Reference-grade infrastructure for KERI-native economies.
KERI.host is an open, forkable reference implementation for building communities and governance structures on cryptographic accountability. It is not a SaaS provider, wallet company, or workflow engine. It is a pattern library — infrastructure that gets out of the way.
- A reference implementation of KERI witness services on serverless infrastructure (AWS Lambda + DynamoDB)
- Forkable and self-hostable — if KERI.host disappears, nothing breaks
- Optional hosting — every component can be run independently without KERI.host infrastructure
- Infrastructure for community builders, not just developers
- Not an identity provider
- Not a platform monopoly
- Not a global reputation system
- Not a gatekeeper to participation
- Cannot revoke or invalidate anyone's AID
- Cannot be a root authority for credentials
The infrastructure is organized into three AWS CDK stacks:
┌─────────────────────────────────────────────────────────────────┐
│ CDK App │
└─────────────────────────────────────────────────────────────────┘
│
┌─────────────────────┼─────────────────────┐
▼ ▼ ▼
┌───────────────┐ ┌───────────────┐ ┌───────────────┐
│ DataStack │ │ ApiStack │ │ WitnessStack │
│ │ │ │ │ │
│ • DynamoDB │◄───│ • API Gateway │◄───│ • Lambdas │
│ • Secrets │ │ • Certificate │ │ • Routes │
│ │ │ • DNS │ │ • EventBridge │
└───────────────┘ └───────────────┘ └───────────────┘
(Layer 1) (Layer 2) (Layer 3)
DataStack — Persistent storage (DynamoDB tables for KEL, states, receipts, escrows)
ApiStack — Shared API infrastructure (API Gateway, ACM certificate, Route53)
WitnessStack — KERI witness service (Rust Lambda functions, API routes)
| Endpoint | Method | Description |
|---|---|---|
/witness |
GET | Witness OOBI |
/witness/introduce |
GET | Get witness OOBI |
/witness/process |
POST | Submit KERI events |
/witness/query |
POST | Query KEL, state, receipts |
/witness/oobi/{id} |
GET | Resolve OOBI for identifier |
- Rust 1.88+
- Node.js (LTS)
- AWS CLI configured
- cargo-lambda
- pandoc — HTML to Markdown conversion (
brew install pandoc) - Python 3.10+ — PDF to Markdown conversion via pymupdf4llm
# Build Rust lambdas
cargo build --release
# Build CDK infrastructure
cd infrastructure
npm install
npm run buildcd infrastructure
# Deploy all stacks
npx cdk deploy --all -c hostedZoneId=YOUR_HOSTED_ZONE_ID
# Or deploy individually
npx cdk deploy KerihostDataStack
npx cdk deploy KerihostApiStack -c hostedZoneId=YOUR_HOSTED_ZONE_ID
npx cdk deploy KerihostWitnessStack# Run integration tests
cd tests/integration
npm install
npm testSee docs/keri-host-artifact-plan.md for the full KERI.host vision and roadmap.
- Reference > Platform — Forkable, self-hostable, documented as patterns
- Optional Hosting, Never Required — Every demo runnable without KERI.host
- Simulated but Real — Flight simulators, not PowerPoints
- Subjective, Plural Reputation — No universal score
- Regulator-Friendly — Audit trails without surveillance
- Cooperation, Not Competition — Non-profit, no ecosystem wars
Apache License 2.0 — See LICENSE
Contributions welcome. This is reference infrastructure meant to be forked, adapted, and improved by the community.