gabriel / muse public
feat BREAKING task/muse-sign-and-show-rename #1 / 1
gabriel · 62 days ago · Apr 14, 2026 · Diff

feat: muse sign — canonical MSign CLI for the agent era

- New muse/core/msign.py: single source of truth for all Ed25519 signing across MuseHub, Stori, Maestro, and MPay. Exports canonical_message, build_msign_header, parse_msign_header, verify_msign_header, build_payment_claim (with MPAY domain separator for cross-protocol safety).

- New muse/cli/commands/sign.py: five subcommands: muse sign header — emit Authorization: MSign … header value muse sign verify — exit 0/1 based on Ed25519 + replay-window check muse sign request — sign and execute an authenticated HTTP round-trip muse sign curl — print a copy-pasteable signed curl command muse sign payment — sign an MPay micropayment claim (chain-linkable)

- transport.py, hub.py, domains.py, coord_bus.py: all callers updated to import build_msign_header from muse.core.msign — duplicate removed.

- muse hub issue read → show, muse hub proposal read → show: consistent with muse show (commits) and muse hub repo show. No backwards compat shim.

- Full test coverage: tests/test_core_msign.py (37 tests — unit, RFC 8032 determinism vectors, performance) and tests/test_cmd_sign.py (28 tests — all subcommands, domain separation, JSON schemas).

Closes #21.

sha256:da940da8e23fc08e7874fc6ebfa08790bfe0c36506e124e7a3f51a5d5064e75f sha
sha256:1b0fc5cd6b35d17782e7c53b38b91666da73defe7ee5703bd7ea5f06a7adea60 parent
sha256:544b8771fddc5f2785037492a638307ba0d1539665c7719121e1db26efb809a4 snapshot
← Older Oldest on task/muse-sign-and-show-rename
All commits
Newer → Latest on task/muse-sign-and-show-rename

0 comments

No comments yet. Be the first to start the discussion.

To add a comment, use the Muse CLI: muse hub commit comment sha256:da940da8e23fc08e7874fc6ebfa08790bfe0c36506e124e7a3f51a5d5064e75f --body "your comment"