Sirraya Labs — Protocol Specifications
Welcome to the Sirraya Labs Protocol Specifications portal — the canonical home for open protocol work on decentralized identity, cryptographic networking, post-quantum security, and zero-trust agent execution.
Projects & Protocols
Section titled “Projects & Protocols”| Project | Type | Status |
|---|---|---|
| UDNA — Universal DID-Native Addressing | Protocol Spec | W3C Community Group |
| SCP — Sirraya Codon Protocol | Protocol Spec | Working Draft |
| DID-KR — Key Recovery Extension | Protocol Spec | Proposed W3C Work Item |
| Sirraya One | Platform | Live (one.sirraya.org) |
| PQC Suite | Implementation | CRYSTALS-Dilithium5 |
| ZKP Challenge-Response Auth | Implementation | Active |
| QKD Stack | Implementation | BB84 Decoy-State |
UDNA — Universal DID-Native Addressing
Section titled “UDNA — Universal DID-Native Addressing”UDNA establishes Decentralized Identifiers (DIDs) as first-class network primitives. Instead of addressing nodes by location (IP), endpoints are addressed by cryptographic identity [citation:1].
Key goals:
- DID → address resolution through distributed networks (DHTs, relays)
- Secure, privacy-preserving, self-sovereign communications
- Standards for protocol formats, handshake flows, and key lifecycle management
- NAT traversal and relay fallback mechanisms [citation:1]
UDNA integrates as a core primitive within the Sirraya Codon Protocol (SCP), providing a complete framework for identity-centric networking [citation:2].
Repository: github.com/w3c-cg/udna [citation:1]
Status: W3C Community Group incubation [citation:1]
SCP — Sirraya Codon Protocol
Section titled “SCP — Sirraya Codon Protocol”The Sirraya Codon Protocol is the core networking primitive enabling agent-to-agent communication with cryptographic trust. Codons serve as the fundamental unit of protocol interaction, combining intent, capability, and cryptographic proof into a single verifiable structure [citation:2].
- Agent-to-agent communication protocol
- Intent resolution and capability negotiation
- Secure workflow transport
- Zero-trust execution semantics
DID-KR — Key Recovery Extension
Section titled “DID-KR — Key Recovery Extension”DID-KR introduces a recovery verification relationship for DID Documents with multiple recovery mechanisms [citation:7]:
- Social guardian-based recovery using verifiable secret sharing and zero-knowledge proofs
- Deterministic seed-based recovery
- MPC-mediated recovery for enterprise deployments
The goal is standardized, interoperable key recovery that preserves self-sovereign principles [citation:7].
Repository: github.com/sirraya-labs/did-kr [citation:7]
Status: Proposed as W3C CCG work item [citation:7]
Sirraya One
Section titled “Sirraya One”Sirraya One is a live web platform for creating DIDs and issuing Verifiable Credentials, designed as a practical bridge between decentralized identity and legacy web systems [citation:10].
Features:
- Client-side key generation with passphrase-based encryption
- Support for
did:keyanddid:webmethods - JWT-VC issuance and verification pipeline
- RESTful APIs for integration
- Passphrase-based encrypted key derivation for recovery [citation:10]
Live at: one.sirraya.org [citation:10]
PQC Suite — Post-Quantum Cryptography
Section titled “PQC Suite — Post-Quantum Cryptography”Full implementation of CRYSTALS-Dilithium5 within the W3C VC/DID framework, demonstrating production-ready PQC for decentralized identity [citation:6].
Lifecycle support:
- DID Document creation with Dilithium5 public keys
- Credential issuance and signing with Dilithium5
- Verifiable presentation with holder-binding secured via PQC [citation:8]
Status: Implementation complete, NIST-standardized Dilithium [citation:6]
ZKP Challenge-Response Authentication
Section titled “ZKP Challenge-Response Authentication”Design and implementation of a challenge-response authentication mechanism using Zero-Knowledge Proof constructions for privacy-preserving verification [citation:3].
- Privacy-preserving authentication flows
- Verifiable claims without data disclosure
- Integration with existing auth infrastructure
QKD Stack — Quantum Key Distribution
Section titled “QKD Stack — Quantum Key Distribution”Full software implementation of QKD protocols including [citation:3]:
- Decoy-state BB84 protocol
- Entropy estimation
- Error correction
- Security reporting
Complemented by architectural work on post-quantum cryptography integration and hybrid trust models [citation:3].
Threat Model & Security Engineering
Section titled “Threat Model & Security Engineering”Cross-cutting security work across all Sirraya Labs protocols [citation:3]:
- Protocol and network layer threat modeling
- Replay attack analysis
- Key compromise considerations
- Registry trust assumptions
- Gossip and replication model security
- Cross-domain verification
Maturity Levels
Section titled “Maturity Levels”| Level | Description |
|---|---|
| Concept | Initial exploration and ideation |
| Experimental | Early testing and validation |
| Working | Active development and iteration |
| Stable | Broadly reviewed and tested |
| Recommended | Production-ready specification |
Quick Start
Section titled “Quick Start”- Read the UDNA Technical Specification [citation:2]
- Try Sirraya One for DID/VC issuance [citation:10]
- Review the DID-KR proposal [citation:7]
- Explore UDNA at W3C [citation:1]