Entries
An entry is one row in the registry — one publishable thing. Each entry has an OAS DID, a kind, a version, a publisher DID, a content hash, and a signature. Entries are immutable; new versions create new entries that link back via lineage.
Identities
Every actor on Reggie has a DID. There are three identity record kinds:
- HMR (Human Master Record) — the root. Always a real person.
- MHR (Machine Holding Record) — FROST t-of-n custodian for non-interactive signing.
- ENR (Entity Namespace Record) — a namespace bound to one HMR/MHR.
Your everyday signing key is derived from one of these via HKDF.
Bonds
Every entry must be backed by a Sigil bond. Bonds are slashable on misuse, refundable on retirement. Bond minimums scale with risk tier — agents that hold credentials cost more to publish than skills that do not.
Attestations
Independent auditors attach signed credentials to entries. Common types:
build-reproduciblelicense-verifiedno-malware-detectedeval-passed
Attestations are detachable — they don't change the entry, they just travel with it.
Lineage
Every entry traces back to an HMR via HKDF-derived key chains. Resolution includes the lineage path, so consumers can see exactly which human is ultimately accountable for what they're installing.