Skip to content

Reference

This page is the quick-reference for Attestia’s 14 packages, the full documentation index, and the security and data scope declaration.

14 packages, 2,564 tests, 95%+ coverage. All green.

PackageTestsPurpose
@attestia/types72Shared domain types (zero deps)
@attestia/registrum341Constitutional governance — 11 invariants, dual-witness validation
@attestia/ledger154Append-only double-entry engine
@attestia/chain-observer278Multi-chain read-only observation (EVM + XRPL + Solana + L2s)
@attestia/vault75Personal vault — portfolios, budgets, intents
@attestia/treasury92Org treasury — payroll, distributions, funding gates
@attestia/reconciler813D cross-system matching + Registrum attestation
@attestia/witness278XRPL on-chain attestation, multi-sig governance, retry
@attestia/verify242Replay verification, compliance evidence, SLA enforcement
@attestia/event-store226Append-only event persistence, JSONL, hash chain, 34 event types
@attestia/proof75Merkle trees, inclusion proofs, attestation proof packaging
@attestia/sdk79Typed HTTP client SDK for external consumers
@attestia/node227Hono REST API — 34 endpoints, auth, multi-tenancy, public API, compliance
@attestia/demoInteractive CLI demo — walk through the full Attestia pipeline (private, no tests)

The packages form a directed acyclic graph:

  • Foundation: @attestia/types (zero deps, shared by all)
  • Domain layer: registrum, ledger, vault, treasury, event-store
  • Integration layer: chain-observer, reconciler, witness, verify, proof
  • API surface: node (REST API), sdk (typed HTTP client)

Attestia ships with extensive documentation in the repository root:

DocumentPurpose
HANDBOOK.mdExecutive overview and full package reference
ROADMAP.mdPhase-by-phase project roadmap
DESIGN.mdArchitecture decisions and rationale
ARCHITECTURE.mdPackage graph, data flows, security model
REFERENCE_ARCHITECTURE.md5-layer stack, deployment patterns, trust boundaries
INTEGRATION_GUIDE.mdAPI integration with curl examples + SDK usage
VERIFICATION_GUIDE.mdAuditor step-by-step replay guide
THREAT_MODEL.mdSTRIDE analysis per component
CONTROL_MATRIX.mdThreat-to-control-to-file-to-test mappings
SECURITY.mdResponsible disclosure policy
INSTITUTIONAL_READINESS.mdAdoption readiness checklist
PERFORMANCE_BASELINE.mdRecorded benchmarks

Attestia reads and writes financial ledger entries, attestation records, and cryptographic proofs. When the witness module is active, it connects to blockchain nodes (primarily XRPL) to submit and verify attestation records.

  • No telemetry
  • No user credential storage
  • No third-party analytics
  • Read/write access to local data directories for event store persistence
  • Network access for blockchain attestation only (XRPL witness module)
  • See the THREAT_MODEL.md in the repository for the full STRIDE analysis covering every component

Attestia passes all five ship gates:

GateStatus
A. Security BaselinePASS
B. Error HandlingPASS
C. Operator DocsPASS
D. Shipping HygienePASS
E. IdentityPASS

Attestia is released under the MIT License.