Garner — Serve Identity Artifacts over Tor from Christopher Allen on 2026-02-17 (public-credentials@w3.org from February 2026)

From: Christopher Allen <ChristopherA@lifewithalacrity.com>
Date: Tue, 17 Feb 2026 08:13:19 -0800
To: Credentials Community Group <public-credentials@w3.org>
Message-ID: <CACrqygC+F+30EmfQQpRXrALRgn3U48p_jXPz9YTvz5puP74h2g@mail.gmail.com>

Blockchain Commons shipped Garner, a new Rust CLI tool for serving and
fetching identity documents over Tor onion services.

Three subcommands: `garner server` (run the onion service), `garner get`
(fetch docs from one), `garner generate keypair` (create Ed25519 keys).
Uses Tor Project’s new Arti library internally so no separate Tor install
needed, simply `cargo install garner-rust`. Output goes to stdout, pipes
into whatever you need.

It's a single-purpose endpoint in the finger/WebFinger tradition, not a
general web server, trading the complexity and attack surface of HTTP for a
minimal protocol focused exclusively on identity document retrieval over
Tor.

The .onion address derives from an Ed25519 key, making it self-certifying.
This gives you something you don't get from signed documents on a static
host: proof of live key control. A signature uploaded to a file server or
repository could have been created at any time, including after the key was
compromised. Because Garner runs as an active onion service, a response can
only come from someone operating the private key at the moment of the
request. That's a real defense against stale-signature and post-compromise
replay. These properties make Tor a natural transport for signed documents.

Operators can serve any signed document — W3C DID documents, VC Controller
documents, Verifiable Credentials, Gordian Envelopes, and other
decentralized identity artifacts.

Clients connect with just a public key.

When used with Gordian Envelopes, you also get minimal disclosure via
elision (selective redaction or encryption) without breaking signatures.
This allows different views of the same authenticated document by different
parties — the holder of the credential, not the issuer, controls which
identity attributes are revealed. Garner also supports XID edition chains
with Provenance Marks and autonomous Gordian Clubs.

v0.1.0, community review phase, not for production yet.

https://github.com/BlockchainCommons/garner-rust

— Christopher Allen

Received on Tuesday, 17 February 2026 16:13:36 UTC