ANTRequest's ANTzip Specification (Version 0.1.0)

ANT.zip and ANT.enx (ENcrypted eXchange) are a signed format and an encrypted format respectively. they are used throughout the Favispecs which defines all sorts of use cases.

Table Of Contents

Table Of Contents

Status of this document

this document written on Mon Mar 09 2026 is Semantic version 0.1.0. this document is self-published independently.

This Specification Depends On

• Foundation: (0.3.0)
• FaviDiD: (0.3.0)
• PlanetSpec: (0.0.2)

This Specification uses external references

• The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.
• PNG (Wikipedia)
• ZIP (Wikipedia)
• DEFLATE (Wikipedia)
• JSON (Wikipedia)

ANT.zip

The Zipfile Structure

to be a valid ANT.zip, the file MUST

• Be a valid Zip Archive.
• Use the DEFLATE algorithm.
• Have a file called ANT.json in the ziproot.
• Have a file called ANT.sig in the ziproot.

The ANT.json Structure

to be a valid ANT.json, the file MUST

• The Root Object MUST have a did key set to the author's FaviDiD.
• The Root Object MUST have a Compat Object at the compat key.
• The Root Object MUST have a key called fileIntegrity with an array of fileIntegrity objects.

{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "title": "ANT.zip Configuration",
  "type": "object",
  "required": [
    "specVersion",
    "did",
    "fileIntegrity"
  ],
  "properties": {
    "did": {
      "type": "string",
      "pattern": "^did:favidid:ed25519:[1-9A-HJ-NP-Za-km-z]+$",
      "description": "the signer's did"
    },
    "specVersion": {
      "type": "string",
      "pattern": "^0\\.1\\.0$",
      "description": "the specification version. MUST be matched against the specification for disambiguation. in this schema it MUST be {\"0.1.0\"}. SHOULD be matched to disambiguate specifics of a ANT.zip spec",
      "$comment": "in terms of regex it must be {\"^\\d+\\.\\d+\\.\\d+$\"}"
    },
    "fileIntegrity": {
      "type": "array",
      "description": "MUST be an array of {{fileIntegrity}} objects",
      "items": {
        "$ref": "#/definitions/fileIntegrity"
      }
    }
  },
  "definitions": {
    "fileIntegrity": {
      "type": "object",
      "description": "a layer",
      "required": [
        "path",
        "integrity"
      ],
      "properties": {
        "path": {
          "type": "string",
          "description": "the File's path relative to {\"ANT.json\"}, MUST start with {\"/\"}. MUST be Normalized."
        },
        "integrity": {
          "type": "string",
          "pattern": "^(?:SHA(?:256|512)|BLAKE3)-[1-9A-HJ-NP-Za-km-z]+$",
          "description": "the algorithm and a base58 (bitcoin alphabet) hash of that hash function"
        },
        "mimetype": {
          "type": "string",
          "pattern": "^[a-z]+/[a-z\\-]+(?:\\+[a-z]+)?$",
          "description": "the File's media type"
        }
      }
    }
  }
}

The Root Object

The fileIntegrity Object

Signing it

to sign an ANT.zip sign the ANT.json with the user's Private-Key and put it in ANT.sig

PathSanitization

While the Full Path Sanitization is implementation-defined, implementations MUST make sure the path follows these rules.

• File names and directory names MUST NOT contain any of the following characters:
  • \
  • /
  • :
  • *
  • ?
  • "
  • <
  • >
  • |
  These characters are forbidden on Windows; restricting them ensures maximum cross-platform interoperability.
• Paths MUST use / as the path separator.
• Paths MUST NOT contain upward directory indicators (..) or current directory indicators (.).
• Paths MUST NOT reference any files located outside the ZIPRoot.

Application Behavior

Implementations MUST handle errors gracefully to maintain user data integrity. If a required file is missing, the application SHOULD NOT crash, but rather notify the user. If the ANT.json file is invalid or corrupted, the application MUST alert the user and refuse to load the data. Sanitization of file paths is REQUIRED to prevent path traversal vulnerabilities.

other than that programs SHOULD attempt to do the following when a spec Violation Occurs:

A Path references a file outside the ZIPRoot.

A Path references a no file nor directory.

Alert the user and refuse to load the data.

A Path contains an upward directory indicators (..) or current directory indicators (.).

Alert the user and refuse to load the data.

A Path contains Invalid Characters

Alert the user and refuse to load the data.

A Path's file does not match the integrity claimed in the ANT.json.

The ANT.json doesnt verify with the ANT.sig.

A path's File is missing.

A JSON schema Required property is missing or otherwise violates the schema

mark the entire ANT.zip as Untrusted

when an ANT.zip is marked as Untrusted, a Program MUST notify the user of the Untrusted status, a Program SHOULD be specific about what error was violated.

Internal Algorithms

Sign_ANT_Zip (ZipFile, My-Private-Key)

to sign an ANT.zip (ZipFile) using My-Private-Key, MUST follow these steps.

1. Validate ZipFile using the Requirements for a ZipFile Or Throw.
2. if any file is named "ANT" ignoring the extension then throw an Error.
3. set JSON to

   {
     "fileIntegrity": [],
     "specVerson": "0.1.0",
     "compat": {
       "https://antrequest.nl/standard/PlanetSpec/0.0.2/": {
         "main": true
       },
       "https://antrequest.nl/standard/ANTzip/0.1.0/": {
         "main": true,
         "DEFLATE": true,
         "SHA256": true,
         "SHA512": true,
         "BLAKE3": true
       }
     }
   }

   (indentation whitespace is Edge-Defined)
4. Set Array to the property fileIntegrity of JSON.
5. For every file in ZipFile Perform
   1. append

      {
        "path": <The File's Path>,
        "integrity": The File's Integrity with an supported algorithm in the format <algo>-<base58Bytes>,
        "mimetype": <the best guess of its mimetype>
      }

      to Array replacing my placeholders.
6. Assert: Array is changed in the json i provided.
7. Write JSON to ZipFile as "ANT.json".
8. Store the bytes of Bytes in ZipFile as "ANT.json".
9. Set Bytes to the detached Ed25519 signature of signing Bytes using My-Private-Key.
10. Set BytesBase58 to encoding Bytes as Base58 (bitcoin alphabet, no paddng).
11. Store the UTF8 bytes of BytesBase58 in ZipFile as "ANT.sig".
12. Return ZipFile.

ANT.enx

Encrypt_ANT_Zip (ANTZip, Public-Key-Recipient)

to create an ANT.enx from an ANT.zip (ANTZip), MUST follow these steps.

1. Validate ANTZip using the Requirements above Or Throw.
2. Assert: Public-Key-Recipient is the result of FaviDiD Resolution which returns the bytes of a Public Key
3. Convert the raw bytes of Public-Key-Recipient from Ed25519 to X25519 to produce $XKeyPublic. (The conversion algorithm is defined by the cryptography library, e.g., libsodium's crypto_sign_ed25519_pk_to_curve25519.)
4. Generate an ephemeral X25519 keypair ($ephemeralPrivate, $ephemeralPublic).
5. Compute $sharedSecret by performing an X25519 key exchange between $ephemeralPrivate and $XKeyPublic. X25519 is an elliptic curve Diffie‑Hellman (ECDH) function (see Curve25519). It combines a private key and a public key to produce a shared secret that only those two keys can generate. The recipient will independently compute the same secret using their private key and $ephemeralPublic (which will be included in the output).
6. Generate a 24-byte random nonce $nonce.
7. Encrypt ANTZip using XChaCha20-Poly1305 with $sharedSecret and $nonce to produce $ciphertext. If encryption fails, throw an error.
8. Create $ANTzip-Encrypted as the byte concatenation of $ephemeralPublic (32 bytes) + $nonce (24 bytes) + $ciphertext.
9. Create a new ANT.zip archive called $new-ANT-enx.
10. Add $ANTzip-Encrypted to $new-ANT-enx as a file named "Blob.enx".
11. Change the file extension of $new-ANT-enx to ".enx".
12. Sign $new-ANT-enx using Sign_ANT_Zip.
13. Return $new-ANT-enx.