Capsule format · v0.6 · SDKs

One format, several reference implementations.

The v0.6 format specification is the contract; the SDKs are reference implementations that all build against the same canonical test vectors. New implementations are welcome, and the test vectors are the conformance gate: an implementation is Capsule-compliant when its hashes match the JS reference on the published vectors.

Conformance · verified 2026-05-12 · view report · machine-readable

v0.6 open format test-vector conformance Apache-2.0

Section 01

Status at a glance

One row per implementation. Status labels below the table are deliberately blunt: shipped is shipped, in flight is in flight, PoC is PoC.

Language Package Version Status Maintainer
JavaScript @capsule/sdk-v0.6-prototype 0.6.0 Reference lane Virion.ai
Python capsule 0.6.0 SDK lane Virion.ai
Rust capsule-verify verifier only Independent verifier lane Virion.ai
Swift Capsule 0.6.0 SDK lane Virion.ai
Kotlin ai.virion.capsule 0.6.0 Plain-capsule lane Virion.ai

Status legend

  • Reference lane: primary JavaScript implementation for builder, reader, verifier, CLI, and browser examples.
  • SDK lane: public implementation intended to track v0.6 behavior and conformance vectors.
  • Independent verifier lane: verifier-focused implementation used to keep the spec from becoming a single-library contract.

Section 02 · Test vectors are the contract

Conformance

The current public harness tests the JavaScript reference SDK, CLI checks, spec-vector registry checks, and generic example capsules. Other implementation lanes remain visible in the matrix so contributors can track where parity work is expected, without implying they are all executed by the same CI target today.

git clone https://github.com/virionai/capsules-protocol
cd capsules-protocol
node tools/run-conformance.mjs

The website keeps the last published report until upstream CI publishes a new output/conformance-report.md.

What's verified

  • sdk-js reference implementation and cli checks.
  • spec/vectors registry checks.
  • Generic examples: report, table/graph, and React-rendered artifact capsules.
  • Repository hygiene checks for generic examples.

Reports are archived at /conformance/ with one dated copy per public release.

Section 03

JavaScript (Shipped)

The reference SDK. Builder, reader, verifier, the canonical-JSON and Ed25519 primitives, and the deterministic-ZIP container live in a single npm package. The exported surface includes CapsuleBuilder, CapsuleReader, verifyCapsule, plus the lower-level buildChainEvents, hashEvent, verifyChain, buildEnvelope, signEnvelope, verifyEnvelopeSignatures, buildManifest, computeCapsuleId, packZip, unpackZip, and the JCS / SHA-256 helpers (jcs, sha256, sha256Hex). Two dependencies: canonicalize (RFC 8785 JCS) and jszip (deterministic ZIP). Node 20 or newer; runs unmodified in browsers via a bundler.

npm install @capsule/sdk-v0.6-prototype
import { CapsuleReader, verifyCapsule } from "@capsule/sdk-v0.6-prototype";

const bytes = await fetch("/examples/medical-journal/sample.capsule")
  .then((r) => r.arrayBuffer());
const reader = await CapsuleReader.fromBytes(new Uint8Array(bytes));
const result = await verifyCapsule(reader, { allowlist: [] });
console.log(result.ok, result.level, result.envelope.signers);

Source: github.com/virionai/capsules-protocol/tree/main/sdk-js.

Browser-only reference builds without a bundler are demonstrated in examples/medical-journal/: the clinician reader loads the SDK in a single offline HTML file.

Section 04

Python (In flight)

Capsule started as a Python codebase. The Python implementation is being upgraded to v0.6 in the open, on the same crypto primitives as the JS SDK (SHA-256, JCS RFC 8785, Ed25519 raw-byte signing, ChaCha20-Poly1305 + X25519 + HKDF-SHA256 for encrypted capsules) and the same deterministic ZIP rules. It is expected to ship parity against the JS reference test vectors as the second independent implementation.

This is the format-stewardship signal. Independent implementations completing test-vector parity are what move v0.6 from reference implementation toward stable protocol. See the ROADMAP.md gates for the current criteria.

Section 05

Rust (verifier-only)

The Rust implementation is verifier-focused: capsule verify file.capsule, exit 0 on pass, exit 1 on fail, with typed errors for server-side and command-line workflows.

Verifier-first is the right first scope because the verifier is the contract any consumer needs; the builder is what producers need.

Section 06

Swift & Kotlin

Swift

The Swift lane lives in the public repository under sdk-swift/. It covers native reading, building, canonicalization, signatures, and parity tests against repository fixtures.

Kotlin

The Kotlin lane lives under sdk-kotlin/. It tracks the plain JCS, SHA-256, and Ed25519 path and rejects unsupported encrypted capsules until that profile is implemented.

Section 07

How conformance works

Conformance is test-vector parity. A new implementation is Capsule-compliant when it produces capsules whose content_index_hash matches the JS reference, and whose canonical envelope payload signs and verifies bit-identically against the published test vectors. Every hash that ships in provenance/envelope.json (capsule_id, first_event_hash, entry_hash, manifest_hash, content_index_hash, envelope_signature) is checkable byte-for-byte.

Conformance is not enforced by anything except those test vectors. There is no certification program, no registry of approved implementations, no "Capsule Foundation" issuing logos. The test vectors are the conformance program: if the hashes match, the implementation is compliant; if they don't, it isn't.

The spec lives at /protocol/v0.6/: five files (format, manifest, chain, envelope, trust), roughly 5 KB of text in total. The latest conformance results, including the per-target breakdown, are published at /conformance/latest.md.

Section 08

Building a new implementation

What an implementer should know before starting:

  • Format anchor. /protocol/v0.6/ is the canonical spec. Five spec files (format, manifest, chain, envelope, trust), roughly 5 KB of text total. Read these first; everything else is an artifact of them.
  • Crypto primitives required. SHA-256, JCS RFC 8785, Ed25519 (raw-byte signing: sign the bytes, not a hex string), and for encrypted capsules ChaCha20-Poly1305 + X25519 + HKDF-SHA256.
  • ZIP primitives required. For writing: a deterministic ZIP_STORED writer with fixed timestamps and sorted paths. For reading: any compliant ZIP parser.
  • Test vectors. Drop the new SDK against the published vectors; if the hashes match, it's compliant. The capsule vectors verify <vectors.json> CLI is the single line a CI matrix can run across JS, Rust, Python, Swift, Kotlin to prove the implementations agree.
  • No second-class implementations. Partial implementations are explicitly welcome: verifier-only Rust, builder-only Python, mobile SDKs scoped to read-only. The roadmap rewards completed shapes over comprehensive coverage. A clean verifier with test-vector parity is a stronger contribution than a half-finished builder.

Open an issue at github.com/virionai/capsules-protocol/issues to coordinate.

Section 09

Roadmap

  • v0.6 locks when a second independent implementation round-trips signed test vectors. This is milestone 1 of the project roadmap; until it lands, every version commitment is debt.
  • Once locked, the Capsule spec gets a versioned release tag and the JS SDK rebases from 0.6.0-prototype.x to 0.6.0. The "prototype" suffix is the visible signal that the format has not yet been independently validated.
  • v0.7 plans: AES-256-GCM cipher support, encrypted-capsule extension (multi-recipient envelope), and RFC 3161 / Rekor temporal anchoring. All three are parking-lot today, blocked on adoption signal, not on engineering.

See the full roadmap for current v1.0 gates.