uncle6me-web
922a57fe34
Self-hosted 開源:WASM 零件 + recipe + cypher-executor,跑在你自己的 Cloudflare。 此為重建的乾淨歷史起點(移除曾誤 commit 的 GCP SA 金鑰,舊歷史保留在 richblack/arcrun 與本地 backup 分支)。含: - acr init --self-hosted installer(建 KV/R2 + codeload 拉預編譯 wasm + wrangler deploy + seed recipe) - recipe push 把關(資料外流提醒 + 打通檢查) - 19 個正當零件預編譯 wasm(claude_api/km_writer/kbdb_upsert_block 排除:違反 DECISIONS §1) - CLI / cypher-executor / registry / 完整 SDD Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
57 lines
1.4 KiB
YAML
57 lines
1.4 KiB
YAML
canonical_id: "platform_crypto"
|
||
display_name: "Platform Crypto Primitive"
|
||
category: "platform"
|
||
version: "v1"
|
||
wasi_target: "preview1"
|
||
stability: "stable"
|
||
runtime_compat:
|
||
- "cf-workers"
|
||
- "workerd"
|
||
- "wazero"
|
||
constraints:
|
||
max_size_kb: 2048
|
||
max_cold_start_ms: 50
|
||
no_network_syscall: true
|
||
no_filesystem_syscall: true
|
||
io_model: "stdin_stdout_json"
|
||
input_schema:
|
||
type: object
|
||
required: [action]
|
||
properties:
|
||
action:
|
||
type: string
|
||
enum: [generate_api_key, encrypt, random_token]
|
||
email:
|
||
type: string
|
||
description: generate_api_key 用
|
||
plaintext:
|
||
type: string
|
||
description: encrypt 用
|
||
bytes:
|
||
type: integer
|
||
description: random_token 用,預設 32
|
||
output_schema:
|
||
type: object
|
||
properties:
|
||
success:
|
||
type: boolean
|
||
api_key:
|
||
type: string
|
||
description: generate_api_key 結果,ak_ 前綴
|
||
encrypted:
|
||
type: string
|
||
description: encrypt 結果,base64
|
||
iv:
|
||
type: string
|
||
description: encrypt 結果,base64
|
||
token:
|
||
type: string
|
||
description: random_token 結果,hex
|
||
tags: [platform, crypto, internal]
|
||
description: |
|
||
平台內部 crypto primitive。
|
||
- generate_api_key: HMAC-SHA256(email, ENCRYPTION_KEY) → ak_xxx
|
||
- encrypt: AES-GCM(plaintext, ENCRYPTION_KEY) → {encrypted, iv}(base64)
|
||
- random_token: crypto random bytes → hex string
|
||
ENCRYPTION_KEY 由 host 持有,永不進入 WASM。
|