The OMI spec is under heavy development, and every piece of it is subject to change. We are documenting the core primitives for sovereign application lifecycles. Join us in defining the v1.0 draft.
Documentation
The OMI Provisioning Protocol
Developer Identity & Namespace Registration

Developer Identity & Namespace Registration

Objective: To establish a sovereign cryptographic identity and claim a unique namespace within a registry.

App Registry is “Zero-Knowledge”. It only knows public keys and endpoints. It cannot see user’s or database content.

Prerequisites

  • A local environment with the OMI CLI tools installed (or equivalent crypto library).

The Protocol Workflow

  1. Key Generation: The developer generates a Master Key-Pair (Ed25519 or RSA) on their local machine.

    Security Note: The Master Private Key never leaves the developer’s local machine. It is used solely for signing requests.

  2. Registry Selection: The developer selects a target App Registry (e.g., omiappreg.org) to host their public profile.

  3. Registration Payload Construction: The developer constructs a JSON payload to claim their identity:

{
  "version": "1.0",
  "data": {
    "public_key": "m2bi0ja8bgkq9ki...",
    "namespace_claim": "alice",
    "contact_email": "alice@devagency.com",
    "metadata": {
      "website": "https://devagency.com",
      "organization": "Dev Agency"
    },
    "timestamp": 1705412400,
    "nonce": "8f3k2l9a",
  },
  "signature": "3c8e9f1a2b3c4d5e6f..."
}
  1. Submission & Verification: The payload is sent to the App Registry. The registry performs two checks:
  2. Namespace Availability: Is alice taken?
  3. Policy Verification: The registry sends a verification email to prevent spam.
  4. Activation: Once verified (via link click or payment), the App Registry records the association: namespace “alice” -> public_key.
Outcome: The developer now owns the org.omiappreg.dev_agency root namespace.
Application Registration