mirror of
https://github.com/openai/codex.git
synced 2026-04-25 07:05:38 +00:00
48f82ca7c5
## Why Clients need a stable app-server protocol surface for enrolling a local device key, retrieving its public key, and producing a device-bound proof. The protocol reports `protectionClass` explicitly so clients can distinguish hardware-backed keys from an explicitly allowed OS-protected fallback. Signing uses a tagged `DeviceKeySignPayload` enum rather than arbitrary bytes so each signed statement is auditable at the API boundary. ## What changed - Added v2 JSON-RPC methods for `device/key/create`, `device/key/public`, and `device/key/sign`. - Added request/response types for device-key metadata, SPKI public keys, protection classes, and ECDSA signatures. - Added `DeviceKeyProtectionPolicy` with hardware-only default behavior and an explicit `allow_os_protected_nonextractable` option. - Added the initial `remoteControlClientConnection` signing payload variant. - Regenerated JSON Schema and TypeScript fixtures for app-server clients. ## Stack This is PR 1 of 4 in the device-key app-server stack. ## Validation - `just write-app-server-schema` - `cargo test -p codex-app-server-protocol`
33 lines
519 B
JSON
Generated
33 lines
519 B
JSON
Generated
{
|
|
"$schema": "http://json-schema.org/draft-07/schema#",
|
|
"properties": {
|
|
"arguments": true,
|
|
"callId": {
|
|
"type": "string"
|
|
},
|
|
"namespace": {
|
|
"type": [
|
|
"string",
|
|
"null"
|
|
]
|
|
},
|
|
"threadId": {
|
|
"type": "string"
|
|
},
|
|
"tool": {
|
|
"type": "string"
|
|
},
|
|
"turnId": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"required": [
|
|
"arguments",
|
|
"callId",
|
|
"threadId",
|
|
"tool",
|
|
"turnId"
|
|
],
|
|
"title": "DynamicToolCallParams",
|
|
"type": "object"
|
|
} |