Skip to main content
The Python SDK provides the same capabilities as the TypeScript SDK for validating, signing, and verifying FACT credentials. It includes full support for HTTP Message Signatures (Web Bot Auth), trust chain verification, and advanced features like selective disclosure (SD-JWT).
Coming Soon: The Python SDK (beltic-sdk) is currently in development. The package name and API may change before release. For now, use the CLI or TypeScript SDK for production workflows.

Features

  • Validate DeveloperCredential and AgentCredential against v1 schemas
  • Sign credentials as JWS/JWT with ES256 or EdDSA
  • Verify signed credentials with the 7-step verification process
  • Trust Chain verification with policy enforcement
  • Status List 2021 revocation checking
  • HTTP Message Signatures (RFC 9421) for Web Bot Auth
  • Selective Disclosure (SD-JWT) for privacy-preserving credentials
  • Multi-Signature support for credentials requiring multiple signers
  • Audit Logging with pluggable handlers
  • Rich errors with paths, rule IDs, and suggestions

Installation

pip install beltic-sdk

Requirements

  • Python >= 3.10
  • cryptography >= 41.0
  • pyjwt[crypto] >= 2.8
  • jsonschema >= 4.20
  • pydantic >= 2.5
  • httpx >= 0.25

Quick Start

from beltic import (
    validate_developer_credential,
    sign_credential,
    verify_credential,
    generate_key_pair,
    ValidationError,
    SignOptions,
    VerifyOptions,
)

# Generate keys
private_key, public_key = generate_key_pair("EdDSA")

# Validate a credential
result = validate_developer_credential(credential_data)
if not result.ok:
    raise ValidationError(result.errors)

# Sign a credential
token = sign_credential(
    result.value,
    private_key,
    SignOptions(
        alg="EdDSA",
        issuer_did="did:web:beltic.com",
        subject_did="did:web:developer.example.com",
        key_id="did:web:beltic.com#key-1",
    ),
)

# Verify a credential
async def key_resolver(input):
    return public_key

verified = await verify_credential(
    token,
    VerifyOptions(key_resolver=key_resolver),
)

print("Verified:", verified.credential["legalName"])

Guides

Installation

Install and configure the Python SDK

Validation

Validate credentials against JSON schemas

Signing & Verification

Sign and verify credentials with JWS

Trust Chains

Verify agent-developer trust chains with policies

API Reference

Complete Python API documentation

Comparison with TypeScript SDK

The Python SDK maintains feature parity with the TypeScript SDK:
FeatureTypeScriptPython
ValidationvalidateDeveloperCredentialvalidate_developer_credential
SigningsignCredentialsign_credential
VerificationverifyCredentialverify_credential
Trust ChainverifyAgentTrustChainverify_agent_trust_chain
HTTP SigningsignHttpRequestsign_http_request
Key DirectorygenerateKeyDirectorygenerate_key_directory
Status ListdecodeStatusListdecode_status_list
SD-JWTcreateSdJwtcreate_sd_jwt
Multi-SigMultiSigCredentialMultiSigCredential
AuditAuditLoggerAuditLogger
Both SDKs use the same JSON schemas and produce interoperable JWS tokens. A credential signed with the Python SDK can be verified with the TypeScript SDK and vice versa.

See Also