Port SDK to Python

[FransDevelopment]

Context

The registry SDK (sdk/typescript/) lets services verify agent attestations in a few lines of code:

import { OpenAgentTrustRegistry } from '@open-agent-trust/registry';
const registry = new OpenAgentTrustRegistry();
const result = await registry.verifyAttestation(jwt, { audience: 'https://your-api.com' });

Several Working Group members are building in Python (APS, AgentID, Agora all have Python implementations). A Python SDK would let them verify attestations natively.

What needs to happen

1. Port sdk/typescript/src/ to Python — the core is ~200 lines
2. Ed25519 signature verification (use PyNaCl or cryptography library)
3. Manifest fetching with signature validation
4. JWT attestation verification
5. Add tests mirroring sdk/typescript/test/

Getting started

• Read sdk/typescript/src/ to understand the API surface
• Read spec/03-verification.md for the verification protocol
• The manifest is at registry/manifest.json — it's a signed JSON file with issuer entries

Acceptance criteria

• pip install open-agent-trust works
• verify_attestation(jwt, audience) returns the same results as the TypeScript SDK
• Tests cover: valid attestation, expired attestation, unknown issuer, tampered manifest

[vessenes]

Python reference implementations from WG members

@FransDevelopment — strong +1 on this. Three of the four founding WG members have Python implementations that verify attestations against Ed25519 keys:

Project	Module	What it does
qntm	python-dist/src/qntm/crypto.py	Ed25519 sign/verify, X25519 derivation, HKDF
qntm	python-dist/src/qntm/did.py	DID resolution (did:web, did:key) → Ed25519 pubkey
AgentID	agentid/did.py	4-method resolver (did:agentid, did:aps, did:key, did:web), 82 tests
ArkForge	trust-layer	Ed25519 signing + DID binding, proof-spec format

The core verification flow maps cleanly to OATR:

from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PublicKey

def verify_attestation(jwt_bytes: bytes, registry_pubkey: bytes) -> bool:
    # 1. Parse JWT header + payload + signature
    # 2. Load Ed25519PublicKey from registry issuer entry
    # 3. pubkey.verify(signature, header_b64 + b"." + payload_b64)
    # 4. Check exp, aud, issuer against registry
    ...

Happy to help review the implementation or contribute test fixtures from the DID Resolution conformance suite format.

The existing Python ecosystem uses cryptography (PyCA) for Ed25519 — consistent across qntm, AgentID, and ArkForge. Recommend the same for the SDK to minimize dependency surface.

[msaleme]

We'd be interested in this — our Agent Security Harness already uses the OATR v1.2.0 fixtures (X4-021 through X4-030, merged via PR #101) for x402 identity verification testing.

A Python SDK would let us validate attestations directly in the harness test suite instead of just fixture-based testing. Happy to be an early tester or contribute test cases once a Python SDK is available.

We just expanded the x402 test suite to 41 tests with 16 new payment security scenarios, and published an Agent Payment Security Attack Taxonomy that references OATR verification throughout.