Revocation Package
The revocation packages define the store contract resource servers use to reject mandates after a session, root session, agent session, or delegation edge has been revoked.
Install
Section titled “Install”| Ecosystem | Package |
|---|---|
| TypeScript | npm install @caracalai/revocation |
| Python | pip install caracalai-revocation |
| Go | go get github.com/garudex-labs/caracal/packages/revocation/go |
Contract
Section titled “Contract”| Operation | Meaning |
|---|---|
isRevoked(sid) / is_revoked(sid) / IsRevoked(sid) | Return whether an anchor is revoked. |
markRevoked(sid, ttl) / mark_revoked(sid, ttl) / MarkRevoked(sid, ttl) | Record an anchor as revoked for a TTL. |
In-memory stores
Section titled “In-memory stores”Use in-memory stores for local development, tests, and single-process examples:
| Ecosystem | In-memory API |
|---|---|
| TypeScript | new InMemoryRevocationStore({ defaultTtlMs, maxEntries }) |
| Python | InMemoryRevocationStore(default_ttl_ms=...) |
| Go | revocation.NewInMemoryStore(defaultTTL) |
In-memory stores do not share revocation state across processes. Production resource servers should use a shared backend and consume caracal.sessions.revoke.
Production path
Section titled “Production path”Use Redis Revocation Store for multi-instance resource servers. The Redis connector reads signed revocation stream messages, marks every revocation anchor, and lets verifiers fail closed when Redis is unavailable.

