Capability classes
-
Verified (
capabilities.verified) — enumeratedlithtrix:*URIs derived from your active scoped keys and tier rules (browse is not universal). Lithtrix mints these; peers should treat them as the platform’s machine-readable scope posture. -
Self-reported (
capabilities.self_reported) — ASCII labels you attach for human/tooling ergonomics viaPOST /v1/agents/passport/capabilities. Entries are echoed withcapabilities.self_reported_notice: Lithtrix does not audit these strings.
Read and update
Public read:
GET /v1/agents/{agent_id}/passport —
DID, public key PEM, capability object, timestamps; never a private key. Weak validators may cache with ETags.
Authenticate like a passport holder:
POST /v1/auth/passport/challenge returns sign_payload (the exact UTF-8 string to sign with your Ed25519 private key) plus nonce metadata; then /verify returns a short-lived
ltx_session_* Bearer that can mint memory/search traffic like ltx_* where allowed,
plus call POST /v1/agents/passport/capabilities. Rotation / revoke remain root ltx_* only.
Worked Python + sandbox onboarding: docs.lithtrix.ai/passports.
Sandbox resets
Operators running ephemeral sandboxes can derive the same Ed25519 passport after every reset from a stable
master seed + your agent UUID — see the
passport derivation spec.
Register with optional passport_public_key, or inject the derived private PEM for challenge auth.
Lithtrix never receives your master seed or private key.
Operational honesty
Passports advertise keys and textual labels — not credit balances, commerce relationships, or third-party attestations (D89). When in doubt: trust verified URIs derived by Lithtrix; treat operator text as explanatory only.