poztter.com

poztter.com / get started

Get started.

Today, the canonical way to create and manage a POZ record is the poz_cli command-line tool from the reference implementation. A browser-based holder portal is on the roadmap.

Status. The reference implementation is pre-1.0. Treat any record you create now as experimental. Don't anchor production identity to it until the spec and tooling are finalized.

01 · install the CLI

Clone and build the reference implementation. It's a CMake C++ project — see the build notes in the repository for prerequisites.

git clone https://github.com/Poztter/Poztter.git
cd Poztter
# Build via CLion (recommended) or directly with CMake
# Tools land in poz_cli/build/poz_cli

02 · plan your survivorship

Before generating any keys, decide on your survivorship configuration. Read master zone and recovery first. The recommendation:

03 · generate keys

Use poz_cli to generate Ed25519 keypairs for each of your roles (primary, recovery, delegation). Hardware-token-backed keys are strongly preferred for the primary, especially.

04 · create the record

Compose your master zone — list the keys, assign them to survivorship groups with values, declare your sub-zone delegations. Sign the genesis revision. Save the file somewhere safe.

05 · publish

You can run your own POZ server (poz_server) on a small VM, or submit your record to a public cache. If you control a domain, add the DNS records for discovery:

_poz._tcp.example.com.   300 IN SRV 10 0 7075 poz1.example.com.
_poz.example.com.       3600 IN TXT "v=poz1 h=<your_original_master_hash_hex>"

06 · add identities

For each provider that supports POZ, send a SUBMIT_REQUEST with proof of your handle. The provider signs an entry; you collect entries from all your providers; you sign the assembled Identity Zone; you submit the final zone to each provider for activation.

07 · configure your services

Define your Service Zone — the mail servers, feed servers, and revocation service you use. Reference these from your Email Zone, Feed Zone, and Auth Zone by hash.

1 install the CLI git clone · cmake build 2 plan your survivorship primary group + recovery group 3 generate keys Ed25519 per role · hardware-backed where possible 4 create the record compose master · sign genesis · save 5 publish DNS SRV + TXT · or a public cache 6 add identities SUBMIT_REQUEST per provider 7 configure services mail · feed · revocation
fig 01 · seven steps from "no record" to "live, signed, published, and discoverable." Steps 1–5 are sequential; 6 and 7 can be done in parallel and revisited any time.

what should be automated (and isn't yet)

Almost all of the above. The reference CLI gives you the building blocks, but a good holder portal would walk you through this as a single guided setup, with sensible defaults and explicit warnings when you depart from them. That's what this site will become.