Turnip· People
Identity, plain and patient.
Yubico, Ledger, and Trezor make great hardware. Auth0 and Clerk authenticate users into web apps. Turnip is the only identity layer designed for an operating system that holds real money — every elevation is hardware-bound, every capability is time-bound, every action chains back to a human DID.
Garden Financial · v1.3.2 — DesktopLIVE
Search…⌘K
AACME Holdings
Identity · Signers
Updated Apr 29 at 14:02
TURNIP · /settings/identity/signers
Signer ring · 6 devices · CFO requesting elevation
CFO requests period close · 2026-04 · seal blake3:9f3a…arsenal:act_step_2c4f1a · ttl 90s · scope bean.period.close · entity us-parent
touch YubiKeycancel
| Type | Device | Bound principal | Enrolled | State |
|---|---|---|---|---|
| Passkey | iCloud Keychain · MacBook Pro | did:oas:org:acme:cfo | 2025-11-04 | active |
| YubiKey 5C NFC | YK · sn 19284441 | did:oas:org:acme:cfo | 2024-09-12 | active |
| Ledger Nano X | Ledger · BTC + ETH path | did:oas:org:acme:ceo | 2025-02-21 | active |
| Trezor Safe 3 | Trezor · auditor seat | did:oas:org:acme:auditor | 2025-08-09 | active |
| Garden Apex | Built-in · this machine | did:oas:org:acme:ops/03 | 2026-01-14 | active |
| Cold paper | Vault recovery · Shamir 2-of-3 | guardians · 3 of 5 | 2025-03-04 | offline |
every elevation logs to Bean · arsenal tokens are just-in-time, time-bound, principal-boundFIDO2 · WebAuthn · BIP-39 · Shamir
FIG. 0.A — GARDEN DESKTOP / DASHBOARDThe actual UI. No marketing simulator.
Capability minting
Capabilities are minted just-in-time, with a 6-check policy gate.
When an agent needs to act, it requests a capability scoped to one action with a TTL in minutes. Turnip verifies the delegation chain, requires a hardware step-up, and signs the Arsenal token. Revoking the parent capability instantly collapses every descendant token.
TURNIP · /identity/arsenal/mint
Capability mint · arsenal:act_ce7d… · cabbage.invoices.issue
REQUESTED BYagent:basil/0x281parent: did:oas:org:acme:cfo
SCOPEcabbage.invoices.issuemax=$50,000 · idempotent
TTL1h 30mexpires 18:11:24 EDT
SIGNATUREed25519:9f3a2c…posts to Bean · audit chain
Mint policy · 6 checks
- Delegation chain validCFO → basil → invoice scope · 2 hops
- Hardware step-upYubiKey 5C touched 4s ago
- Scope within delegaterequested ⊂ delegated · all paths covered
- TTL within max1h 30m ≤ delegate ttl 4h
- Spend cap within limit$50k ≤ delegate $50k
- Counterparty allowlistdownstream cap is per-call enforced
Active capabilities · this tenant4 active · 1 expired · 1 revoked
| Holder | Scope | TTL | Uses | State |
|---|---|---|---|---|
agent:basil16:41:24 | cabbage.invoices.issue max $50k | 1h 12m | 1 / 50 | active |
agent:tomato16:38:11 | bean.journal.post | 3h 41m | 4 / 100 | active |
agent:thyme16:22:09 | kale.sweep.execute max $80k | 47m | 0 / 5 | active |
agent:sage-bot15:14:02 | sage.screen.run | 12m | 412 / ∞ | active |
agent:vine14:02:18 | vine.events.subscribe | — | — | expired |
agent:rosemary13:47:01 | branches.balance.fetch | — | 12 / 20 | revoked |
no agent ever holds a long-lived credential · revoking the parent capability instantly collapses every descendant tokenArsenal v2 · ed25519 · OAS DID · multi-hop lineage
Turnip vs. auth tools
Identity built for money, not for marketing emails.
Auth0 and Clerk authenticate users. Turnip authorises capabilities.
| Capability | Auth0 | Clerk | Okta | Turnip |
|---|---|---|---|---|
| WebAuthn / passkey | ✓ | ✓ | ✓ | ✓ |
| Hardware-bound step-up | — | — | MFA | ✓ scope + ttl |
| Capability tokens (scoped) | — | — | — | ✓ Arsenal |
| Time-bound minting | session | session | session | ✓ seconds-scale |
| Lineage proofs for agents | — | — | — | ✓ |
| Shamir / guardian recovery | — | — | — | ✓ |
| Multi-device + threshold | — | — | — | ✓ FROST |
| Audit-chained auth events | logs only | logs only | ✓ | ✓ blake3 |
Agent-native
Agents mint capabilities. Humans authorise scopes.
An agent never holds a long-lived credential. It exchanges a delegated capability for a just-in-time Arsenal token bound to a specific action and scope — and the token dies in seconds.
MCP descriptor
tool turnip.session.elevate Request step-up for sensitive action tool turnip.capability.mint Mint a scoped Arsenal token tool turnip.capability.revoke Revoke active capability tool turnip.signer.enroll Enroll a hardware device resource ring://turnip/acme Active signer ring
Typed REST API
POST /turnip/v1/sessions/elevate Step up session (WebAuthn / YubiKey) POST /turnip/v1/capabilities Mint scoped capability token DELETE /turnip/v1/capabilities/:idRevoke a live capability POST /turnip/v1/signers Enroll a hardware signer GET /turnip/v1/lineage/:id Resolve an action back to its human root
Lineage headers
Authorization: Bearer arsenal:act_tn… X-Garden-Capability: turnip.capability.mint · scope=bean.period.close X-Garden-TTL: 90s · principal=did:oas:org:acme:cfo X-Garden-Hardware-Proof: yk:5C:19284441 (touched 2026-04-29T16:41:02Z)
Capability matrix
Eight capabilities your auth stack can't.
- 01WebAuthn / passkey enrollment and step-up
- 02Hardware-bound session elevation (YubiKey, Ledger, Trezor, Apex)
- 03Time-bound, scope-bound Arsenal capability tokens
- 04Just-in-time capability minting (no long-lived secrets)
- 05Shamir-on-paper recovery ceremonies
- 06Multi-device pairing under one identity
- 07Lost-device revocation under threshold
- 08Audit-chained auth events sealed to Bean
Companions in People
The services that work with this one.
Greenhouse
Twelve services. Turnip is one.