Georgian ID Card Legal Signing Foundation

This repository now includes a mock-first legal-signing seam for future Georgian ID Card integration.

What exists today

• canonical payload builder with deterministic JSON + SHA-256 hash
• signing intent lifecycle model
• svc-eid service for intent creation, mock completion, cancellation, and audit
• mock provider adapter behind EidProviderAdapter
• optional action-level enforcement seam, default disabled

What is mock today

• no live Georgian ID provider calls
• no real card/certificate interaction
• no real signature verification
• no user-facing signing flow in web

What plugs in later

• real provider-specific createSigningRequest
• real provider callback/completion verification
• real signature artifact storage
• stricter tenant/legal-policy routing per action type

Current integration seam

svc-eid is now a standalone horizontal signing service, similar in role to svc-kyc. Business services are not yet forced through it. Future critical actions will opt in by creating a signing intent before mutating state.

Audit coverage

svc-eid stores:

• actor
• tenant
• action type
• resource type/id
• canonical payload hash
• status transitions
• mock provider payload snapshots