Skip to content
This repository was archived by the owner on Jun 29, 2026. It is now read-only.

glogos-org/glo-cli

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

2 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

glo

Modern digital signatures. Simpler than PGP, verifiable forever.

PyPI License

glo is a minimal CLI for digital signatures with built-in W3C DID interoperability. No keyrings, no keyservers, no complexityβ€”just modern Ed25519 signatures that work everywhere.

Why glo?

  • Zero-config: Sign and verify in seconds.
  • Modern Crypto: Ed25519 signatures & Argon2id key derivation.
  • DID Ready: Export did:glogos and did:key for W3C ecosystem interop.
  • Self-certifying: Attestation chains trace back to a public genesis.
  • Auditable: Signatures are human-readable JSON.

πŸš€ Installation (v0.1.0)

Requirements: Python 3.9+

pip install glo-cli

For development:

git clone https://github.com/glogos-org/glo-cli
cd glo-cli/implementations/python
pip install -e .

⚑ Quick Start (Demo Mode)

Try it out without a passphrase (great for testing or automated CI):

glo init --insecure      # Initialize identity (no passphrase)
glo sign release.tar.gz  # Sign
glo verify release.tar.gz # Verify

Secure Mode (production)

glo init --name "Release Key"  # Create with passphrase
glo sign mypackage-1.0.0.tar.gz
glo sign dist/*.whl            # Sign all wheels

Session Mode (batch signing)

glo unlock                     # Enter passphrase once
glo sign dist/mypackage-1.0.0-py3-none-any.whl
glo sign dist/mypackage-1.0.0.tar.gz
glo sign CHANGELOG.md
glo lock                       # End session (auto 5 min)

Security Modes

Mode Init Command Private Key Use Case
Insecure glo init --insecure Plaintext Demo, dev, HN post
Encrypted glo init Argon2id + AES-256-GCM Production

Commands

Command Description
glo init [--insecure] Create identity
glo sign <file> Sign file(s)
glo verify <file> Verify signature(s)
glo attest <msg> Create attestation
glo batch <dir> [-rm] Sign dir (recursive)
glo hash <input> Compute SHA-256
glo id Show identity
glo export Export public key
glo chain <file> Show attestation chain
glo unlock Unlock session (5 min)
glo lock Lock session
glo passwd Change passphrase
glo git attest Attest git commit
glo git verify Verify commit
glo git log Show git attestations
glo did W3C DID extension
glo info Protocol info
glo migrate Migrate to encrypted
glo backup Backup as 24-word phrase
glo restore Restore from phrase
glo rotate Rotate to new key

New v0.1.0 Options

Option Command Description
--genesis sign Reset refs to Genesis
--output-dir sign Save .glo to custom directory
--dry-run batch Preview without signing
--no-update sign Don't update auto-chain

DID Extension (W3C Interoperability)

Glogos zone IDs map directly to W3C Decentralized Identifiers:

$ glo did

πŸ†” Decentralized Identifiers

────────────────────────────────────────────────────────────────
  did:glogos  did:glogos:21b2da202fd889185e1cf182970689c25d2023f87...
  did:key     did:key:z6MkiTFpamHtX6ZkDUUu2GrcrwSHfhpViBW32j46TneTLW8B
────────────────────────────────────────────────────────────────

Export full DID Document:

$ glo did --document
{
  "@context": ["https://www.w3.org/ns/did/v1", ...],
  "id": "did:glogos:21b2da20...",
  "verificationMethod": [...],
  "authentication": [...],
  "assertionMethod": [...]
}

Note: DID is an optional extension. Glogos works independently without W3C infrastructure.

Examples

Research & DeSci

# Sign research paper and dataset
glo sign paper.pdf data.csv

# Sign with chain (paper β†’ data β†’ code)
glo sign paper.pdf data.csv analysis.py --chain

# Attest peer review
glo attest "Reviewed: methodology sound, results reproducible" \
    --ref <paper_attestation_id>

# Sign entire research directory
glo batch ./experiment-2025 --recursive --manifest

Software Releases

# Sign release artifacts
glo sign mypackage-1.0.0.tar.gz SHA256SUMS

# Verify with author's public key
glo verify release.tar.gz --key <hex_pubkey>

# JSON output for CI/CD
glo sign dist/*.whl --json | jq '.id'

Signature Format

.glo files are human-readable JSON:

{
  "id": "6a544a51bdf434f8...",
  "zone": "32dc6320849ece08...",
  "subject": "c0b1d92bea9c4317...",
  "canon": "c794a6fc786ffc39...",
  "time": 1766754658,
  "refs": ["03b426423c8a7f3f..."],
  "proof": "2cf8a29014ba7677..."
}

CI/CD

GitHub Actions

- name: Sign artifacts
  env:
    GLO_PASSPHRASE: ${{ secrets.GLO_PASSPHRASE }}
  run: |
    pip install glo-cli
    mkdir -p ~/.glogos
    echo '${{ secrets.GLO_ZONE }}' > ~/.glogos/zone.json
    echo '${{ secrets.GLO_SECRET }}' > ~/.glogos/secret.enc
    glo batch dist/ -rm

Environment Variables

Variable Description
GLO_PASSPHRASE Passphrase for encrypted mode
GLO_HOME Custom zone directory
NO_COLOR Disable colored output

Troubleshooting

Wrong passphrase

βœ— Wrong passphrase

Solution: If you forgot your passphrase, restore from your 24-word backup phrase:

glo restore

Rate limited after failed attempts

βœ— Rate limited. Try again in 60s

Why: Protection against brute-force attacks (exponential backoff after 5 failed attempts)

Solution: Wait for the timeout or restore from backup

Signature verification fails

βœ— Invalid: File modified

Causes:

  • File was modified after signing
  • Wrong signature file (.glo doesn't match)
  • Signature created by different zone

Solution: Re-sign the file or verify you have the correct signature

Zone already exists

⚠ Identity exists: ~/.glogos/zone.json

Solution: Use glo init -f to regenerate (⚠️ WARNING: This destroys your current zone!)

Missing dependencies (development)

ModuleNotFoundError: No module named 'nacl'

Solution:

pip install pynacl argon2-cffi cryptography mnemonic

Protocol

  • Crypto: Ed25519 + SHA-256
  • Identity: zone_id = SHA-256(public_key)
  • Trust: Self-certifying, DAG-based refs
  • Spec: GLOGOS.md
  • Genesis: GENESIS.md (Winter Solstice 2025)

Contributing

Contributions welcome! See glogos-org/glo-cli for issues and pull requests.

Running tests:

make test

Or manually:

cd implementations/python
pytest test_glo.py -v

License

Apache-2.0


"From nothing, truth emerges"

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors