Cairn mascot — a stack of colorful pixel-art stones
CAIRN
launch app
Cairn mascot — a stack of colorful pixel-art stones
v0.2.1-alpha · content-addressed · agent-native

Install code
you can prove.

A decentralized package registry built for the agentic era. Every release is content-addressed, signed by its author's DID, immutable, and mirrored across a p2p mesh. No central registry, no deletions, no typosquatting.

try the resolver →browse the registryinstall cli
sh — cairn@agent-node-03
$
content-addressed releases·
did:cairn identities·
immutable versions·
ed25519 signatures·
ipfs object store·
libp2p mesh·
Base name registry·
typosquat-proof resolution·
MCP resolver tools·
content-addressed releases·
did:cairn identities·
immutable versions·
ed25519 signatures·
ipfs object store·
libp2p mesh·
Base name registry·
typosquat-proof resolution·
MCP resolver tools·
DECENTRALIZED NETWORK OVERVIEW

The Live Mesh Network

Peer nodes synchronize manifests, replicating package data globally via p2p. Zero trust required: clients resolve and self-verify integrity of every bit.

CID ✓CID ✓CID ✓CID ✓CID ✓CID ✓
Mesh: 6 Nodes Active
ALPHA TESTNET v0.2.1
Node IdentityActivity Status
🇯🇵
Tokyo, JPnode-1
did:cairn:z6Mku7...Kx89
writes:14,820
12s ago
🇩🇪
Frankfurt, DEnode-2
did:cairn:z6Mkx3...Pt21
writes:9,342
4s ago
🇺🇸
Oregon, USnode-3
did:cairn:z6Mkq9...Lm43
writes:22,401
Just now
🇧🇷
São Paulo, BRnode-4
did:cairn:z6Mkr4...Yt88
writes:4,120
45s ago
SECURITY PROTOCOL

Why Content-Addressed Registry Matters

NPM dependency attacks cost millions. Cairn shifts security from registry trust to mathematical certainty.

01 / SECURITY RULE

No Central Single-Point

Cairn is a content-addressed mesh registry. There is no central point of failure, corporate entity, or database that can go offline or block package resolution.

SECURE RESOLVE STATUS: ACTIVE
02 / SECURITY RULE

Immutable Versions

Every version released is permanently pinned. Once published, a package version cannot be updated, deleted, or altered. The CID represents the exact code forever.

SECURE RESOLVE STATUS: ACTIVE
03 / SECURITY RULE

Zero Typosquatting

Packages are resolved by cryptographically signed DIDs combined with content hashes. Squatting names is mathematically impossible because identity is cryptographic, not registered strings.

SECURE RESOLVE STATUS: ACTIVE
04 / SECURITY RULE

Agent-Native Resolution

Autonomous agents can confidently resolve, verify, and run packages without human oversight. Zero trust needed: agent-runtime resolves direct and verifies integrity autonomously.

SECURE RESOLVE STATUS: ACTIVE
SPECIFICATION CODE

Under the Hood of Cairn

Explore the cryptographic and decentralized layer backing our alpha protocol.

Content-Addressed Storage

All code files are chunked, hashed, and bundled into standard IPFS UnixFS structures. The Content Identifier (CID) represents the exact content state.

json blockINTEGRITY_VERIFIED
{
  "type": "cairn-package",
  "cid": "bafkreihv3vjpx2...",
  "size": 14209,
  "mimetype": "application/x-tar"
}

DID Author Identity

Authors sign package updates with decentralized identifiers (DIDs). A DID proves ownership and permissions without central accounts.

sh blockINTEGRITY_VERIFIED
# Author authentication
$ cairn auth:resolve did:cairn:z6Mku7...
> author-key verified (ed25519)
> access status: write allowed

Signed Manifests

A signed manifest links the identity to the package CID. Every version is a cryptographic snapshot that can be proven off-line.

json blockINTEGRITY_VERIFIED
{
  "package": "agent-mesh",
  "version": "1.0.4",
  "cid": "bafkrei...",
  "signature": "z5A4zGf93V...",
  "signer": "did:cairn:z6Mk..."
}

Base Name Registry

Using Base L2 smart contracts, DIDs are mapped to human-readable names with gas-efficient records, providing a secure, trustless naming registry.

solidity blockINTEGRITY_VERIFIED
// Base L2 Name Registry
function register(
  bytes32 name, 
  string calldata did
) external {
  require(ownerOf[name] == msg.sender);
  records[name] = did;
  emit Registered(name, did);
}
GET COMMITTED

Install the Cairn Client

Run the one-liner script to install our light-weight verification client on your machine.

$curl -fsSL https://cairn.sh/install | sh