Context
The examples README lists this as coming:
mock-plane/ — Minimal HTTP service receiving and verifying events (L1)
Symmetric counterpart to mock-vendor.
Goal
A self-contained example under examples/mock-plane/ that:
- Runs as a FastAPI HTTP service.
- Exposes a
POST /events endpoint accepting signed AGP events.
- Resolves the signing key (config-driven trust store for now; registry-driven once the resolver ships).
- Verifies signature, validates schema, stores the event in an append-only in-memory ledger.
- Exposes
GET /events for the operator to inspect what's been received.
Acceptance
make demo from examples/mock-plane/ boots the service.
- Pointing
mock-vendor at it produces verifiable events on the plane side.
agp-cts validate-plane --endpoint http://localhost:PORT (once that command lands — tracked in cts) returns "conformant L1".
- Smoke test in
tests/ posts a well-formed event (accepted) and a tampered event (rejected with a clear error).
- README states: L1 only, no policy delivery / no Flow C.
Scope
- Built on the Python SDK HTTP scaffold (related issue).
- In-memory storage only; persistence is out of scope.
- Replay-cache integration (once that ships — tracked in sdk-python) — wire the hook even if cache is a no-op stub for now.
🚀 Start here
What: a minimal HTTP service that receives AGP events and verifies their signatures (L1). The counterpart to mock-vendor (#2).
Files: examples/mock-plane/ — README.md, Makefile (demo target), the service.
How to build it:
from openagp.events import verify # pip install openagp
# on POST /agp/v0/events: verify(event, public_key_b64=...) ; 202 on success, 400 on bad signature
Acceptance criteria:
Context
The examples README lists this as coming:
Symmetric counterpart to
mock-vendor.Goal
A self-contained example under
examples/mock-plane/that:POST /eventsendpoint accepting signed AGP events.GET /eventsfor the operator to inspect what's been received.Acceptance
make demofromexamples/mock-plane/boots the service.mock-vendorat it produces verifiable events on the plane side.agp-cts validate-plane --endpoint http://localhost:PORT(once that command lands — tracked in cts) returns "conformant L1".tests/posts a well-formed event (accepted) and a tampered event (rejected with a clear error).Scope
🚀 Start here
What: a minimal HTTP service that receives AGP events and verifies their signatures (L1). The counterpart to
mock-vendor(#2).Files:
examples/mock-plane/—README.md,Makefile(demotarget), the service.How to build it:
Acceptance criteria:
make demoshows a good event accepted and a bad one rejected.