TalonHub

Secure Skill Registry for the Talon Ecosystem

TalonHub is the centralized registry service for discovering, publishing, and verifying AI skills used by Talon. It provides cryptographic attestation, content integrity verification, and graduated trust enforcement.

Overview

TalonHub serves as the trust anchor for the Talon ecosystem:

• Skill Discovery - Find skills by exact URI, namespace prefix, or full-text search
• Attestation Issuance - PASETO v4 tokens binding skill identity to capabilities
• Integrity Verification - OmniBOR gitoid hashes ensure content hasn't been tampered with
• Publisher Management - Ed25519 key-based publisher registration and authentication
• Trust Root Publication - Serve public keys via /.well-known/agent-keys.json

Architecture

┌─────────────────────────────────────────────────────────────────┐
│                         TalonHub Service                         │
├─────────────────────────────────────────────────────────────────┤
│  Routes                                                          │
│  ├── /api/v1/skills          - Skill CRUD & listing             │
│  ├── /api/v1/publishers      - Registration & authentication    │
│  ├── /api/v1/discover        - Search (exact, prefix, global)   │
│  ├── /api/v1/trust-roots     - Trust anchor keys                │
│  └── /.well-known/agent-keys.json - Standard key publication    │
├─────────────────────────────────────────────────────────────────┤
│  Handlers          │  Repositories       │  Models              │
│  ├── skill         │  ├── skill          │  ├── skill           │
│  ├── publisher     │  ├── publisher      │  ├── publisher       │
│  ├── discover      │  └── attestation    │  ├── attestation     │
│  └── trust_root    │                     │  └── trust_root      │
├─────────────────────────────────────────────────────────────────┤
│  Infrastructure                                                  │
│  ├── PostgreSQL (skills, publishers, attestations)              │
│  ├── Redis (attestation caching)                                │
│  └── acton-service (HTTP, auth, rate limiting)                  │
└─────────────────────────────────────────────────────────────────┘

API Endpoints

Skills

Endpoint	Method	Auth	Description
/api/v1/skills	GET	-	List skills (paginated)
/api/v1/skills	POST	Required	Register new skill
/api/v1/skills/{uri}	GET	-	Get skill details
/api/v1/skills/{uri}/attestation	GET	-	Fetch attestation token
/api/v1/skills/{uri}/download	GET	-	Download skill archive

Publishers

Endpoint	Method	Auth	Description
/api/v1/publishers/register	POST	-	Register with email + Ed25519 public key
/api/v1/publishers/me	GET	Required	Get authenticated publisher profile

Discovery

Endpoint	Method	Description
/api/v1/discover/exact?uri=	GET	Exact agent-uri lookup
/api/v1/discover/prefix?prefix=	GET	Namespace browsing
/api/v1/discover/global?q=	GET	Full-text search (English stemming)

Trust Roots

Endpoint	Method	Description
/api/v1/trust-roots	GET	List known trust roots
/api/v1/trust-roots/{domain}/keys	GET	Get domain's public keys
/.well-known/agent-keys.json	GET	Standard key publication

Database Schema

-- Publishers (skill authors)
CREATE TABLE publishers (
    id BIGSERIAL PRIMARY KEY,
    email TEXT NOT NULL UNIQUE,
    display_name TEXT NOT NULL,
    public_key BYTEA NOT NULL,  -- Ed25519
    created_at TIMESTAMPTZ DEFAULT NOW(),
    verified_at TIMESTAMPTZ
);

-- Skills
CREATE TABLE skills (
    id BIGSERIAL PRIMARY KEY,
    agent_uri TEXT NOT NULL UNIQUE,
    name TEXT NOT NULL,
    description TEXT NOT NULL,
    publisher_id BIGINT REFERENCES publishers(id),
    omnibor_id TEXT NOT NULL,      -- Content integrity hash
    allowed_tools TEXT[] NOT NULL,
    trust_tier INT NOT NULL,       -- 0-4
    created_at TIMESTAMPTZ DEFAULT NOW(),
    updated_at TIMESTAMPTZ DEFAULT NOW()
);

-- Attestations (PASETO tokens)
CREATE TABLE attestations (
    id BIGSERIAL PRIMARY KEY,
    skill_id BIGINT REFERENCES skills(id) ON DELETE CASCADE,
    token TEXT NOT NULL,
    capabilities TEXT[] NOT NULL,
    issued_at TIMESTAMPTZ NOT NULL,
    expires_at TIMESTAMPTZ NOT NULL,
    omnibor_id TEXT NOT NULL,
    version TEXT NOT NULL
);

-- Skill archives (binary storage)
CREATE TABLE skill_archives (
    omnibor_id TEXT PRIMARY KEY,
    archive BYTEA NOT NULL,
    created_at TIMESTAMPTZ DEFAULT NOW()
);

Configuration

# config.toml
[service]
port = 8080

[database]
url = "postgres://talonhub:talonhub@localhost:5432/talonhub"

[redis]
url = "redis://localhost:6379"

[talonhub]
trust_root_domain = "talonhub.io"
paseto_secret_path = "./keys/paseto-secret.key"
paseto_issuer = "talonhub.io"
paseto_audience = "talon-clients"
token_expiration_secs = 86400        # 24 hours
attestation_validity_days = 365

[middleware.governor]
# Rate limiting: 100 requests per 60 seconds, burst of 20
requests_per_second = 100
burst_size = 20

[middleware.resilience]
# Circuit breaker, retry (max 3), bulkhead (100 concurrent)

Quick Start

Prerequisites

• Rust 1.80+
• PostgreSQL 15+
• Redis 7+

Setup

# Clone the repository
git clone https://github.com/Govcraft/talon-hub.git
cd talon-hub

# Create database
createdb talonhub

# Run migrations
sqlx migrate run

# Generate PASETO secret key (32 bytes)
mkdir -p keys
openssl rand -out keys/paseto-secret.key 32

# Build and run
cargo build --release
./target/release/talon-hub

Docker Compose (Development)

docker-compose up -d postgres redis
cargo run

Security

Authentication

• PASETO v4.local tokens for stateless authentication
• Publishers authenticate with tokens issued at registration
• Optional auth middleware supports both authenticated and anonymous requests

Attestation Flow

1. Publisher registers with Ed25519 public key
2. Publisher uploads skill with metadata
3. TalonHub computes OmniBOR ID (gitoid hash)
4. TalonHub issues PASETO attestation token containing:
   • Subject: agent://talonhub.io/skill/name/skill_id
   • Capabilities: ["skill/tools/filesystem/read", ...]
   • OmniBOR ID: Content hash for integrity verification
   • Expiration: Configurable (default 1 year)

Trust Tiers

Tier	Risk Level	Capabilities
0	None	Pure computation, no tool access
1	Low	Read-only filesystem
2	Medium	Write filesystem
3	High	Scoped shell execution
4	Critical	Network access, system modification

Code Quality

• No unsafe code - #![forbid(unsafe_code)]
• No unwrap/expect - All errors handled explicitly
• Custom error types - No anyhow/thiserror
• Type-safe IDs - Newtype wrappers for SkillId, PublisherId, AttestationId
• Compile-time SQL - sqlx checked queries

Dependencies

Crate	Version	Purpose
acton-service	0.15	HTTP server, auth, rate limiting, caching
agent-uri	0.4	Agent URI parsing
agent-uri-attestation	0.2	PASETO attestation
omnibor	0.10	Content integrity (gitoid)
sqlx	0.9.0-alpha	PostgreSQL with compile-time checks
tokio	1.49	Async runtime
utoipa	5.4	OpenAPI documentation

Related Projects

• Talon - Secure multi-channel AI assistant (MIT)
• acton-ai - AI agent framework
• agent-uri - Cryptographic identity for AI agents

License

Proprietary - TalonHub is a closed-source commercial product.

The Talon client ecosystem (talon-core, talon-cli, talon-telegram, talon-discord) is open source under MIT license.