Skip to content

feat(registry): chrysalis agent designer + catalog auto-install#285

Merged
toadkicker merged 5 commits intomainfrom
feat/b6e4-chrysalis-agent
Apr 14, 2026
Merged

feat(registry): chrysalis agent designer + catalog auto-install#285
toadkicker merged 5 commits intomainfrom
feat/b6e4-chrysalis-agent

Conversation

@toadkicker
Copy link
Copy Markdown
Contributor

@toadkicker toadkicker commented Apr 14, 2026

Summary

  • Wire orphaned `/agents/design` route: nav sidebar link + Agents page `+ Design Agent` CTA
  • Complete Sign & Register flow in `AgentDesignerPage` (`spawn_local` async: `sign_advertisement` → `register_agent_json`)
  • Add `install_catalog_agents()` server fn + `CatalogInstallCard` in Settings for one-click catalog seeding
  • DRY refactor: `DynamicAgentDef::to_signed_advertisement()` eliminates duplicated deterministic-key logic
  • First-boot TOML catalog seeding in `main.rs` via `PAP_CATALOG_PATH`
  • `Dockerfile.ci-chrysalis`: TOML catalog files in runtime image + `PAP_CATALOG_PATH=/app/catalog`

Test plan

  • `chrysalis-integration` E2E suite: 22/22 passing against Docker CI image (305 agents seeded at first boot)
  • CI: all jobs pass (check, test, test-registry, clippy, fmt, docker-workspace, chrysalis-e2e, chrysalis-e2e-tier2)

🤖 Generated with Claude Code

Todd Baur and others added 2 commits April 13, 2026 21:09
@claude
feat(registry): wire agent designer and add catalog auto-install
669a9dd 
- Add "Design Agent" nav link in Chrysalis sidebar under Registry section
- Add "Design Agent" CTA button on the Agents page header
- Complete Sign & Register flow in agent_designer.rs: replaces Phase 4
  stub with spawn_local calling sign_advertisement → register_agent_json;
  fixes signed_by field (was empty, causing verification to always fail)
- Add install_catalog_agents() server fn to api.rs: loads pap-agents
  catalog, generates deterministic Ed25519 keypair per agent (SHA-256 of
  name), signs and upserts all entries — fully idempotent reinstall
- Add CatalogInstallResult struct with installed/skipped/errors/path
- Add PAP Catalog Agents card to Settings page with install button and
  teal/red status feedback

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@claude
refactor(agents): extract DynamicAgentDef::to_signed_advertisement + …
7b85710 
…catalog startup seeding

Eliminates duplicated deterministic-key logic between install_catalog_agents()
and startup seeding by adding to_signed_advertisement() on DynamicAgentDef.

- crates/pap-agents/src/dynamic.rs: add to_signed_advertisement() — derives
  deterministic Ed25519 keypair from SHA-256(name), builds and signs an
  AgentAdvertisement; single source of truth for idempotent catalog installs
- crates/pap-agents/Cargo.toml: add sha2 workspace dep
- apps/registry/src/ui/api.rs: refactor install_catalog_agents() loop to use
  entry.to_signed_advertisement() — removes manual key derivation inline
- apps/registry/src/main.rs: extend first-boot seeding block to load TOML
  catalog agents via PAP_CATALOG_PATH when set, using the same method
- e2e/Dockerfile.ci-chrysalis: COPY catalog dir to runtime image + set
  PAP_CATALOG_PATH=/app/catalog so first-boot seeding finds the TOML files
- e2e/tests/chrysalis-integration.spec.ts: add test group 7 covering
  /agents Design Agent CTA, /agents/design reachability, /settings Catalog
  Install card, and startup-seeded TOML catalog breadth (305 agents, 22/22 pass)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 14, 2026
edited
Loading

Benchmark Regression Report

PAP Protocol Benchmark Regression Check
========================================
Baseline: .bench-baseline/baseline.json
Threshold: 30%

  ed25519_keypair_generation                19.7 µs  (baseline: 17.2 µs, +14.9%)  [ok]
  did_key_derivation                         1.5 µs  (baseline: 1.4 µs, +10.7%)  [ok]
  mandate_create_sign                       24.0 µs  (baseline: 22.1 µs, +8.7%)  [ok]
  mandate_chain_verify_depth3              125.5 µs  (baseline: 111.3 µs, +12.7%)  [ok]
  sd_jwt_issue_5claims                      27.9 µs  (baseline: 25.3 µs, +10.6%)  [ok]
  sd_jwt_verify_disclose_3of5               44.3 µs  (baseline: 39.0 µs, +13.3%)  [ok]
  session_open_full_lifecycle              112.6 µs  (baseline: 98.7 µs, +14.0%)  [ok]
  receipt_create_cosign                     47.9 µs  (baseline: 43.7 µs, +9.6%)  [ok]
  federation_announce_local                 56.3 µs  (baseline: 50.6 µs, +11.2%)  [ok]

All benchmarks within 30% of baseline.

Threshold: 10% regression vs baseline from main

Todd Baur and others added 3 commits April 13, 2026 21:27
@claude
fix(ci): update Cargo.lock for sha2 dep + ignore RUSTSEC-2026-0097
96328d7 
- Regenerate Cargo.lock to include sha2 in pap-agents dependency list
  (sha2 = { workspace = true } was added to pap-agents/Cargo.toml in the
  previous commit but the lockfile was not updated)
- Ignore RUSTSEC-2026-0097 (rand unsound with custom logger): PAP does
  not use custom loggers that invoke rand::rng(); no patched rand release
  available; tracked for upgrade separately

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@claude
fix(ci): pre-build pap-registry before startup timer in just registry…
7ed29d7 
…-local

cargo run compiles a different binary than cargo test (no test harness),
so pap-registry must recompile in the registry-local step on cold/stale
Rust caches (e.g. after Cargo.lock changes). Moving the build before the
120s health-check loop ensures the timer measures only server startup, not
compilation.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@claude
fix(ci): minimal Cargo.lock update — add sha2 to pap-agents deps only
e5cfcf8 
Revert the over-broad cargo generate-lockfile that bumped ~30 transitive
dependencies (including rand, tokio, rayon) and caused benchmark
regressions. Instead, apply only the necessary change: add "sha2" to
pap-agents' dependency list in Cargo.lock, matching the sha2 workspace
dep added to pap-agents/Cargo.toml.

All other package versions stay pinned to the baseline used when the
benchmark regression gate was calibrated.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@toadkicker toadkicker merged commit d80b9a1 into main Apr 14, 2026
25 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@toadkicker