x/motr-enclave
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs(readme): update readme with enclave features and usage

Browse Source
This commit is contained in:
Prad Nu
2026-01-10 18:20:31 -05:00
parent 1c8b908884
commit aef9e96ba4
1 changed files with 83 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

97
README.md
View File

@@ -1,6 +1,15 @@
# Motr Enclave # Motr Enclave
Extism WASM plugin providing encrypted key storage for Nebula wallet. Built with Go 1.25+ for `wasip1`. Extism WASM plugin providing encrypted key storage for the Nebula wallet. Built with Go 1.25+ for `wasip1` target.
## Features
- **WebAuthn Integration** - Device-bound credentials with PRF key derivation
- **MPC Key Shares** - Secure threshold signature key storage
- **Multi-Chain Support** - BIP44 derivation for Sonr, Ethereum, Bitcoin
- **UCAN v1.0.0-rc.1** - Capability-based authorization with CID-indexed delegations
- **Encryption at Rest** - AES-256-GCM encrypted database serialization
- **SQLite Functions** - Custom functions for address derivation and signing
## Quick Start ## Quick Start
@@ -32,16 +41,24 @@ import { createEnclave } from '@sonr/motr-enclave';
const enclave = await createEnclave('/enclave.wasm'); const enclave = await createEnclave('/enclave.wasm');
const { did, database } = await enclave.generate(credential); // Generate new identity with MPC key share
const result = await enclave.generate(credentialBase64);
// Returns: { did, enclave_id, public_key, accounts, database }
// Load existing database
await enclave.load(database); await enclave.load(database);
// List accounts across all chains
const accounts = await enclave.exec('resource:accounts action:list'); const accounts = await enclave.exec('resource:accounts action:list');
// Sign data with an enclave
const signature = await enclave.exec('resource:enclaves action:sign subject:enclave_id:data_hex');
// Query DID document
const didDoc = await enclave.query(); const didDoc = await enclave.query();
``` ```
### CLI ### CLI Testing
```bash ```bash
make test-plugin make test-plugin
@@ -51,26 +68,70 @@ make test-plugin
| Function | Input | Output | | Function | Input | Output |
|----------|-------|--------| |----------|-------|--------|
| `generate` | WebAuthn credential (base64) | DID + database buffer | | `ping` | Message string | Echo response |
| `load` | Database buffer | Success status | | `generate` | WebAuthn credential (base64) | DID, enclave_id, public_key, accounts[], database |
| `exec` | Filter string + optional UCAN | Action result | | `load` | Database buffer | Success status, DID |
| `exec` | Filter string | Action result |
| `query` | DID (optional) | DID document | | `query` | DID (optional) | DID document |
## Database Schema ### Exec Resources & Actions
The database schema is defined in `db/schema.sql`. | Resource | Actions |
|----------|---------|
| `accounts` | list, get, sign |
| `enclaves` | list, get, sign, rotate, archive, delete |
| `credentials` | list, get |
| `sessions` | list, revoke |
| `grants` | list, revoke |
| `delegations` | list, list_received, list_command, get, revoke, verify, cleanup |
| `verification_methods` | list, get, delete |
| `services` | list, get, get_by_id |
![[.github/db-schema.png]] ### Filter Syntax
```
resource:<name> action:<action> [subject:<value>]
```
Examples:
```bash
# List all accounts
resource:accounts action:list
# Get specific account
resource:accounts action:get subject:sonr1abc...
# Sign with enclave
resource:enclaves action:sign subject:enc_123:48656c6c6f
# List delegations by command
resource:delegations action:list_command subject:/vault/read
```
## Architecture
The enclave uses SQLite as a computation engine with custom functions:
| Function | Purpose |
|----------|---------|
| `bip44_derive(pubkey, chain)` | Derive address from public key |
| `bip44_derive_from_enclave(id, chain)` | Derive address from stored enclave |
Supported chains: `sonr` (Cosmos 118), `ethereum` (60), `bitcoin` (0)
## Project Structure ## Project Structure
``` ```
motr-enclave/ motr-enclave/
├── main.go # Go plugin source ├── cmd/enclave/ # WASM plugin entry point
├── src/ # TypeScript SDK ├── internal/
├── dist/ # Built SDK │ ├── keybase/ # Database layer + SQLite functions
├── example/ # Browser test app │ ├── crypto/mpc/ # MPC key operations
├── db/ # SQLite schema │ ├── crypto/ucan/ # UCAN v1.0.0-rc.1 builders
│ └── migrations/ # Schema + queries
├── src/ # TypeScript SDK
├── dist/ # Built SDK
├── example/ # Browser demo
└── Makefile └── Makefile
``` ```
@@ -80,4 +141,12 @@ motr-enclave/
make test # Run Go tests make test # Run Go tests
make lint # Run linter make lint # Run linter
make clean # Remove build artifacts make clean # Remove build artifacts
make generate # Regenerate SQLC code
``` ```
## Documentation
- [AGENTS.md](./AGENTS.md) - Architecture and coding guidelines
- [TODO.md](./TODO.md) - Remaining implementation tasks
- [CHANGELOG.md](./CHANGELOG.md) - Version history
- [MIGRATION.md](./MIGRATION.md) - Original schema design