feat(methods): add tenzro charge IETF I-D#253
Open
hilarl wants to merge 1 commit into
Open
Conversation
Registers draft-tenzro-charge-00 as the IETF Internet-Draft binding the Tenzro Ledger to the 'charge' intent in HTTP Payment Authentication (I-D.payment-intent-charge / I-D.httpauth-payment). Sibling to tempoxyz#252 (specs/methods/tenzro.md), which is the maintainer- facing method document. This file is the formal kramdown-rfc I-D for IANA registration of the 'tenzro' method against the 'charge' intent. Highlights specific to the I-D form: - Multi-VM facade dispatch (methodDetails.facade in {native, evm, svm, canton}) — single TNZO transfer settled through any of four facades via the Sei-V2 pointer model. - TDIP DID binding with KYC-tier and DelegationScope enforcement. - Mandatory hybrid Ed25519 + ML-DSA-65 (FIPS 204) signatures on every credential type (authorization, transaction, hash). - IANA Considerations registering 'tenzro' under the HTTP Payment Method Registry and binding 'charge' to it. - ABNF appendix and worked examples decode-and-validate against the reference implementation in tenzro/tenzro-network. Signed-off-by: Hilal Agil <hilal@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add
tenzropayment method (chargeintent)Summary
Adds
specs/methods/tenzro/draft-tenzro-charge-00.mdregisteringthe
tenzropayment method for HTTP Payment Authentication(I-D.httpauth-payment). The Tenzro Ledger is a multi-VM L1
(EVM + SVM + Canton/DAML over a single underlying balance via the
Sei-V2 pointer model) — the
tenzromethod exposes a unifiedpayment surface that lets a single TNZO transfer settle through any
of the four façades while keeping all signature, replay, and
delegation rules consistent.
Motivation
The existing
evmmethod already handles "any EVM-compatible chain"via
methodDetails.chainId, so a parallel chain-specific EVM-onlymethod for Tenzro would duplicate it. The
tenzromethod isjustified by three additions over
evm(or any other chain-specificmethod currently registered):
methodDetails.facade ∈ {native, evm, svm, canton}selects which VM façade processesthe same logical TNZO transfer. The EVM façade alone is
insufficient because Tenzro's recipients may hold keys in any of
the four ecosystems and the underlying balance is shared.
did:tenzro:DIDthat servers MUST resolve before settlement. This permits
per-credential KYC-tier and delegation-scope enforcement that has
no counterpart in
evm/solana/stellar. Tenzro Ledger isbuilt around long-lived agent identities (humans + AI agents),
so DID binding is a first-class concern.
carries an ML-DSA-65 (FIPS 204) signature alongside the
classical Ed25519 / secp256k1. This is a hard requirement, not
an option — Tenzro mandates PQ resilience pre-launch.
What's in the draft
flow diagram.
TDIP, DelegationScope, SpendingPolicy, Hybrid PQ Signature.
encodings), recipient identifiers (4 forms incl. DIDs),
methodDetails.facadediscriminator with full per-façadesemantics.
type="authorization"(RECOMMENDED,EIP-712),
type="transaction",type="hash". Hybrid PQ signaturefields are REQUIRED on all three.
binding, TDIP binding, DelegationScope, SpendingPolicy, and balance.
facadefield.TDIP rotation, cross-façade replay, server-paid fee risk, façade
privacy.
tenzromethod and bindschargeintent to it.pointer; Appendix C worked example.
Reference Implementation
A working Rust implementation lives at
https://github.com/tenzro/tenzro-network/tree/main/crates/tenzro-payments/src/mpp
and a TypeScript client at
https://github.com/tenzro/tenzro-network/tree/main/sdk/tenzro-ts-sdk.
Both implementations cover challenge issuance, credential
verification, hybrid PQ signing, TDIP binding, delegation enforcement,
and settlement on all four façades against a live testnet at
rpc.tenzro.network.Tests
crates/tenzro-payments)covering challenge / credential / receipt round-trips for all four
façades.
make checkandmake lintpass against this PR.reference implementation.
AI assistance disclosure
Per the project's AI disclosure norms: parts of this draft were
prepared with AI assistance from Claude Code. All technical decisions,
verification logic, and final wording were reviewed and authored by
the human author (Hilal Agil, hilal@tenzro.com). The reference
implementation was developed independently in
tenzro/tenzro-networkover preceding months.Checklist
draft-{network}-{intent}-{NN}.mdwith{network}=tenzro,{intent}=charge,{NN}=00.specs/methods/tenzro/.feat(methods): add tenzro charge method.or generic placeholders.