-ipld-prime/schema"
-
-	"github.com/ucan-wg/go-ucan/pkg/meta"
-	"github.com/ucan-wg/go-ucan/tokens/internal/envelope"
 )

-// [Tag] is the string used as a key within the SigPayload that identifies
-// that the TokenPayload is a delegation.
-//
-// [Tag]: https://github.com/ucan-wg/delegation/tree/v1_ipld#type-tag
-const Tag = "ucan/dlg@1.0.0-rc.1"
-
-// TODO: update the above Tag URL once the delegation specification is merged.
-
 //go:embed delegation.ipldsch
 var schemaBytes []byte

@@ -41,13 +29,11 @@ func mustLoadSchema() *schema.TypeSystem {
 	return ts
 }

-func payloadType() schema.Type {
+func PayloadType() schema.Type {
 	return mustLoadSchema().TypeByName("Payload")
 }

-var _ envelope.Tokener = (*tokenPayloadModel)(nil)
-
-type tokenPayloadModel struct {
+type PayloadModel struct {
 	// Issuer DID (sender)
 	Iss string
 	// Audience DID (receiver)
@@ -66,7 +52,8 @@ type tokenPayloadModel struct {
 	Nonce []byte

 	// Arbitrary Metadata
-	Meta meta.Meta
+	// optional: can be nil
+	Meta MetaModel

 	// "Not before" UTC Unix Timestamp in seconds (valid from), 53-bits integer
 	// optional: can be nil
@@ -76,10 +63,7 @@ type tokenPayloadModel struct {
 	Exp *int64
 }

-func (e *tokenPayloadModel) Prototype() schema.TypedPrototype {
-	return bindnode.Prototype((*tokenPayloadModel)(nil), payloadType())
-}
-
-func (*tokenPayloadModel) Tag() string {
-	return Tag
+type MetaModel struct {
+	Keys   []string
+	Values map[string]datamodel.Node
 }
--- a/delegation/schema_test.go
+++ b/delegation/schema_test.go
@@ -0,0 +1,71 @@
+package delegation
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/ipld/go-ipld-prime"
+	"github.com/stretchr/testify/require"
+)
+
+func TestSchemaRoundTrip(t *testing.T) {
+	const delegationJson = `
+{
+  "aud":"did:key:def456",
+  "cmd":"/foo/bar",
+  "exp":123456,
+  "iss":"did:key:abc123",
+  "meta":{
+    "bar":"baaar",
+    "foo":"fooo"
+  },
+  "nbf":123456,
+  "nonce":{
+    "/":{
+      "bytes":"c3VwZXItcmFuZG9t"
+    }
+  },
+  "pol":[
+    ["==", ".status", "draft"],
+    ["all", ".reviewer", [
+		["like", ".email", "*@example.com"]]
+	],
+    ["any", ".tags", [ 
+		["or", [
+			["==", ".", "news"], 
+			["==", ".", "press"]]
+      ]]
+	]
+  ],
+  "sub":""
+}
+`
+	// format:    dagJson   -->   PayloadModel   -->   dagCbor   -->   PayloadModel   -->   dagJson
+	// function:      DecodeDagJson()      EncodeDagCbor()   DecodeDagCbor()     EncodeDagJson()
+
+	p1, err := DecodeDagJson([]byte(delegationJson))
+	require.NoError(t, err)
+
+	cborBytes, err := p1.EncodeDagCbor()
+	require.NoError(t, err)
+	fmt.Println("cborBytes length", len(cborBytes))
+	fmt.Println("cbor", string(cborBytes))
+
+	p2, err := DecodeDagCbor(cborBytes)
+	require.NoError(t, err)
+	fmt.Println("read Cbor", p2)
+
+	readJson, err := p2.EncodeDagJson()
+	require.NoError(t, err)
+	fmt.Println("readJson length", len(readJson))
+	fmt.Println("json: ", string(readJson))
+
+	require.JSONEq(t, delegationJson, string(readJson))
+}
+
+func BenchmarkSchemaLoad(b *testing.B) {
+	b.ReportAllocs()
+	for i := 0; i < b.N; i++ {
+		_, _ = ipld.LoadSchemaBytes(schemaBytes)
+	}
+}
--- a/delegation/view.go
+++ b/delegation/view.go
@@ -0,0 +1,87 @@
+package delegation
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/ipld/go-ipld-prime/datamodel"
+
+	"github.com/ucan-wg/go-ucan/capability/command"
+	"github.com/ucan-wg/go-ucan/capability/policy"
+	"github.com/ucan-wg/go-ucan/did"
+)
+
+type View struct {
+	// Issuer DID (sender)
+	Issuer did.DID
+	// Audience DID (receiver)
+	Audience did.DID
+	// Principal that the chain is about (the Subject)
+	Subject did.DID
+	// The Command to eventually invoke
+	Command *command.Command
+	// The delegation policy
+	Policy policy.Policy
+	// A unique, random nonce
+	Nonce []byte
+	// Arbitrary Metadata
+	Meta map[string]datamodel.Node
+	// "Not before" UTC Unix Timestamp in seconds (valid from), 53-bits integer
+	NotBefore time.Time
+	// The timestamp at which the Invocation becomes invalid
+	Expiration time.Time
+}
+
+// ViewFromModel build a decoded view of the raw IPLD data.
+// This function also serves as validation.
+func ViewFromModel(m PayloadModel) (*View, error) {
+	var view View
+	var err error
+
+	view.Issuer, err = did.Parse(m.Iss)
+	if err != nil {
+		return nil, fmt.Errorf("parse iss: %w", err)
+	}
+
+	view.Audience, err = did.Parse(m.Aud)
+	if err != nil {
+		return nil, fmt.Errorf("parse audience: %w", err)
+	}
+
+	if m.Sub != nil {
+		view.Subject, err = did.Parse(*m.Sub)
+		if err != nil {
+			return nil, fmt.Errorf("parse subject: %w", err)
+		}
+	} else {
+		view.Subject = did.Undef
+	}
+
+	view.Command, err = command.Parse(m.Cmd)
+	if err != nil {
+		return nil, fmt.Errorf("parse command: %w", err)
+	}
+
+	view.Policy, err = policy.FromIPLD(m.Pol)
+	if err != nil {
+		return nil, fmt.Errorf("parse policy: %w", err)
+	}
+
+	if len(m.Nonce) == 0 {
+		return nil, fmt.Errorf("nonce is required")
+	}
+	view.Nonce = m.Nonce
+
+	// TODO: copy?
+	view.Meta = m.Meta.Values
+
+	if m.Nbf != nil {
+		view.NotBefore = time.Unix(*m.Nbf, 0)
+	}
+
+	if m.Exp != nil {
+		view.Expiration = time.Unix(*m.Exp, 0)
+	}
+
+	return &view, nil
+}
--- a/did/crypto.go
+++ b/did/crypto.go
@@ -1,48 +0,0 @@
-package did
-
-import (
-	"errors"
-
-	crypto "github.com/libp2p/go-libp2p/core/crypto"
-	"github.com/libp2p/go-libp2p/core/crypto/pb"
-	"github.com/multiformats/go-multicodec"
-	"github.com/multiformats/go-varint"
-)
-
-func FromPrivKey(privKey crypto.PrivKey) (DID, error) {
-	return FromPubKey(privKey.GetPublic())
-}
-
-func FromPubKey(pubKey crypto.PubKey) (DID, error) {
-	code, ok := map[pb.KeyType]multicodec.Code{
-		pb.KeyType_Ed25519:   multicodec.Ed25519Pub,
-		pb.KeyType_RSA:       multicodec.RsaPub,
-		pb.KeyType_Secp256k1: multicodec.Secp256k1Pub,
-		pb.KeyType_ECDSA:     multicodec.Es256,
-	}[pubKey.Type()]
-	if !ok {
-		return Undef, errors.New("Blah")
-	}
-
-	buf := varint.ToUvarint(uint64(code))
-
-	pubBytes, err := pubKey.Raw()
-	if err != nil {
-		return Undef, err
-	}
-
-	return DID{
-		str:  string(append(buf, pubBytes...)),
-		code: uint64(code),
-		key:  true,
-	}, nil
-}
-
-func ToPubKey(s string) (crypto.PubKey, error) {
-	id, err := Parse(s)
-	if err != nil {
-		return nil, err
-	}
-
-	return id.PubKey()
-}
--- a/did/crypto_test.go
+++ b/did/crypto_test.go
@@ -1,51 +0,0 @@
-package did_test
-
-import (
-	"testing"
-
-	"github.com/libp2p/go-libp2p/core/crypto"
-	"github.com/stretchr/testify/require"
-	"github.com/ucan-wg/go-ucan/did"
-)
-
-const (
-	exampleDIDStr    = "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"
-	examplePubKeyStr = "Lm/M42cB3HkUiODQsXRcweM6TByfzEHGO9ND274JcOY="
-)
-
-func TestFromPubKey(t *testing.T) {
-	t.Parallel()
-
-	id, err := did.FromPubKey(examplePubKey(t))
-	require.NoError(t, err)
-	require.Equal(t, exampleDID(t), id)
-}
-
-func TestToPubKey(t *testing.T) {
-	t.Parallel()
-
-	pubKey, err := did.ToPubKey(exampleDIDStr)
-	require.NoError(t, err)
-	require.Equal(t, examplePubKey(t), pubKey)
-}
-
-func exampleDID(t *testing.T) did.DID {
-	t.Helper()
-
-	id, err := did.Parse(exampleDIDStr)
-	require.NoError(t, err)
-
-	return id
-}
-
-func examplePubKey(t *testing.T) crypto.PubKey {
-	t.Helper()
-
-	pubKeyCfg, err := crypto.ConfigDecodeKey(examplePubKeyStr)
-	require.NoError(t, err)
-
-	pubKey, err := crypto.UnmarshalEd25519PublicKey(pubKeyCfg)
-	require.NoError(t, err)
-
-	return pubKey
-}
--- a/did/did.go
+++ b/did/did.go
@@ -4,9 +4,7 @@ import (
 	"fmt"
 	"strings"

-	crypto "github.com/libp2p/go-libp2p/core/crypto"
 	mbase "github.com/multiformats/go-multibase"
-	"github.com/multiformats/go-multicodec"
 	varint "github.com/multiformats/go-varint"
 )

@@ -15,16 +13,12 @@ const KeyPrefix = "did:key:"

 const DIDCore = 0x0d1d
 const Ed25519 = 0xed
-const RSA = uint64(multicodec.RsaPub)

 var MethodOffset = varint.UvarintSize(uint64(DIDCore))

-//
-// [did:key format]: https://w3c-ccg.github.io/did-method-key/
 type DID struct {
-	key  bool
-	code uint64
-	str  string
+	key bool
+	str string
 }

 // Undef can be used to represent a nil or undefined DID, using DID{}
@@ -42,36 +36,10 @@ func (d DID) Bytes() []byte {
 	return []byte(d.str)
 }

-func (d DID) Code() uint64 {
-	return d.code
-}
-
 func (d DID) DID() DID {
 	return d
 }

-func (d DID) Key() bool {
-	return d.key
-}
-
-func (d DID) PubKey() (crypto.PubKey, error) {
-	if !d.key {
-		return nil, fmt.Errorf("unsupported did type: %s", d.String())
-	}
-
-	unmarshaler, ok := map[multicodec.Code]crypto.PubKeyUnmarshaller{
-		multicodec.Ed25519Pub:   crypto.UnmarshalEd25519PublicKey,
-		multicodec.RsaPub:       crypto.UnmarshalRsaPublicKey,
-		multicodec.Secp256k1Pub: crypto.UnmarshalSecp256k1PublicKey,
-		multicodec.Es256:        crypto.UnmarshalECDSAPublicKey,
-	}[multicodec.Code(d.code)]
-	if !ok {
-		return nil, fmt.Errorf("unsupported multicodec: %d", d.code)
-	}
-
-	return unmarshaler(d.Bytes()[varint.UvarintSize(d.code):])
-}
-
 // String formats the decentralized identity document (DID) as a string.
 func (d DID) String() string {
 	if d.key {
@@ -86,8 +54,8 @@ func Decode(bytes []byte) (DID, error) {
 	if err != nil {
 		return Undef, err
 	}
-	if code == Ed25519 || code == RSA {
-		return DID{str: string(bytes), code: code, key: true}, nil
+	if code == Ed25519 {
+		return DID{str: string(bytes), key: true}, nil
 	} else if code == DIDCore {
 		return DID{str: string(bytes)}, nil
 	}
@@ -114,5 +82,5 @@ func Parse(str string) (DID, error) {
 	varint.PutUvarint(buf, DIDCore)
 	suffix, _ := strings.CutPrefix(str, Prefix)
 	buf = append(buf, suffix...)
-	return DID{str: string(buf), code: DIDCore}, nil
+	return DID{str: string(buf)}, nil
 }
--- a/go.mod
+++ b/go.mod
@@ -1,30 +1,28 @@
 module github.com/ucan-wg/go-ucan

-go 1.22
+go 1.21

-toolchain go1.22.4
+toolchain go1.22.1

 require (
+	github.com/gobwas/glob v0.2.3
 	github.com/ipfs/go-cid v0.4.1
 	github.com/ipld/go-ipld-prime v0.21.0
-	github.com/libp2p/go-libp2p v0.36.3
+	github.com/libp2p/go-libp2p v0.36.2
 	github.com/multiformats/go-multibase v0.2.0
 	github.com/multiformats/go-multicodec v0.9.0
-	github.com/multiformats/go-multihash v0.2.3
 	github.com/multiformats/go-varint v0.0.7
 	github.com/stretchr/testify v1.9.0
-	gotest.tools/v3 v3.5.1
 )

 require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 // indirect
-	github.com/google/go-cmp v0.5.9 // indirect
 	github.com/klauspost/cpuid/v2 v2.2.8 // indirect
 	github.com/minio/sha256-simd v1.0.1 // indirect
 	github.com/mr-tron/base58 v1.2.0 // indirect
 	github.com/multiformats/go-base32 v0.1.0 // indirect
 	github.com/multiformats/go-base36 v0.2.0 // indirect
+	github.com/multiformats/go-multihash v0.2.3 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/polydawn/refmt v0.89.0 // indirect
 	github.com/spaolacci/murmur3 v1.1.0 // indirect
--- a/go.sum
+++ b/go.sum
@@ -2,13 +2,11 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03
 github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/decred/dcrd/crypto/blake256 v1.0.1 h1:7PltbUIQB7u/FfZ39+DGa/ShuMyJ5ilcvdfma9wOH6Y=
-github.com/decred/dcrd/crypto/blake256 v1.0.1/go.mod h1:2OfgNZ5wDpcsFmHmCK5gZTPcCXqlm2ArzUIkw9czNJo=
-github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 h1:rpfIENRNNilwHwZeG5+P150SMrnNEcHYvcCuK6dPZSg=
-github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0=
 github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
 github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
 github.com/go-yaml/yaml v2.1.0+incompatible/go.mod h1:w2MrLa16VYP0jy6N7M5kHaCkaLENm+P+Tv+MfurjSw0=
+github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y=
+github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8=
@@ -25,10 +23,8 @@ github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
-github.com/libp2p/go-buffer-pool v0.1.0 h1:oK4mSFcQz7cTQIfqbe4MIj9gLW+mnanjyFtc6cdF0Y8=
-github.com/libp2p/go-buffer-pool v0.1.0/go.mod h1:N+vh8gMqimBzdKkSMVuydVDq+UV5QTWy5HSiZacSbPg=
-github.com/libp2p/go-libp2p v0.36.3 h1:NHz30+G7D8Y8YmznrVZZla0ofVANrvBl2c+oARfMeDQ=
-github.com/libp2p/go-libp2p v0.36.3/go.mod h1:4Y5vFyCUiJuluEPmpnKYf6WFx5ViKPUYs/ixe9ANFZ8=
+github.com/libp2p/go-libp2p v0.36.2 h1:BbqRkDaGC3/5xfaJakLV/BrpjlAuYqSB0lRvtzL3B/U=
+github.com/libp2p/go-libp2p v0.36.2/go.mod h1:XO3joasRE4Eup8yCTTP/+kX+g92mOgRaadk46LmPhHY=
 github.com/minio/sha256-simd v1.0.1 h1:6kaan5IFmwTNynnKKpDHe6FWHohJOHhCPchzK49dzMM=
 github.com/minio/sha256-simd v1.0.1/go.mod h1:Pz6AKMiUdngCLpeTL/RJY1M9rUuPMYujV5xJjtbRSN8=
 github.com/mr-tron/base58 v1.2.0 h1:T/HDJBh4ZCPbU39/+c3rRvE0uKBQlU27+QI8LJ4t64o=
@@ -37,8 +33,6 @@ github.com/multiformats/go-base32 v0.1.0 h1:pVx9xoSPqEIQG8o+UbAe7DNi51oej1NtK+aG
 github.com/multiformats/go-base32 v0.1.0/go.mod h1:Kj3tFY6zNr+ABYMqeUNeGvkIC/UYgtWibDcT0rExnbI=
 github.com/multiformats/go-base36 v0.2.0 h1:lFsAbNOGeKtuKozrtBsAkSVhv1p9D0/qedU9rQyccr0=
 github.com/multiformats/go-base36 v0.2.0/go.mod h1:qvnKE++v+2MWCfePClUEjE78Z7P2a1UV0xHgWc0hkp4=
-github.com/multiformats/go-multiaddr v0.13.0 h1:BCBzs61E3AGHcYYTv8dqRH43ZfyrqM8RXVPT8t13tLQ=
-github.com/multiformats/go-multiaddr v0.13.0/go.mod h1:sBXrNzucqkFJhvKOiwwLyqamGa/P5EIXNPLovyhQCII=
 github.com/multiformats/go-multibase v0.2.0 h1:isdYCVLvksgWlMW9OZRYJEa9pZETFivncJHmHnnd87g=
 github.com/multiformats/go-multibase v0.2.0/go.mod h1:bFBZX4lKCA/2lyOFSAoKH5SS6oPyjtnzK/XTFDPkNuk=
 github.com/multiformats/go-multicodec v0.9.0 h1:pb/dlPnzee/Sxv/j4PmkDRxCOi3hXTz3IbPKOXWJkmg=
@@ -69,8 +63,6 @@ github.com/warpfork/go-wish v0.0.0-20220906213052-39a1cc7a02d0/go.mod h1:x6AKhvS
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30=
 golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M=
-golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8=
-golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -87,7 +79,5 @@ gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gotest.tools/v3 v3.5.1 h1:EENdUnS3pdur5nybKYIh2Vfgc8IUNBjxDPSjtiJcOzU=
-gotest.tools/v3 v3.5.1/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU=
 lukechampine.com/blake3 v1.3.0 h1:sJ3XhFINmHSrYCgl958hscfIa3bw8x4DqMP3u1YvoYE=
 lukechampine.com/blake3 v1.3.0/go.mod h1:0OFRp7fBtAylGVCO40o87sbupkyIGgbpv1+M1k1LM6k=
--- a/tokens/internal/varsig/varsig.go
+++ b/tokens/internal/varsig/varsig.go
@@ -24,6 +24,7 @@
 package varsig

 import (
+	"encoding/base64"
 	"encoding/binary"
 	"errors"
 	"fmt"
@@ -129,5 +130,5 @@ func header(vals ...multicodec.Code) string {
 		buf = binary.AppendUvarint(buf, uint64(val))
 	}

-	return string(buf)
+	return base64.RawStdEncoding.EncodeToString(buf)
 }
--- a/tokens/internal/varsig/varsig_test.go
+++ b/tokens/internal/varsig/varsig_test.go
@@ -8,7 +8,7 @@ import (
 	"github.com/libp2p/go-libp2p/core/crypto/pb"
 	"github.com/stretchr/testify/assert"

-	"github.com/ucan-wg/go-ucan/tokens/internal/varsig"
+	"github.com/ucan-wg/go-ucan/internal/varsig"
 )

 func TestDecode(t *testing.T) {
@@ -21,14 +21,7 @@ func TestDecode(t *testing.T) {
 }

 func ExampleDecode() {
-	hdr, err := base64.RawStdEncoding.DecodeString("NIUkEoACcQ")
-	if err != nil {
-		fmt.Println(err.Error())
-
-		return
-	}
-
-	keyType, _ := varsig.Decode(hdr)
+	keyType, _ := varsig.Decode([]byte("NIUkEoACcQ"))
 	fmt.Println(keyType.String())
 	// Output:
 	// RSA
@@ -44,7 +37,7 @@ func TestEncode(t *testing.T) {

 func ExampleEncode() {
 	header, _ := varsig.Encode(pb.KeyType_RSA)
-	fmt.Println(base64.RawStdEncoding.EncodeToString(header))
+	fmt.Println(string(header))

 	// Output:
 	// NIUkEoACcQ
--- a/pkg/meta/meta.go
+++ b/pkg/meta/meta.go
@@ -1,136 +0,0 @@
-package meta
-
-import (
-	"errors"
-	"fmt"
-	"reflect"
-
-	"github.com/ipld/go-ipld-prime"
-	"github.com/ipld/go-ipld-prime/datamodel"
-	"github.com/ipld/go-ipld-prime/node/basicnode"
-)
-
-var ErrUnsupported = errors.New("failure adding unsupported type to meta")
-
-var ErrNotFound = errors.New("key-value not found in meta")
-
-// Meta is a container for meta key-value pairs in a UCAN token.
-// This also serves as a way to construct the underlying IPLD data with minimum allocations and transformations,
-// while hiding the IPLD complexity from the caller.
-type Meta struct {
-	Keys   []string
-	Values map[string]ipld.Node
-}
-
-// NewMeta constructs a new Meta.
-func NewMeta() *Meta {
-	return &Meta{Values: map[string]ipld.Node{}}
-}
-
-// GetBool retrieves a value as a bool.
-// Returns ErrNotFound if the given key is missing.
-// Returns datamodel.ErrWrongKind if the value has the wrong type.
-func (m *Meta) GetBool(key string) (bool, error) {
-	v, ok := m.Values[key]
-	if !ok {
-		return false, ErrNotFound
-	}
-	return v.AsBool()
-}
-
-// GetString retrieves a value as a string.
-// Returns ErrNotFound if the given key is missing.
-// Returns datamodel.ErrWrongKind if the value has the wrong type.
-func (m *Meta) GetString(key string) (string, error) {
-	v, ok := m.Values[key]
-	if !ok {
-		return "", ErrNotFound
-	}
-	return v.AsString()
-}
-
-// GetInt64 retrieves a value as an int64.
-// Returns ErrNotFound if the given key is missing.
-// Returns datamodel.ErrWrongKind if the value has the wrong type.
-func (m *Meta) GetInt64(key string) (int64, error) {
-	v, ok := m.Values[key]
-	if !ok {
-		return 0, ErrNotFound
-	}
-	return v.AsInt()
-}
-
-// GetFloat64 retrieves a value as a float64.
-// Returns ErrNotFound if the given key is missing.
-// Returns datamodel.ErrWrongKind if the value has the wrong type.
-func (m *Meta) GetFloat64(key string) (float64, error) {
-	v, ok := m.Values[key]
-	if !ok {
-		return 0, ErrNotFound
-	}
-	return v.AsFloat()
-}
-
-// GetBytes retrieves a value as a []byte.
-// Returns ErrNotFound if the given key is missing.
-// Returns datamodel.ErrWrongKind if the value has the wrong type.
-func (m *Meta) GetBytes(key string) ([]byte, error) {
-	v, ok := m.Values[key]
-	if !ok {
-		return nil, ErrNotFound
-	}
-	return v.AsBytes()
-}
-
-// GetNode retrieves a value as a raw IPLD node.
-// Returns ErrNotFound if the given key is missing.
-// Returns datamodel.ErrWrongKind if the value has the wrong type.
-func (m *Meta) GetNode(key string) (ipld.Node, error) {
-	v, ok := m.Values[key]
-	if !ok {
-		return nil, ErrNotFound
-	}
-	return v, nil
-}
-
-// Add adds a key/value pair in the meta set.
-// Accepted types for the value are: bool, string, int, int32, int64, []byte,
-// and ipld.Node.
-func (m *Meta) Add(key string, val any) error {
-	switch val := val.(type) {
-	case bool:
-		m.Values[key] = basicnode.NewBool(val)
-	case string:
-		m.Values[key] = basicnode.NewString(val)
-	case int:
-		m.Values[key] = basicnode.NewInt(int64(val))
-	case int32:
-		m.Values[key] = basicnode.NewInt(int64(val))
-	case int64:
-		m.Values[key] = basicnode.NewInt(val)
-	case float32:
-		m.Values[key] = basicnode.NewFloat(float64(val))
-	case float64:
-		m.Values[key] = basicnode.NewFloat(val)
-	case []byte:
-		m.Values[key] = basicnode.NewBytes(val)
-	case datamodel.Node:
-		m.Values[key] = val
-	default:
-		return fmt.Errorf("%w: %s", ErrUnsupported, fqtn(val))
-	}
-	m.Keys = append(m.Keys, key)
-	return nil
-}
-
-func fqtn(val any) string {
-	var name string
-
-	t := reflect.TypeOf(val)
-	for t.Kind() == reflect.Pointer {
-		name += "*"
-		t = t.Elem()
-	}
-
-	return name + t.PkgPath() + "." + t.Name()
-}
--- a/pkg/meta/meta_test.go
+++ b/pkg/meta/meta_test.go
@@ -1,23 +0,0 @@
-package meta_test
-
-import (
-	"testing"
-
-	"github.com/stretchr/testify/require"
-	"github.com/ucan-wg/go-ucan/pkg/meta"
-	"gotest.tools/v3/assert"
-)
-
-func TestMeta_Add(t *testing.T) {
-	t.Parallel()
-
-	type Unsupported struct{}
-
-	t.Run("error if not primative or Node", func(t *testing.T) {
-		t.Parallel()
-
-		err := (&meta.Meta{}).Add("invalid", &Unsupported{})
-		require.ErrorIs(t, err, meta.ErrUnsupported)
-		assert.ErrorContains(t, err, "*github.com/ucan-wg/go-ucan/pkg/meta_test.Unsupported")
-	})
-}
--- a/pkg/policy/glob.go
+++ b/pkg/policy/glob.go
@@ -1,79 +0,0 @@
-package policy
-
-import "fmt"
-
-type glob string
-
-// parseGlob ensures that the pattern conforms to the spec: only '*' and escaped '\*' are allowed.
-func parseGlob(pattern string) (glob, error) {
-	for i := 0; i < len(pattern); i++ {
-		if pattern[i] == '*' {
-			continue
-		}
-		if pattern[i] == '\\' && i+1 < len(pattern) && pattern[i+1] == '*' {
-			i++ // skip the escaped '*'
-			continue
-		}
-		if pattern[i] == '\\' && i+1 < len(pattern) {
-			i++ // skip the escaped character
-			continue
-		}
-		if pattern[i] == '\\' {
-			return "", fmt.Errorf("invalid escape sequence")
-		}
-	}
-
-	return glob(pattern), nil
-}
-
-func mustParseGlob(pattern string) glob {
-	g, err := parseGlob(pattern)
-	if err != nil {
-		panic(err)
-	}
-	return g
-}
-
-// Match matches a string against the glob pattern with * wildcards, handling escaped '\*' literals.
-func (pattern glob) Match(str string) bool {
-	// i is the index for the pattern
-	// j is the index for the string
-	var i, j int
-
-	// starIdx keeps track of the position of the last * in the pattern.
-	// matchIdx keeps track of the position in the string where the last * matched.
-	var starIdx, matchIdx int = -1, -1
-
-	for j < len(str) {
-		if i < len(pattern) && (pattern[i] == str[j] || pattern[i] == '\\' && i+1 < len(pattern) && pattern[i+1] == str[j]) {
-			// characters match or if there's an escaped character that matches
-			if pattern[i] == '\\' {
-				// skip the escape character
-				i++
-			}
-			i++
-			j++
-		} else if i < len(pattern) && pattern[i] == '*' {
-			// there's a * wildcard in the pattern
-			starIdx = i
-			matchIdx = j
-			i++
-		} else if starIdx != -1 {
-			// there's a previous * wildcard, backtrack
-			i = starIdx + 1
-			matchIdx++
-			j = matchIdx
-		} else {
-			// no match found
-			return false
-		}
-	}
-
-	// check for remaining characters in the pattern
-	for i < len(pattern) && pattern[i] == '*' {
-		i++
-	}
-
-	// the entire pattern is processed, it's a match
-	return i == len(pattern)
-}
--- a/pkg/policy/glob_test.go
+++ b/pkg/policy/glob_test.go
@@ -1,73 +0,0 @@
-package policy
-
-import (
-	"testing"
-
-	"github.com/stretchr/testify/require"
-)
-
-func TestSimpleGlobMatch(t *testing.T) {
-	tests := []struct {
-		pattern string
-		str     string
-		matches bool
-	}{
-		// Basic matching
-		{"*", "anything", true},
-		{"a*", "abc", true},
-		{"*c", "abc", true},
-		{"a*c", "abc", true},
-		{"a*c", "abxc", true},
-		{"a*c", "ac", true},
-		{"a*c", "a", false},
-		{"a*c", "ab", false},
-
-		// Escaped characters
-		{"a\\*c", "a*c", true},
-		{"a\\*c", "abc", false},
-
-		// Mixed wildcards and literals
-		{"a*b*c", "abc", true},
-		{"a*b*c", "aXbYc", true},
-		{"a*b*c", "aXbY", false},
-		{"a*b*c", "abYc", true},
-		{"a*b*c", "aXbc", true},
-		{"a*b*c", "aXbYcZ", false},
-
-		// Edge cases
-		{"", "", true},
-		{"", "a", false},
-		{"*", "", true},
-		{"*", "a", true},
-		{"\\*", "*", true},
-		{"\\*", "a", false},
-
-		// Specified test cases
-		{"Alice\\*, Bob*, Carol.", "Alice*, Bob, Carol.", true},
-		{"Alice\\*, Bob*, Carol.", "Alice*, Bob, Dan, Erin, Carol.", true},
-		{"Alice\\*, Bob*, Carol.", "Alice*, Bob  , Carol.", true},
-		{"Alice\\*, Bob*, Carol.", "Alice*, Bob*, Carol.", true},
-		{"Alice\\*, Bob*, Carol.", "Alice*, Bob, Carol", false},
-		{"Alice\\*, Bob*, Carol.", "Alice*, Bob*, Carol!", false},
-		{"Alice\\*, Bob*, Carol.", "Alice, Bob, Carol.", false},
-		{"Alice\\*, Bob*, Carol.", "Alice Cooper, Bob, Carol.", false},
-		{"Alice\\*, Bob*, Carol.", " Alice*, Bob, Carol. ", false},
-	}
-
-	for _, tt := range tests {
-		t.Run(tt.pattern+"_"+tt.str, func(t *testing.T) {
-			g, err := parseGlob(tt.pattern)
-			require.NoError(t, err)
-			require.Equal(t, tt.matches, g.Match(tt.str))
-		})
-	}
-}
-
-func BenchmarkGlob(b *testing.B) {
-	b.ReportAllocs()
-
-	for i := 0; i < b.N; i++ {
-		g := mustParseGlob("Alice\\*, Bob*, Carol.")
-		g.Match("Alice*, Bob*, Carol!")
-	}
-}
--- a/tokens/delegation/delegation.go
+++ b/tokens/delegation/delegation.go
@@ -1,245 +0,0 @@
-// Package delegation implements the UCAN [delegation] specification with
-// an immutable Token type as well as methods to convert the Token to and
-// from the [envelope]-enclosed, signed and DAG-CBOR-encoded form that
-// should most commonly be used for transport and storage.
-//
-// [delegation]: https://github.com/ucan-wg/delegation/tree/v1_ipld
-// [envelope]: https://github.com/ucan-wg/spec#envelope
-package delegation
-
-// TODO: change the "delegation" link above when the specification is merged
-
-import (
-	"crypto/rand"
-	"errors"
-	"fmt"
-	"time"
-
-	"github.com/ipfs/go-cid"
-	"github.com/libp2p/go-libp2p/core/crypto"
-
-	"github.com/ucan-wg/go-ucan/did"
-	"github.com/ucan-wg/go-ucan/pkg/command"
-	"github.com/ucan-wg/go-ucan/pkg/meta"
-	"github.com/ucan-wg/go-ucan/pkg/policy"
-)
-
-// Token is an immutable type that holds the fields of a UCAN delegation.
-type Token struct {
-	// Issuer DID (sender)
-	issuer did.DID
-	// Audience DID (receiver)
-	audience did.DID
-	// Principal that the chain is about (the Subject)
-	subject did.DID
-	// The Command to eventually invoke
-	command command.Command
-	// The delegation policy
-	policy policy.Policy
-	// A unique, random nonce
-	nonce []byte
-	// Arbitrary Metadata
-	meta *meta.Meta
-	// "Not before" UTC Unix Timestamp in seconds (valid from), 53-bits integer
-	notBefore *time.Time
-	// The timestamp at which the Invocation becomes invalid
-	expiration *time.Time
-	// The CID of the Token when enclosed in an Envelope and encoded to DAG-CBOR
-	cid cid.Cid
-}
-
-// New creates a validated Token from the provided parameters and options.
-func New(privKey crypto.PrivKey, aud did.DID, cmd command.Command, pol policy.Policy, opts ...Option) (*Token, error) {
-	iss, err := did.FromPrivKey(privKey)
-	if err != nil {
-		return nil, err
-	}
-
-	tkn := &Token{
-		issuer:   iss,
-		audience: aud,
-		subject:  did.Undef,
-		command:  cmd,
-		policy:   pol,
-		meta:     meta.NewMeta(),
-		nonce:    nil,
-		cid:      cid.Undef,
-	}
-
-	for _, opt := range opts {
-		if err := opt(tkn); err != nil {
-			return nil, err
-		}
-	}
-
-	if len(tkn.nonce) == 0 {
-		tkn.nonce, err = generateNonce()
-		if err != nil {
-			return nil, err
-		}
-	}
-
-	if err := tkn.validate(); err != nil {
-		return nil, err
-	}
-
-	return tkn, nil
-}
-
-func Root(privKey crypto.PrivKey, aud did.DID, cmd command.Command, pol policy.Policy, opts ...Option) (*Token, error) {
-	sub, err := did.FromPrivKey(privKey)
-	if err != nil {
-		return nil, err
-	}
-
-	opts = append(opts, WithSubject(sub))
-
-	return New(privKey, aud, cmd, pol, opts...)
-}
-
-// Issuer returns the did.DID representing the Token's issuer.
-func (t *Token) Issuer() did.DID {
-	return t.issuer
-}
-
-// Audience returns the did.DID representing the Token's audience.
-func (t *Token) Audience() did.DID {
-	return t.audience
-}
-
-// Subject returns the did.DID representing the Token's subject.
-//
-// This field may be did.Undef for delegations that are [Powerlined] but
-// must be equal to the value returned by the Issuer method for root
-// tokens.
-func (t *Token) Subject() did.DID {
-	return t.subject
-}
-
-// Command returns the capability's command.Command.
-func (t *Token) Command() command.Command {
-	return t.command
-}
-
-// Policy returns the capability's policy.Policy.
-func (t *Token) Policy() policy.Policy {
-	return t.policy
-}
-
-// Nonce returns the random Nonce encapsulated in this Token.
-func (t *Token) Nonce() []byte {
-	return t.nonce
-}
-
-// Meta returns the Token's metadata.
-func (t *Token) Meta() *meta.Meta {
-	return t.meta
-}
-
-// NotBefore returns the time at which the Token becomes "active".
-func (t *Token) NotBefore() *time.Time {
-	return t.notBefore
-}
-
-// Expiration returns the time at which the Token expires.
-func (t *Token) Expiration() *time.Time {
-	return t.expiration
-}
-
-// CID returns the content identifier of the Token model when enclosed
-// in an Envelope and encoded to DAG-CBOR.
-// Returns cid.Undef if the token has not been serialized or deserialized yet.
-func (t *Token) CID() cid.Cid {
-	return t.cid
-}
-
-func (t *Token) validate() error {
-	var errs error
-
-	requiredDID := func(id did.DID, fieldname string) {
-		if !id.Defined() {
-			errs = errors.Join(errs, fmt.Errorf(`a valid did is required for %s: %s`, fieldname, id.String()))
-		}
-	}
-
-	requiredDID(t.issuer, "Issuer")
-	requiredDID(t.audience, "Audience")
-
-	if len(t.nonce) < 12 {
-		errs = errors.Join(errs, fmt.Errorf("token nonce too small"))
-	}
-
-	return errs
-}
-
-// tokenFromModel build a decoded view of the raw IPLD data.
-// This function also serves as validation.
-func tokenFromModel(m tokenPayloadModel) (*Token, error) {
-	var (
-		tkn Token
-		err error
-	)
-
-	tkn.issuer, err = did.Parse(m.Iss)
-	if err != nil {
-		return nil, fmt.Errorf("parse iss: %w", err)
-	}
-
-	tkn.audience, err = did.Parse(m.Aud)
-	if err != nil {
-		return nil, fmt.Errorf("parse audience: %w", err)
-	}
-
-	if m.Sub != nil {
-		tkn.subject, err = did.Parse(*m.Sub)
-		if err != nil {
-			return nil, fmt.Errorf("parse subject: %w", err)
-		}
-	} else {
-		tkn.subject = did.Undef
-	}
-
-	tkn.command, err = command.Parse(m.Cmd)
-	if err != nil {
-		return nil, fmt.Errorf("parse command: %w", err)
-	}
-
-	tkn.policy, err = policy.FromIPLD(m.Pol)
-	if err != nil {
-		return nil, fmt.Errorf("parse policy: %w", err)
-	}
-
-	if len(m.Nonce) == 0 {
-		return nil, fmt.Errorf("nonce is required")
-	}
-	tkn.nonce = m.Nonce
-
-	tkn.meta = &m.Meta
-
-	if m.Nbf != nil {
-		t := time.Unix(*m.Nbf, 0)
-		tkn.notBefore = &t
-	}
-
-	if m.Exp != nil {
-		t := time.Unix(*m.Exp, 0)
-		tkn.expiration = &t
-	}
-
-	if err := tkn.validate(); err != nil {
-		return nil, err
-	}
-
-	return &tkn, nil
-}
-
-// generateNonce creates a 12-byte random nonce.
-// TODO: some crypto scheme require more, is that our case?
-func generateNonce() ([]byte, error) {
-	res := make([]byte, 12)
-	_, err := rand.Read(res)
-	if err != nil {
-		return nil, err
-	}
-	return res, nil
-}
--- a/tokens/delegation/delegation_test.go
+++ b/tokens/delegation/delegation_test.go
@@ -1,136 +0,0 @@
-package delegation_test
-
-import (
-	"testing"
-	"time"
-
-	"github.com/libp2p/go-libp2p/core/crypto"
-	"github.com/stretchr/testify/require"
-	"gotest.tools/v3/golden"
-
-	"github.com/ucan-wg/go-ucan/did"
-	"github.com/ucan-wg/go-ucan/pkg/command"
-	"github.com/ucan-wg/go-ucan/pkg/policy"
-	"github.com/ucan-wg/go-ucan/tokens/delegation"
-)
-
-const (
-	nonce = "6roDhGi0kiNriQAz7J3d+bOeoI/tj8ENikmQNbtjnD0"
-
-	AudiencePrivKeyCfg = "CAESQL1hvbXpiuk2pWr/XFbfHJcZNpJ7S90iTA3wSCTc/BPRneCwPnCZb6c0vlD6ytDWqaOt0HEOPYnqEpnzoBDprSM="
-	AudienceDID        = "did:key:z6Mkq5YmbJcTrPExNDi26imrTCpKhepjBFBSHqrBDN2ArPkv"
-
-	issuerPrivKeyCfg = "CAESQLSql38oDmQXIihFFaYIjb73mwbPsc7MIqn4o8PN4kRNnKfHkw5gRP1IV9b6d0estqkZayGZ2vqMAbhRixjgkDU="
-	issuerDID        = "did:key:z6Mkpzn2n3ZGT2VaqMGSQC3tzmzV4TS9S71iFsDXE1WnoNH2"
-
-	subjectPrivKeyCfg = "CAESQL9RtjZ4dQBeXtvDe53UyvslSd64kSGevjdNiA1IP+hey5i/3PfRXSuDr71UeJUo1fLzZ7mGldZCOZL3gsIQz5c="
-	subjectDID        = "did:key:z6MktA1uBdCpq4uJBqE9jjMiLyxZBg9a6xgPPKJjMqss6Zc2"
-	subJectCmd        = "/foo/bar"
-	subjectPol        = `
-[
-	[
-		"==",
-		".status",
-		"draft"
-	],
-	[
-		"all",
-		".reviewer",
-		[
-			"like",
-			".email",
-			"*@example.com"
-		]
-	],
-	[
-		"any",
-		".tags",
-		[
-			"or",
-			[
-				[
-					"==",
-					".",
-					"news"
-				],
-				[
-					"==",
-					".",
-					"press"
-				]
-			]
-		]
-	]
-]
-`
-
-	newCID  = "zdpuAn9JgGPvnt2WCmTaKktZdbuvcVGTg9bUT5kQaufwUtZ6e"
-	rootCID = "zdpuAkgGmUp5JrXvehGuuw9JA8DLQKDaxtK3R8brDQQVC2i5X"
-)
-
-func TestConstructors(t *testing.T) {
-	t.Parallel()
-
-	privKey := privKey(t, issuerPrivKeyCfg)
-
-	aud, err := did.Parse(AudienceDID)
-
-	sub, err := did.Parse(subjectDID)
-	require.NoError(t, err)
-
-	cmd, err := command.Parse(subJectCmd)
-	require.NoError(t, err)
-
-	pol, err := policy.FromDagJson(subjectPol)
-	require.NoError(t, err)
-
-	exp, err := time.Parse(time.RFC3339, "2200-01-01T00:00:00Z")
-	require.NoError(t, err)
-
-	t.Run("New", func(t *testing.T) {
-		tkn, err := delegation.New(privKey, aud, cmd, pol,
-			delegation.WithNonce([]byte(nonce)),
-			delegation.WithSubject(sub),
-			delegation.WithExpiration(exp),
-			delegation.WithMeta("foo", "fooo"),
-			delegation.WithMeta("bar", "barr"),
-		)
-		require.NoError(t, err)
-
-		data, err := tkn.ToDagJson(privKey)
-		require.NoError(t, err)
-
-		t.Log(string(data))
-
-		golden.Assert(t, string(data), "new.dagjson")
-	})
-
-	t.Run("Root", func(t *testing.T) {
-		t.Parallel()
-
-		tkn, err := delegation.Root(privKey, aud, cmd, pol,
-			delegation.WithNonce([]byte(nonce)),
-			delegation.WithExpiration(exp),
-			delegation.WithMeta("foo", "fooo"),
-			delegation.WithMeta("bar", "barr"),
-		)
-		require.NoError(t, err)
-
-		data, err := tkn.ToDagJson(privKey)
-		require.NoError(t, err)
-
-		t.Log(string(data))
-
-		golden.Assert(t, string(data), "root.dagjson")
-	})
-}
-
-func privKey(t require.TestingT, privKeyCfg string) crypto.PrivKey {
-	privKeyMar, err := crypto.ConfigDecodeKey(privKeyCfg)
-	require.NoError(t, err)
-
-	privKey, err := crypto.UnmarshalPrivateKey(privKeyMar)
-	require.NoError(t, err)
-
-	return privKey
-}
--- a/tokens/delegation/ipld.go
+++ b/tokens/delegation/ipld.go
@@ -1,236 +0,0 @@
-package delegation
-
-import (
-	"io"
-
-	"github.com/ipfs/go-cid"
-	"github.com/ipld/go-ipld-prime"
-	"github.com/ipld/go-ipld-prime/codec"
-	"github.com/ipld/go-ipld-prime/codec/dagcbor"
-	"github.com/ipld/go-ipld-prime/codec/dagjson"
-	"github.com/ipld/go-ipld-prime/datamodel"
-	"github.com/libp2p/go-libp2p/core/crypto"
-
-	"github.com/ucan-wg/go-ucan/did"
-	"github.com/ucan-wg/go-ucan/tokens/internal/envelope"
-)
-
-// ToSealed wraps the delegation token in an envelope, generates the
-// signature, encodes the result to DAG-CBOR and calculates the CID of
-// the resulting binary data.
-func (t *Token) ToSealed(privKey crypto.PrivKey) ([]byte, cid.Cid, error) {
-	data, err := t.ToDagCbor(privKey)
-	if err != nil {
-		return nil, cid.Undef, err
-	}
-
-	id, err := envelope.CIDFromBytes(data)
-	if err != nil {
-		return nil, cid.Undef, err
-	}
-
-	return data, id, nil
-}
-
-// ToSealedWriter is the same as Seal but accepts an io.Writer.
-func (t *Token) ToSealedWriter(w io.Writer, privKey crypto.PrivKey) (cid.Cid, error) {
-	cidWriter := envelope.NewCIDWriter(w)
-
-	if err := t.ToDagCborWriter(cidWriter, privKey); err != nil {
-		return cid.Undef, err
-	}
-
-	return cidWriter.CID()
-}
-
-// FromSealed decodes the provided binary data from the DAG-CBOR format,
-// verifies that the envelope's signature is correct based on the public
-// key taken from the issuer (iss) field and calculates the CID of the
-// incoming data.
-func FromSealed(data []byte) (*Token, error) {
-	tkn, err := FromDagCbor(data)
-	if err != nil {
-		return nil, err
-	}
-
-	id, err := envelope.CIDFromBytes(data)
-	if err != nil {
-		return nil, err
-	}
-
-	tkn.cid = id
-
-	return tkn, nil
-}
-
-// FromSealedReader is the same as Unseal but accepts an io.Reader.
-func FromSealedReader(r io.Reader) (*Token, error) {
-	cidReader := envelope.NewCIDReader(r)
-
-	tkn, err := FromDagCborReader(cidReader)
-	if err != nil {
-		return nil, err
-	}
-
-	id, err := cidReader.CID()
-	if err != nil {
-		return nil, err
-	}
-
-	tkn.cid = id
-
-	return tkn, nil
-}
-
-// Encode marshals a View to the format specified by the provided
-// codec.Encoder.
-func (t *Token) Encode(privKey crypto.PrivKey, encFn codec.Encoder) ([]byte, error) {
-	node, err := t.toIPLD(privKey)
-	if err != nil {
-		return nil, err
-	}
-
-	return ipld.Encode(node, encFn)
-}
-
-// EncodeWriter is the same as Encode but accepts an io.Writer.
-func (t *Token) EncodeWriter(w io.Writer, privKey crypto.PrivKey, encFn codec.Encoder) error {
-	node, err := t.toIPLD(privKey)
-	if err != nil {
-		return err
-	}
-
-	return ipld.EncodeStreaming(w, node, encFn)
-}
-
-// ToDagCbor marshals the View to the DAG-CBOR format.
-func (t *Token) ToDagCbor(privKey crypto.PrivKey) ([]byte, error) {
-	return t.Encode(privKey, dagcbor.Encode)
-}
-
-// ToDagCborWriter is the same as ToDagCbor but it accepts an io.Writer.
-func (t *Token) ToDagCborWriter(w io.Writer, privKey crypto.PrivKey) error {
-	return t.EncodeWriter(w, privKey, dagcbor.Encode)
-}
-
-// ToDagJson marshals the View to the DAG-JSON format.
-func (t *Token) ToDagJson(privKey crypto.PrivKey) ([]byte, error) {
-	return t.Encode(privKey, dagjson.Encode)
-}
-
-// ToDagJsonWriter is the same as ToDagJson but it accepts an io.Writer.
-func (t *Token) ToDagJsonWriter(w io.Writer, privKey crypto.PrivKey) error {
-	return t.EncodeWriter(w, privKey, dagjson.Encode)
-}
-
-// Decode unmarshals the input data using the format specified by the
-// provided codec.Decoder into a View.
-//
-// An error is returned if the conversion fails, or if the resulting
-// View is invalid.
-func Decode(b []byte, decFn codec.Decoder) (*Token, error) {
-	node, err := ipld.Decode(b, decFn)
-	if err != nil {
-		return nil, err
-	}
-	return fromIPLD(node)
-}
-
-// DecodeReader is the same as Decode, but accept an io.Reader.
-func DecodeReader(r io.Reader, decFn codec.Decoder) (*Token, error) {
-	node, err := ipld.DecodeStreaming(r, decFn)
-	if err != nil {
-		return nil, err
-	}
-	return fromIPLD(node)
-}
-
-// FromDagCbor unmarshals the input data into a View.
-//
-// An error is returned if the conversion fails, or if the resulting
-// View is invalid.
-func FromDagCbor(data []byte) (*Token, error) {
-	pay, err := envelope.FromDagCbor[*tokenPayloadModel](data)
-	if err != nil {
-		return nil, err
-	}
-
-	tkn, err := tokenFromModel(*pay)
-	if err != nil {
-		return nil, err
-	}
-
-	return tkn, err
-}
-
-// FromDagCborReader is the same as FromDagCbor, but accept an io.Reader.
-func FromDagCborReader(r io.Reader) (*Token, error) {
-	return DecodeReader(r, dagcbor.Decode)
-}
-
-// FromDagJson unmarshals the input data into a View.
-//
-// An error is returned if the conversion fails, or if the resulting
-// View is invalid.
-func FromDagJson(data []byte) (*Token, error) {
-	return Decode(data, dagjson.Decode)
-}
-
-// FromDagJsonReader is the same as FromDagJson, but accept an io.Reader.
-func FromDagJsonReader(r io.Reader) (*Token, error) {
-	return DecodeReader(r, dagjson.Decode)
-}
-
-func fromIPLD(node datamodel.Node) (*Token, error) {
-	pay, err := envelope.FromIPLD[*tokenPayloadModel](node)
-	if err != nil {
-		return nil, err
-	}
-
-	tkn, err := tokenFromModel(*pay)
-	if err != nil {
-		return nil, err
-	}
-
-	return tkn, err
-}
-
-func (t *Token) toIPLD(privKey crypto.PrivKey) (datamodel.Node, error) {
-	var sub *string
-
-	if t.subject != did.Undef {
-		s := t.subject.String()
-		sub = &s
-	}
-
-	pol, err := t.policy.ToIPLD()
-	if err != nil {
-		return nil, err
-	}
-
-	var nbf *int64
-	if t.notBefore != nil {
-		u := t.notBefore.Unix()
-		nbf = &u
-	}
-
-	var exp *int64
-	if t.expiration != nil {
-		u := t.expiration.Unix()
-		exp = &u
-	}
-
-	model := &tokenPayloadModel{
-		Iss:   t.issuer.String(),
-		Aud:   t.audience.String(),
-		Sub:   sub,
-		Cmd:   t.command.String(),
-		Pol:   pol,
-		Nonce: t.nonce,
-		Meta:  *t.meta,
-		Nbf:   nbf,
-		Exp:   exp,
-	}
-
-	return envelope.ToIPLD(privKey, model)
-}
--- a/tokens/delegation/options.go
+++ b/tokens/delegation/options.go
@@ -1,72 +0,0 @@
-package delegation
-
-import (
-	"fmt"
-	"time"
-
-	"github.com/ucan-wg/go-ucan/did"
-)
-
-// Option is a type that allows optional fields to be set during the
-// creation of a Token.
-type Option func(*Token) error
-
-// WithExpiration set's the Token's optional "expiration" field to the
-// value of the provided time.Time.
-func WithExpiration(exp time.Time) Option {
-	return func(t *Token) error {
-		if exp.Before(time.Now()) {
-			return fmt.Errorf("a Token's expiration should be set to a time in the future: %s", exp.String())
-		}
-
-		t.expiration = &exp
-		return nil
-	}
-}
-
-// WithMeta adds a key/value pair in the "meta" field.
-//
-// WithMeta can be used multiple times in the same call.
-// Accepted types for the value are: bool, string, int, int32, int64, []byte,
-// and ipld.Node.
-func WithMeta(key string, val any) Option {
-	return func(t *Token) error {
-		return t.meta.Add(key, val)
-	}
-}
-
-// WithNotBefore set's the Token's optional "notBefore" field to the value
-// of the provided time.Time.
-func WithNotBefore(nbf time.Time) Option {
-	return func(t *Token) error {
-		if nbf.Before(time.Now()) {
-			return fmt.Errorf("a Token's \"not before\" field should be set to a time in the future: %s", nbf.String())
-		}
-
-		t.notBefore = &nbf
-		return nil
-	}
-}
-
-// WithSubject sets the Tokens's optional "subject" field to the value of
-// provided did.DID.
-//
-// This Option should only be used with the New constructor - since
-// Subject is a required parameter when creating a Token via the  Root
-// constructor, any value provided via this Option will be silently
-// overwritten.
-func WithSubject(sub did.DID) Option {
-	return func(t *Token) error {
-		t.subject = sub
-		return nil
-	}
-}
-
-// WithNonce sets the Token's nonce with the given value.
-// If this option is not used, a random 12-byte nonce is generated for this required field.
-func WithNonce(nonce []byte) Option {
-	return func(t *Token) error {
-		t.nonce = nonce
-		return nil
-	}
-}
--- a/tokens/delegation/schema_test.go
+++ b/tokens/delegation/schema_test.go
@@ -1,177 +0,0 @@
-package delegation_test
-
-import (
-	"bytes"
-	_ "embed"
-	"fmt"
-	"testing"
-
-	"github.com/ipld/go-ipld-prime"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-	"gotest.tools/v3/golden"
-
-	"github.com/ucan-wg/go-ucan/tokens/delegation"
-	"github.com/ucan-wg/go-ucan/tokens/internal/envelope"
-)
-
-//go:embed delegation.ipldsch
-var schemaBytes []byte
-
-func TestSchemaRoundTrip(t *testing.T) {
-	t.Parallel()
-
-	delegationJson := golden.Get(t, "new.dagjson")
-	privKey := privKey(t, issuerPrivKeyCfg)
-
-	t.Run("via buffers", func(t *testing.T) {
-		t.Parallel()
-
-		// format:    dagJson   -->   PayloadModel   -->   dagCbor   -->   PayloadModel   -->   dagJson
-		// function:      DecodeDagJson()           Seal()        Unseal()          EncodeDagJson()
-
-		p1, err := delegation.FromDagJson(delegationJson)
-		require.NoError(t, err)
-
-		cborBytes, id, err := p1.ToSealed(privKey)
-		require.NoError(t, err)
-		assert.Equal(t, newCID, envelope.CIDToBase58BTC(id))
-		fmt.Println("cborBytes length", len(cborBytes))
-		fmt.Println("cbor", string(cborBytes))
-
-		p2, err := delegation.FromSealed(cborBytes)
-		require.NoError(t, err)
-		assert.Equal(t, id, p2.CID())
-		fmt.Println("read Cbor", p2)
-
-		readJson, err := p2.ToDagJson(privKey)
-		require.NoError(t, err)
-		fmt.Println("readJson length", len(readJson))
-		fmt.Println("json: ", string(readJson))
-
-		assert.JSONEq(t, string(delegationJson), string(readJson))
-	})
-
-	t.Run("via streaming", func(t *testing.T) {
-		t.Parallel()
-
-		buf := bytes.NewBuffer(delegationJson)
-
-		// format:    dagJson   -->   PayloadModel   -->   dagCbor   -->   PayloadModel   -->   dagJson
-		// function:      DecodeDagJson()           Seal()         Unseal()         EncodeDagJson()
-
-		p1, err := delegation.FromDagJsonReader(buf)
-		require.NoError(t, err)
-
-		cborBytes := &bytes.Buffer{}
-		id, err := p1.ToSealedWriter(cborBytes, privKey)
-		t.Log(len(id.Bytes()), id.Bytes())
-		require.NoError(t, err)
-		assert.Equal(t, newCID, envelope.CIDToBase58BTC(id))
-
-		// buf = bytes.NewBuffer(cborBytes.Bytes())
-		p2, err := delegation.FromSealedReader(cborBytes)
-		require.NoError(t, err)
-		t.Log(len(p2.CID().Bytes()), p2.CID().Bytes())
-		assert.Equal(t, envelope.CIDToBase58BTC(id), envelope.CIDToBase58BTC(p2.CID()))
-
-		readJson := &bytes.Buffer{}
-		require.NoError(t, p2.ToDagJsonWriter(readJson, privKey))
-
-		assert.JSONEq(t, string(delegationJson), readJson.String())
-	})
-}
-
-func BenchmarkSchemaLoad(b *testing.B) {
-	b.ReportAllocs()
-	for i := 0; i < b.N; i++ {
-		_, _ = ipld.LoadSchemaBytes(schemaBytes)
-	}
-}
-
-func BenchmarkRoundTrip(b *testing.B) {
-	delegationJson := golden.Get(b, "new.dagjson")
-	privKey := privKey(b, issuerPrivKeyCfg)
-
-	b.Run("via buffers", func(b *testing.B) {
-		p1, _ := delegation.FromDagJson(delegationJson)
-		cborBytes, _, _ := p1.ToSealed(privKey)
-		p2, _ := delegation.FromSealed(cborBytes)
-
-		b.ResetTimer()
-
-		b.Run("FromDagJson", func(b *testing.B) {
-			b.ReportAllocs()
-			for i := 0; i < b.N; i++ {
-				_, _ = delegation.FromDagJson(delegationJson)
-			}
-		})
-
-		b.Run("Seal", func(b *testing.B) {
-			b.ReportAllocs()
-			for i := 0; i < b.N; i++ {
-				_, _, _ = p1.ToSealed(privKey)
-			}
-		})
-
-		b.Run("Unseal", func(b *testing.B) {
-			b.ReportAllocs()
-			for i := 0; i < b.N; i++ {
-				_, _ = delegation.FromSealed(cborBytes)
-			}
-		})
-
-		b.Run("ToDagJson", func(b *testing.B) {
-			b.ReportAllocs()
-			for i := 0; i < b.N; i++ {
-				_, _ = p2.ToDagJson(privKey)
-			}
-		})
-	})
-
-	b.Run("via streaming", func(b *testing.B) {
-		p1, _ := delegation.FromDagJsonReader(bytes.NewReader(delegationJson))
-		cborBuf := &bytes.Buffer{}
-		_, _ = p1.ToSealedWriter(cborBuf, privKey)
-		cborBytes := cborBuf.Bytes()
-		p2, _ := delegation.FromSealedReader(bytes.NewReader(cborBytes))
-
-		b.ResetTimer()
-
-		b.Run("FromDagJsonReader", func(b *testing.B) {
-			b.ReportAllocs()
-			reader := bytes.NewReader(delegationJson)
-			for i := 0; i < b.N; i++ {
-				_, _ = reader.Seek(0, 0)
-				_, _ = delegation.FromDagJsonReader(reader)
-			}
-		})
-
-		b.Run("SealWriter", func(b *testing.B) {
-			b.ReportAllocs()
-			buf := &bytes.Buffer{}
-			for i := 0; i < b.N; i++ {
-				buf.Reset()
-				_, _ = p1.ToSealedWriter(buf, privKey)
-			}
-		})
-
-		b.Run("UnsealReader", func(b *testing.B) {
-			b.ReportAllocs()
-			reader := bytes.NewReader(cborBytes)
-			for i := 0; i < b.N; i++ {
-				_, _ = reader.Seek(0, 0)
-				_, _ = delegation.FromSealedReader(reader)
-			}
-		})
-
-		b.Run("ToDagJsonReader", func(b *testing.B) {
-			b.ReportAllocs()
-			buf := &bytes.Buffer{}
-			for i := 0; i < b.N; i++ {
-				buf.Reset()
-				_ = p2.ToDagJsonWriter(buf, privKey)
-			}
-		})
-	})
-}
--- a/tokens/delegation/testdata/new.dagjson
+++ b/tokens/delegation/testdata/new.dagjson
@@ -1 +0,0 @@
-[{"/":{"bytes":"FM6otj0r/noJWiGAC5WV86xAazxrF173IihuHJgEt35CtSzjeaelrR3UwaSr8xbE9sLpo5xJhUbo0QLI273hDA"}},{"h":{"/":{"bytes":"NO0BcQ"}},"ucan/dlg@1.0.0-rc.1":{"aud":"did:key:z6Mkq5YmbJcTrPExNDi26imrTCpKhepjBFBSHqrBDN2ArPkv","cmd":"/foo/bar","exp":7258118400,"iss":"did:key:z6Mkpzn2n3ZGT2VaqMGSQC3tzmzV4TS9S71iFsDXE1WnoNH2","meta":{"bar":"barr","foo":"fooo"},"nonce":{"/":{"bytes":"NnJvRGhHaTBraU5yaVFBejdKM2QrYk9lb0kvdGo4RU5pa21RTmJ0am5EMA"}},"pol":[["==",".status","draft"],["all",".reviewer",["like",".email","*@example.com"]],["any",".tags",["or",[["==",".","news"],["==",".","press"]]]]],"sub":"did:key:z6MktA1uBdCpq4uJBqE9jjMiLyxZBg9a6xgPPKJjMqss6Zc2"}}]
--- a/tokens/delegation/testdata/root.dagjson
+++ b/tokens/delegation/testdata/root.dagjson
@@ -1 +0,0 @@
-[{"/":{"bytes":"aYBq08tfm0zQZnPg/5tB9kM5mklRU9PPIkV7CK68jEgbd76JbCGuu75vfLyBu3WTqKzLSJ583pbwu668m/7MBQ"}},{"h":{"/":{"bytes":"NO0BcQ"}},"ucan/dlg@1.0.0-rc.1":{"aud":"did:key:z6Mkq5YmbJcTrPExNDi26imrTCpKhepjBFBSHqrBDN2ArPkv","cmd":"/foo/bar","exp":7258118400,"iss":"did:key:z6Mkpzn2n3ZGT2VaqMGSQC3tzmzV4TS9S71iFsDXE1WnoNH2","meta":{"bar":"barr","foo":"fooo"},"nonce":{"/":{"bytes":"NnJvRGhHaTBraU5yaVFBejdKM2QrYk9lb0kvdGo4RU5pa21RTmJ0am5EMA"}},"pol":[["==",".status","draft"],["all",".reviewer",["like",".email","*@example.com"]],["any",".tags",["or",[["==",".","news"],["==",".","press"]]]]],"sub":"did:key:z6Mkpzn2n3ZGT2VaqMGSQC3tzmzV4TS9S71iFsDXE1WnoNH2"}}]
--- a/tokens/internal/envelope/cid.go
+++ b/tokens/internal/envelope/cid.go
@@ -1,124 +0,0 @@
-package envelope
-
-import (
-	"crypto/sha256"
-	"hash"
-	"io"
-
-	"github.com/ipfs/go-cid"
-	"github.com/multiformats/go-multibase"
-	"github.com/multiformats/go-multicodec"
-	"github.com/multiformats/go-multihash"
-)
-
-var b58BTCEnc = multibase.MustNewEncoder(multibase.Base58BTC)
-
-// CIDToBase56BTC is a utility method to convert a CIDv1 to the canonical
-// string representation used by UCAN.
-func CIDToBase58BTC(id cid.Cid) string {
-	return id.Encode(b58BTCEnc)
-}
-
-// CIDFromBytes returns the UCAN content identifier for an arbitrary slice
-// of bytes.
-func CIDFromBytes(b []byte) (cid.Cid, error) {
-	return cid.V1Builder{
-		Codec:    uint64(multicodec.DagCbor),
-		MhType:   multihash.SHA2_256,
-		MhLength: 0,
-	}.Sum(b)
-}
-
-var _ io.Reader = (*CIDReader)(nil)
-
-// CIDReader wraps an io.Reader and includes a hash.Hash that is
-// incrementally updated as data is read from the child io.Reader.
-type CIDReader struct {
-	hash hash.Hash
-	r    io.Reader
-	err  error
-}
-
-// NewCIDReader initializes a hash.Hash to calculate the CID's hash and
-// returns the wrapped io.Reader.
-func NewCIDReader(r io.Reader) *CIDReader {
-	h := sha256.New()
-	h.Reset()
-
-	return &CIDReader{
-		hash: h,
-		r:    r,
-	}
-}
-
-// CID returns the UCAN-formatted cid.Cid created from the hash calculated
-// as bytes were read from the inner io.Reader.
-func (r *CIDReader) CID() (cid.Cid, error) {
-	if r.err != nil {
-		return cid.Undef, r.err // TODO: Wrap to say it's an error during streaming?
-	}
-
-	return cidFromHash(r.hash)
-}
-
-// Read implements io.Reader.
-func (r *CIDReader) Read(p []byte) (n int, err error) {
-	n, err = r.r.Read(p)
-	if err != nil && err != io.EOF {
-		r.err = err
-
-		return
-	}
-
-	_, _ = r.hash.Write(p[:n])
-
-	return
-}
-
-var _ io.Writer = (*CIDWriter)(nil)
-
-// CIDWriter wraps an io.Writer and includes a hash.Hash that is
-// incrementally updated as data is written to the child io.Writer.
-type CIDWriter struct {
-	hash hash.Hash
-	w    io.Writer
-	err  error
-}
-
-// NewCIDWriter initializes a hash.Hash to calculate the CID's hash and
-// returns the wrapped io.Writer.
-func NewCIDWriter(w io.Writer) *CIDWriter {
-	h := sha256.New()
-	h.Reset()
-
-	return &CIDWriter{
-		hash: h,
-		w:    w,
-	}
-}
-
-// CID returns the UCAN-formatted cid.Cid created from the hash calculated
-// as bytes were written from the inner io.Reader.
-func (w *CIDWriter) CID() (cid.Cid, error) {
-	return cidFromHash(w.hash)
-}
-
-// Write implements io.Writer.
-func (w *CIDWriter) Write(p []byte) (n int, err error) {
-	if _, err = w.hash.Write(p); err != nil {
-		w.err = err
-
-		return
-	}
-
-	return w.w.Write(p)
-}
-
-func cidFromHash(hash hash.Hash) (cid.Cid, error) {
-	mh, err := multihash.Encode(hash.Sum(nil), multihash.SHA2_256)
-	if err != nil {
-		return cid.Undef, err
-	}
-
-	return cid.NewCidV1(uint64(multicodec.DagCbor), mh), nil
-}
--- a/tokens/internal/envelope/cid_test.go
+++ b/tokens/internal/envelope/cid_test.go
@@ -1,86 +0,0 @@
-package envelope_test
-
-import (
-	"io"
-	"testing"
-
-	"github.com/ipfs/go-cid"
-	"github.com/multiformats/go-multicodec"
-	"github.com/multiformats/go-multihash"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-	"gotest.tools/v3/golden"
-
-	"github.com/ucan-wg/go-ucan/tokens/internal/envelope"
-)
-
-func TestCidFromBytes(t *testing.T) {
-	t.Parallel()
-
-	expData := golden.Get(t, "example.dagcbor")
-	expHash, err := multihash.Sum(expData, uint64(multicodec.Sha2_256), -1)
-	require.NoError(t, err)
-
-	data, err := envelope.ToDagCbor(examplePrivKey(t), newExample(t))
-	require.NoError(t, err)
-
-	id, err := envelope.CIDFromBytes(data)
-	require.NoError(t, err)
-	assert.Equal(t, exampleCID, envelope.CIDToBase58BTC(id))
-	assert.Equal(t, expHash, id.Hash())
-}
-
-func TestStreaming(t *testing.T) {
-	t.Parallel()
-
-	expData := []byte("this is a test")
-
-	expCID, err := cid.V1Builder{
-		Codec:    uint64(multicodec.DagCbor),
-		MhType:   multihash.SHA2_256,
-		MhLength: 0,
-	}.Sum(expData)
-	require.NoError(t, err)
-
-	t.Run("CIDReader()", func(t *testing.T) {
-		t.Parallel()
-
-		r, w := io.Pipe() //nolint:varnamelen
-		cidReader := envelope.NewCIDReader(r)
-
-		go func() {
-			_, err := w.Write(expData)
-			assert.NoError(t, err)
-			assert.NoError(t, w.Close())
-		}()
-
-		actData, err := io.ReadAll(cidReader)
-		require.NoError(t, err)
-		assert.Equal(t, expData, actData)
-
-		actCID, err := cidReader.CID()
-		require.NoError(t, err)
-		assert.Equal(t, expCID, actCID)
-	})
-
-	t.Run("CIDWriter", func(t *testing.T) {
-		t.Parallel()
-
-		r, w := io.Pipe() //nolint:varnamelen
-		cidWriter := envelope.NewCIDWriter(w)
-
-		go func() {
-			_, err := cidWriter.Write(expData)
-			assert.NoError(t, err)
-			assert.NoError(t, w.Close())
-		}()
-
-		actData, err := io.ReadAll(r)
-		require.NoError(t, err)
-		assert.Equal(t, expData, actData)
-
-		actCID, err := cidWriter.CID()
-		require.NoError(t, err)
-		assert.Equal(t, expCID, actCID)
-	})
-}
--- a/tokens/internal/envelope/example_test.go
+++ b/tokens/internal/envelope/example_test.go
@@ -1,137 +0,0 @@
-package envelope_test
-
-import (
-	_ "embed"
-	"encoding/base64"
-	"fmt"
-	"sync"
-	"testing"
-
-	"github.com/ipld/go-ipld-prime"
-	"github.com/ipld/go-ipld-prime/codec/dagcbor"
-	"github.com/ipld/go-ipld-prime/datamodel"
-	"github.com/ipld/go-ipld-prime/fluent/qp"
-	"github.com/ipld/go-ipld-prime/node/basicnode"
-	"github.com/ipld/go-ipld-prime/node/bindnode"
-	"github.com/ipld/go-ipld-prime/schema"
-	"github.com/libp2p/go-libp2p/core/crypto"
-	"github.com/stretchr/testify/require"
-	"github.com/ucan-wg/go-ucan/tokens/internal/envelope"
-	"gotest.tools/v3/golden"
-)
-
-const (
-	exampleCID             = "zdpuAyw6R5HvKSPzztuzXNYFx3ZGoMHMuAsXL6u3xLGQriRXQ"
-	exampleDID             = "did:key:z6MkpuK2Amsu1RqcLGgmHHQHhvmeXCCBVsM4XFSg2cCyg4Nh"
-	exampleGreeting        = "world"
-	examplePrivKeyCfg      = "CAESQP9v2uqECTuIi45dyg3znQvsryvf2IXmOF/6aws6aCehm0FVrj0zHR5RZSDxWNjcpcJqsGym3sjCungX9Zt5oA4="
-	exampleSignatureStr    = "PZV6A2aI7n+MlyADqcqmWhkuyNrgUCDz+qSLSnI9bpasOwOhKUTx95m5Nu5CO/INa1LqzHGioD9+PVf6qdtTBg"
-	exampleTag             = "ucan/example@v1.0.0-rc.1"
-	exampleTypeName        = "Example"
-	exampleVarsigHeaderStr = "NO0BcQ"
-
-	invalidSignatureStr = "PZV6A2aI7n+MlyADqcqmWhkuyNrgUCDz+qSLSnI9bpasOwOhKUTx95m5Nu5CO/INa1LqzHGioD9+PVf6qdtTBK"
-
-	exampleDAGCBORFilename = "example.dagcbor"
-	exampleDAGJSONFilename = "example.dagjson"
-)
-
-//go:embed testdata/example.ipldsch
-var schemaBytes []byte
-
-var (
-	once sync.Once
-	ts   *schema.TypeSystem
-	err  error
-)
-
-func mustLoadSchema() *schema.TypeSystem {
-	once.Do(func() {
-		ts, err = ipld.LoadSchemaBytes(schemaBytes)
-	})
-
-	if err != nil {
-		panic(fmt.Errorf("failed to load IPLD schema: %s", err))
-	}
-
-	return ts
-}
-
-func exampleType() schema.Type {
-	return mustLoadSchema().TypeByName(exampleTypeName)
-}
-
-var _ envelope.Tokener = (*Example)(nil)
-
-type Example struct {
-	Hello  string
-	Issuer string
-}
-
-func newExample(t *testing.T) *Example {
-	t.Helper()
-
-	return &Example{
-		Hello:  exampleGreeting,
-		Issuer: exampleDID,
-	}
-}
-
-func (e *Example) Prototype() schema.TypedPrototype {
-	return bindnode.Prototype(e, exampleType())
-}
-
-func (*Example) Tag() string {
-	return exampleTag
-}
-
-func exampleGoldenNode(t *testing.T) datamodel.Node {
-	t.Helper()
-
-	cbor := golden.Get(t, exampleDAGCBORFilename)
-
-	node, err := ipld.Decode(cbor, dagcbor.Decode)
-	require.NoError(t, err)
-
-	return node
-}
-
-func examplePrivKey(t *testing.T) crypto.PrivKey {
-	t.Helper()
-
-	privKeyEnc, err := crypto.ConfigDecodeKey(examplePrivKeyCfg)
-	require.NoError(t, err)
-
-	privKey, err := crypto.UnmarshalPrivateKey(privKeyEnc)
-	require.NoError(t, err)
-
-	return privKey
-}
-
-func exampleSignature(t *testing.T) []byte {
-	t.Helper()
-
-	sig, err := base64.RawStdEncoding.DecodeString(exampleSignatureStr)
-	require.NoError(t, err)
-
-	return sig
-}
-
-func invalidNodeFromGolden(t *testing.T) datamodel.Node {
-	t.Helper()
-
-	invalidSig, err := base64.RawStdEncoding.DecodeString(invalidSignatureStr)
-	require.NoError(t, err)
-
-	envelNode := exampleGoldenNode(t)
-	sigPayloadNode, err := envelNode.LookupByIndex(1)
-	require.NoError(t, err)
-
-	node, err := qp.BuildList(basicnode.Prototype.Any, 2, func(la datamodel.ListAssembler) {
-		qp.ListEntry(la, qp.Bytes(invalidSig))
-		qp.ListEntry(la, qp.Node(sigPayloadNode))
-	})
-	require.NoError(t, err)
-
-	return node
-}
--- a/tokens/internal/envelope/ipld.go
+++ b/tokens/internal/envelope/ipld.go
@@ -1,314 +0,0 @@
-// Package envelope provides functions that convert between wire-format
-// encoding of a [UCAN] token's [Envelope] and the Go type representing
-// a verified [TokenPayload].
-//
-// Encoding functions in this package require a private key as a
-// parameter so the VarsigHeader can be set and so that a
-// cryptographic signature can be generated.
-//
-// Decoding functions in this package likewise perform the signature
-// verification using a public key extracted from the TokenPayload as
-// described by requirement two below.
-//
-// Types that wish to be marshaled and unmarshaled from the using
-// is package have two requirements.
-//
-//  1. The type must implement the Tokener interface.
-//
-//  2. The IPLD Representation of the type must include an "iss"
-//     field when the TokenPayload is extracted from the Envelope.
-//     This field must contain the string representation of a
-//     "did:key" so that a public key can be extracted from the
-//
-// [Envelope]:https://github.com/ucan-wg/spec#envelope
-// [TokenPayload]: https://github.com/ucan-wg/spec#envelope
-// [UCAN]: https://ucan.xyz
-package envelope
-
-import (
-	"errors"
-	"io"
-
-	"github.com/ipld/go-ipld-prime"
-	"github.com/ipld/go-ipld-prime/codec"
-	"github.com/ipld/go-ipld-prime/codec/dagcbor"
-	"github.com/ipld/go-ipld-prime/codec/dagjson"
-	"github.com/ipld/go-ipld-prime/datamodel"
-	"github.com/ipld/go-ipld-prime/fluent/qp"
-	"github.com/ipld/go-ipld-prime/node/basicnode"
-	"github.com/ipld/go-ipld-prime/node/bindnode"
-	"github.com/ipld/go-ipld-prime/schema"
-	"github.com/libp2p/go-libp2p/core/crypto"
-
-	"github.com/ucan-wg/go-ucan/did"
-	"github.com/ucan-wg/go-ucan/tokens/internal/varsig"
-)
-
-const varsigHeaderKey = "h"
-
-// Tokener must be implemented by types that wish to be enclosed in a
-// UCAN Envelope (presumbably one of the UCAN token types).
-type Tokener interface {
-	// Prototype provides the schema representation for an IPLD type so
-	// that the incoming datamodel.Kinds can be mapped to the appropriate
-	// schema.Kinds.
-	Prototype() schema.TypedPrototype
-
-	// Tag returns the expected key denoting the name of the IPLD node
-	// that should be processed as the token payload while decoding
-	// incoming bytes.
-	Tag() string
-}
-
-// Decode unmarshals the input data using the format specified by the
-// provided codec.Decoder into a Tokener.
-//
-// An error is returned if the conversion fails, or if the resulting
-// Tokener is invalid.
-func Decode[T Tokener](b []byte, decFn codec.Decoder) (T, error) {
-	node, err := ipld.Decode(b, decFn)
-	if err != nil {
-		return *new(T), err
-	}
-
-	return FromIPLD[T](node)
-}
-
-// DecodeReader is the same as Decode, but accept an io.Reader.
-func DecodeReader[T Tokener](r io.Reader, decFn codec.Decoder) (T, error) {
-	node, err := ipld.DecodeStreaming(r, decFn)
-	if err != nil {
-		return *new(T), err
-	}
-
-	return FromIPLD[T](node)
-}
-
-// FromDagCbor unmarshals the input data into a Tokener.
-//
-// An error is returned if the conversion fails, or if the resulting
-// Tokener is invalid.
-func FromDagCbor[T Tokener](b []byte) (T, error) {
-	undef := *new(T)
-
-	node, err := ipld.Decode(b, dagcbor.Decode)
-	if err != nil {
-		return undef, err
-	}
-
-	tkn, err := fromIPLD[T](node)
-	if err != nil {
-		return undef, err
-	}
-
-	return tkn, nil
-}
-
-// FromDagCborReader is the same as FromDagCbor, but accept an io.Reader.
-func FromDagCborReader[T Tokener](r io.Reader) (T, error) {
-	return DecodeReader[T](r, dagcbor.Decode)
-}
-
-// FromDagJson unmarshals the input data into a Tokener.
-//
-// An error is returned if the conversion fails, or if the resulting
-// Tokener is invalid.
-func FromDagJson[T Tokener](b []byte) (T, error) {
-	return Decode[T](b, dagjson.Decode)
-}
-
-// FromDagJsonReader is the same as FromDagJson, but accept an io.Reader.
-func FromDagJsonReader[T Tokener](r io.Reader) (T, error) {
-	return DecodeReader[T](r, dagjson.Decode)
-}
-
-// FromIPLD unwraps a Tokener from the provided IPLD datamodel.Node.
-//
-// An error is returned if the conversion fails, or if the resulting
-// Tokener is invalid.
-func FromIPLD[T Tokener](node datamodel.Node) (T, error) {
-	undef := *new(T)
-
-	tkn, err := fromIPLD[T](node)
-	if err != nil {
-		return undef, err
-	}
-
-	return tkn, nil
-}
-
-func fromIPLD[T Tokener](node datamodel.Node) (T, error) {
-	undef := *new(T)
-
-	signatureNode, err := node.LookupByIndex(0)
-	if err != nil {
-		return undef, err
-	}
-
-	signature, err := signatureNode.AsBytes()
-	if err != nil {
-		return undef, err
-	}
-
-	sigPayloadNode, err := node.LookupByIndex(1)
-	if err != nil {
-		return undef, err
-	}
-
-	varsigHeaderNode, err := sigPayloadNode.LookupByString(varsigHeaderKey)
-	if err != nil {
-		return undef, err
-	}
-
-	tokenPayloadNode, err := sigPayloadNode.LookupByString(undef.Tag())
-	if err != nil {
-		return undef, err
-	}
-
-	// This needs to be done before converting this node to its schema
-	// representation (afterwards, the field might be renamed os it's safer
-	// to use the wire name).
-	issuerNode, err := tokenPayloadNode.LookupByString("iss")
-	if err != nil {
-		return undef, err
-	}
-
-	// Replaces the datamodel.Node in tokenPayloadNode with a
-	// schema.TypedNode so that we can cast it to a *token.Token after
-	// unwrapping it.
-	nb := undef.Prototype().Representation().NewBuilder()
-
-	err = nb.AssignNode(tokenPayloadNode)
-	if err != nil {
-		return undef, err
-	}
-
-	tokenPayloadNode = nb.Build()
-
-	tokenPayload := bindnode.Unwrap(tokenPayloadNode)
-	if tokenPayload == nil {
-		return undef, errors.New("failed to Unwrap the TokenPayload")
-	}
-
-	tkn, ok := tokenPayload.(T)
-	if !ok {
-		return undef, errors.New("failed to assert the TokenPayload type as *token.Token")
-	}
-
-	// Check that the issuer's DID contains a public key with a type that
-	// matches the VarsigHeader and then verify the SigPayload.
-	issuer, err := issuerNode.AsString()
-	if err != nil {
-		return undef, err
-	}
-
-	issuerDID, err := did.Parse(issuer)
-	if err != nil {
-		return undef, err
-	}
-
-	issuerPubKey, err := issuerDID.PubKey()
-	if err != nil {
-		return undef, err
-	}
-
-	issuerVarsigHeader, err := varsig.Encode(issuerPubKey.Type())
-	if err != nil {
-		return undef, err
-	}
-
-	varsigHeader, err := varsigHeaderNode.AsBytes()
-	if err != nil {
-		return undef, err
-	}
-
-	if string(varsigHeader) != string(issuerVarsigHeader) {
-		return undef, errors.New("the VarsigHeader key type doesn't match the issuer's key type")
-	}
-
-	data, err := ipld.Encode(sigPayloadNode, dagcbor.Encode)
-	if err != nil {
-		return undef, err
-	}
-
-	ok, err = issuerPubKey.Verify(data, signature)
-	if err != nil || !ok {
-		return undef, errors.New("failed to verify the token's signature")
-	}
-
-	return tkn, nil
-}
-
-// Encode marshals a Tokener to the format specified by the provided
-// codec.Encoder.
-func Encode(privKey crypto.PrivKey, token Tokener, encFn codec.Encoder) ([]byte, error) {
-	node, err := ToIPLD(privKey, token)
-	if err != nil {
-		return nil, err
-	}
-
-	return ipld.Encode(node, encFn)
-}
-
-// EncodeWriter is the same as Encode but outputs to an io.Writer instead
-// of encoding into a []byte.
-func EncodeWriter(w io.Writer, privKey crypto.PrivKey, token Tokener, encFn codec.Encoder) error {
-	node, err := ToIPLD(privKey, token)
-	if err != nil {
-		return err
-	}
-
-	return ipld.EncodeStreaming(w, node, encFn)
-}
-
-// ToDagCbor marshals the Tokener to the DAG-CBOR format.
-func ToDagCbor(privKey crypto.PrivKey, token Tokener) ([]byte, error) {
-	return Encode(privKey, token, dagcbor.Encode)
-}
-
-// ToDagCborWriter is the same as ToDagCbor but outputs to an io.Writer
-// instead of encoding into a []byte.
-func ToDagCborWriter(w io.Writer, privKey crypto.PrivKey, token Tokener) error {
-	return EncodeWriter(w, privKey, token, dagcbor.Encode)
-}
-
-// ToDagJson marshals the Tokener to the DAG-JSON format.
-func ToDagJson(privKey crypto.PrivKey, token Tokener) ([]byte, error) {
-	return Encode(privKey, token, dagjson.Encode)
-}
-
-// ToDagJsonWriter is the same as ToDagJson but outputs to an io.Writer
-// instead of encoding into a []byte.
-func ToDagJsonWriter(w io.Writer, privKey crypto.PrivKey, token Tokener) error {
-	return EncodeWriter(w, privKey, token, dagjson.Encode)
-}
-
-// ToIPLD wraps the Tokener in an IPLD datamodel.Node.
-func ToIPLD(privKey crypto.PrivKey, token Tokener) (datamodel.Node, error) {
-	tokenPayloadNode := bindnode.Wrap(token, token.Prototype().Type()).Representation()
-
-	varsigHeader, err := varsig.Encode(privKey.Type())
-	if err != nil {
-		return nil, err
-	}
-
-	sigPayloadNode, err := qp.BuildMap(basicnode.Prototype.Any, 2, func(ma datamodel.MapAssembler) {
-		qp.MapEntry(ma, varsigHeaderKey, qp.Bytes(varsigHeader))
-		qp.MapEntry(ma, token.Tag(), qp.Node(tokenPayloadNode))
-	})
-
-	data, err := ipld.Encode(sigPayloadNode, dagcbor.Encode)
-	if err != nil {
-		return nil, err
-	}
-
-	signature, err := privKey.Sign(data)
-	if err != nil {
-		return nil, err
-	}
-
-	return qp.BuildList(basicnode.Prototype.Any, 2, func(la datamodel.ListAssembler) {
-		qp.ListEntry(la, qp.Bytes(signature))
-		qp.ListEntry(la, qp.Node(sigPayloadNode))
-	})
-}
--- a/tokens/internal/envelope/ipld_test.go
+++ b/tokens/internal/envelope/ipld_test.go
@@ -1,151 +0,0 @@
-package envelope_test
-
-import (
-	"bytes"
-	"crypto/sha256"
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-	"github.com/ucan-wg/go-ucan/tokens/internal/envelope"
-	"gotest.tools/v3/golden"
-)
-
-func TestDecode(t *testing.T) {
-	t.Parallel()
-
-	t.Run("via FromDagCbor", func(t *testing.T) {
-		t.Parallel()
-
-		data := golden.Get(t, "example.dagcbor")
-
-		tkn, err := envelope.FromDagCbor[*Example](data)
-		require.NoError(t, err)
-		assert.Equal(t, exampleGreeting, tkn.Hello)
-		assert.Equal(t, exampleDID, tkn.Issuer)
-	})
-
-	t.Run("via FromDagJson", func(t *testing.T) {
-		t.Parallel()
-
-		data := golden.Get(t, "example.dagjson")
-
-		tkn, err := envelope.FromDagJson[*Example](data)
-		require.NoError(t, err)
-		assert.Equal(t, exampleGreeting, tkn.Hello)
-		assert.Equal(t, exampleDID, tkn.Issuer)
-	})
-}
-
-func TestEncode(t *testing.T) {
-	t.Parallel()
-
-	t.Run("via ToDagCbor", func(t *testing.T) {
-		t.Parallel()
-
-		data, err := envelope.ToDagCbor(examplePrivKey(t), newExample(t))
-		require.NoError(t, err)
-		golden.AssertBytes(t, data, exampleDAGCBORFilename)
-	})
-
-	t.Run("via ToDagJson", func(t *testing.T) {
-		t.Parallel()
-
-		data, err := envelope.ToDagJson(examplePrivKey(t), newExample(t))
-		require.NoError(t, err)
-		golden.Assert(t, string(data), exampleDAGJSONFilename)
-	})
-}
-
-func TestRoundtrip(t *testing.T) {
-	t.Parallel()
-
-	t.Run("via FromDagCbor/ToDagCbor", func(t *testing.T) {
-		t.Parallel()
-
-		dataIn := golden.Get(t, exampleDAGCBORFilename)
-
-		tkn, err := envelope.FromDagCbor[*Example](dataIn)
-		require.NoError(t, err)
-		assert.Equal(t, exampleGreeting, tkn.Hello)
-		assert.Equal(t, exampleDID, tkn.Issuer)
-
-		dataOut, err := envelope.ToDagCbor(examplePrivKey(t), newExample(t))
-		require.NoError(t, err)
-		assert.Equal(t, dataIn, dataOut)
-	})
-
-	t.Run("via FromDagCborReader/ToDagCborWriter", func(t *testing.T) {
-		t.Parallel()
-
-		data := golden.Get(t, exampleDAGCBORFilename)
-
-		tkn, err := envelope.FromDagCborReader[*Example](bytes.NewReader(data))
-		require.NoError(t, err)
-		assert.Equal(t, exampleGreeting, tkn.Hello)
-		assert.Equal(t, exampleDID, tkn.Issuer)
-
-		w := &bytes.Buffer{}
-		require.NoError(t, envelope.ToDagCborWriter(w, examplePrivKey(t), newExample(t)))
-		assert.Equal(t, data, w.Bytes())
-	})
-
-	t.Run("via FromDagJson/ToDagJson", func(t *testing.T) {
-		t.Parallel()
-
-		dataIn := golden.Get(t, exampleDAGJSONFilename)
-
-		tkn, err := envelope.FromDagJson[*Example](dataIn)
-		require.NoError(t, err)
-		assert.Equal(t, exampleGreeting, tkn.Hello)
-		assert.Equal(t, exampleDID, tkn.Issuer)
-
-		dataOut, err := envelope.ToDagJson(examplePrivKey(t), newExample(t))
-		require.NoError(t, err)
-		assert.Equal(t, dataIn, dataOut)
-	})
-
-	t.Run("via FromDagJsonReader/ToDagJsonrWriter", func(t *testing.T) {
-		t.Parallel()
-
-		data := golden.Get(t, exampleDAGJSONFilename)
-
-		tkn, err := envelope.FromDagJsonReader[*Example](bytes.NewReader(data))
-		require.NoError(t, err)
-		assert.Equal(t, exampleGreeting, tkn.Hello)
-		assert.Equal(t, exampleDID, tkn.Issuer)
-
-		w := &bytes.Buffer{}
-		require.NoError(t, envelope.ToDagJsonWriter(w, examplePrivKey(t), newExample(t)))
-		assert.Equal(t, data, w.Bytes())
-	})
-}
-
-func TestFromIPLD_with_invalid_signature(t *testing.T) {
-	t.Parallel()
-
-	node := invalidNodeFromGolden(t)
-	tkn, err := envelope.FromIPLD[*Example](node)
-	assert.Nil(t, tkn)
-	require.EqualError(t, err, "failed to verify the token's signature")
-}
-
-func TestHash(t *testing.T) {
-	t.Parallel()
-
-	msg := []byte("this is a test")
-
-	hash1 := sha256.Sum256(msg)
-
-	hasher := sha256.New()
-
-	for _, b := range msg {
-		hasher.Write([]byte{b})
-	}
-
-	hash2 := hasher.Sum(nil)
-	hash3 := hasher.Sum(nil)
-
-	require.Equal(t, hash1[:], hash2)
-	require.Equal(t, hash1[:], hash3)
-}
--- a/tokens/internal/envelope/testdata/example.dagcbor
+++ b/tokens/internal/envelope/testdata/example.dagcbor
@@ -1 +0,0 @@
-‚X@|úŸÀ½â–ðõ+ÁŠ!µ.®ÿhéÍúGO-ü¬”jÉsyÖsY¨quëiþ“ä°¬Íuý#ò¼’ç˜c¢ahD4íqxucan/example@v1.0.0-rc.1¢cissx8did:key:z6MkpuK2Amsu1RqcLGgmHHQHhvmeXCCBVsM4XFSg2cCyg4Nhehelloeworld
--- a/tokens/internal/envelope/testdata/example.dagjson
+++ b/tokens/internal/envelope/testdata/example.dagjson
@@ -1 +0,0 @@
-[{"/":{"bytes":"fPqfwL3iFpbw9SvBiq0DIbUurv9o6c36R08tC/yslGrJcwV51ghzWahxdetpEf6T5LCszXX9I/K8khvnmAxjAg"}},{"h":{"/":{"bytes":"NO0BcQ"}},"ucan/example@v1.0.0-rc.1":{"hello":"world","iss":"did:key:z6MkpuK2Amsu1RqcLGgmHHQHhvmeXCCBVsM4XFSg2cCyg4Nh"}}]
--- a/tokens/internal/envelope/testdata/example.ipldsch
+++ b/tokens/internal/envelope/testdata/example.ipldsch
@@ -1,6 +0,0 @@
-type DID string
-
-type Example struct {
-  hello String
-  issuer DID (rename "iss")
-}
				`@@ -1 +0,0 @@`
				[{"/":{"bytes":"FM6otj0r/noJWiGAC5WV86xAazxrF173IihuHJgEt35CtSzjeaelrR3UwaSr8xbE9sLpo5xJhUbo0QLI273hDA"}},{"h":{"/":{"bytes":"NO0BcQ"}},"ucan/dlg@1.0.0-rc.1":{"aud":"did:key:z6Mkq5YmbJcTrPExNDi26imrTCpKhepjBFBSHqrBDN2ArPkv","cmd":"/foo/bar","exp":7258118400,"iss":"did:key:z6Mkpzn2n3ZGT2VaqMGSQC3tzmzV4TS9S71iFsDXE1WnoNH2","meta":{"bar":"barr","foo":"fooo"},"nonce":{"/":{"bytes":"NnJvRGhHaTBraU5yaVFBejdKM2QrYk9lb0kvdGo4RU5pa21RTmJ0am5EMA"}},"pol":[["==",".status","draft"],["all",".reviewer",["like",".email","*@example.com"]],["any",".tags",["or",[["==",".","news"],["==",".","press"]]]]],"sub":"did:key:z6MktA1uBdCpq4uJBqE9jjMiLyxZBg9a6xgPPKJjMqss6Zc2"}}]
				`@@ -1 +0,0 @@`
				[{"/":{"bytes":"aYBq08tfm0zQZnPg/5tB9kM5mklRU9PPIkV7CK68jEgbd76JbCGuu75vfLyBu3WTqKzLSJ583pbwu668m/7MBQ"}},{"h":{"/":{"bytes":"NO0BcQ"}},"ucan/dlg@1.0.0-rc.1":{"aud":"did:key:z6Mkq5YmbJcTrPExNDi26imrTCpKhepjBFBSHqrBDN2ArPkv","cmd":"/foo/bar","exp":7258118400,"iss":"did:key:z6Mkpzn2n3ZGT2VaqMGSQC3tzmzV4TS9S71iFsDXE1WnoNH2","meta":{"bar":"barr","foo":"fooo"},"nonce":{"/":{"bytes":"NnJvRGhHaTBraU5yaVFBejdKM2QrYk9lb0kvdGo4RU5pa21RTmJ0am5EMA"}},"pol":[["==",".status","draft"],["all",".reviewer",["like",".email","*@example.com"]],["any",".tags",["or",[["==",".","news"],["==",".","press"]]]]],"sub":"did:key:z6Mkpzn2n3ZGT2VaqMGSQC3tzmzV4TS9S71iFsDXE1WnoNH2"}}]
				`@@ -1 +0,0 @@`
				`‚X@\|úŸÀ½â–ðõ+ÁŠ!µ.®ÿhéÍúGO-ü¬”jÉsyÖsY¨quëiþ“ä°¬Íuý#ò¼’ç˜c¢ahD4íqxucan/example@v1.0.0-rc.1¢cissx8did:key:z6MkpuK2Amsu1RqcLGgmHHQHhvmeXCCBVsM4XFSg2cCyg4Nhehelloeworld`
				`@@ -1 +0,0 @@`
				`[{"/":{"bytes":"fPqfwL3iFpbw9SvBiq0DIbUurv9o6c36R08tC/yslGrJcwV51ghzWahxdetpEf6T5LCszXX9I/K8khvnmAxjAg"}},{"h":{"/":{"bytes":"NO0BcQ"}},"ucan/example@v1.0.0-rc.1":{"hello":"world","iss":"did:key:z6MkpuK2Amsu1RqcLGgmHHQHhvmeXCCBVsM4XFSg2cCyg4Nh"}}]`