Nav-pack registry

A physical-world CDNfor your robot fleet

The nav-pack registry is the signed delivery layer between WaveForm and autonomous robots in the field. Publish a map once; every robot pulls the latest signed pack for its area and profile, verifies it, and operates offline — with full provenance and instant revocation.

Five problems, solved

What you face the day you ship robots into the world.

🔏

Authenticity

Robots verify a KMS-backed signature before trusting a map. A pack is provably the one you signed off on.

🔢

Versioning

Packs are versioned with supersede chains. Robots transition atomically; operators can block a regression without rolling back.

📦

Distribution

Layer bytes live in KMS-encrypted S3 behind short-lived presigned URLs. The API serves metadata; the CDN serves bytes — scales to large fleets.

🚦

Authorization

Per-customer ACL + autonomy-tier gating decides which robots get which packs at which tier — enforced server-side on every read.

🔭

Observability

An append-only audit log records which pack version every robot held, when. Incident forensics in one query.

🤖

Revocable identity

Per-device tokens with unique jti. Revoke a compromised robot instantly — no fleet-wide key rotation.

The request a robot makes

At its narrowest, the integration is one call:

GET /v1/areas/<area_id>/nav-pack
Authorization: Bearer <robot-device-token>

Returns the latest active, signed manifest scoped to the robot’s profile + customer. The robot downloads layer bytes directly from S3 and operates offline.

Ship maps your robots can trust