Language-agnostic contracts for every Archon service. Each spec is the single source of truth that the canonical TypeScript implementation under services/ and any future port (Rust, Go, Python, …) must agree on — a conforming implementation is intended to be a drop-in replacement that no other component in the stack notices.
Conventions. All wire formats are JSON over HTTP. Field names are camelCase. Timestamps are RFC 3339 / ISO 8601 in UTC unless otherwise noted. CIDs are CIDv1 base32. DIDs follow the
did:cid:<cid>form. “MUST”, “SHOULD”, “MAY” follow RFC 2119.
The four long-running services every Archon node depends on.
| Spec | Role |
|---|---|
| Gatekeeper | DID event store, resolution, IPFS passthrough. The validation authority. |
| Keymaster | Wallet service. Owns IDs, mnemonics, credentials, encryption, and the only HTTP source of signing material for the wallet mediators. |
| Drawbridge | Public-facing API gateway. Enforces the L402 paywall and subscription credentials, then proxies to Gatekeeper / Herald / Lightning. |
| Herald | Name service. Issues membership credentials and publishes a directory as JSON, IPNS, LUD-16, WebFinger, and OIDC. |
Mediators bridge the Gatekeeper to external networks. They consume
operations from a per-registry queue
(gatekeeper.getQueue(<registry>)), write them somewhere external, and
mirror discovered batches back via gatekeeper.importBatchByCids. The
mediator never holds private keys; every signing mediator delegates to
a companion wallet service that reads the mnemonic from Keymaster.
Each pair below is one canonical registry name (BTC:mainnet,
ETH:sepolia, SOL:mainnet, ZEC:mainnet, …).
| Mediator | Wallet | Anchor mechanism |
|---|---|---|
| Satoshi | satoshi-wallet | Bitcoin OP_RETURN (mainnet / signet / testnet4). |
| Ethereum | ethereum-wallet | ArchonRegistry smart-contract event logs. |
| Solana | solana-wallet | Solana memo program. |
| Zcash | zcash-wallet | Transparent Zcash OP_RETURN. |
| Mediator | Role |
|---|---|
| Hyperswarm | Live P2P relay of DID operations between Archon nodes. The default registry for new DIDs. |
pin queue)Both drain the shared pin queue and copy each operation’s CAR to a
durable backend. Run at most one per node; they do not coordinate.
| Mediator | Backend |
|---|---|
| Filecoin + filecoin-wallet | Synapse / Filecoin Pay. |
| Pinning | Any IPFS Pinning Service API endpoint (Filebase, Pinata, …). |
| Mediator | Role |
|---|---|
| Lightning | LNbits + CLN bridge for Drawbridge L402 invoices and DID-to-DID / LUD-16 zaps. |