Overview
This repository packages a shared kernel for domain-driven systems that need the same rules for identifiers, timestamps, lifetimes, and API-style credentials in more than one boundary. Instead of passing raw strings, DateTime, and TimeSpan values through the model, it promotes small immutable types that validate themselves at construction time.
The result is a narrower seam between domain code and infrastructure code. Consumers can express intent with types such as Codebelt.SharedKernel value objects, while keeping the broader DDD abstractions in the underlying Savvyio.Domain dependency.
Concepts
The concepts in this repository revolve around making shared rules explicit. Each one replaces a weak primitive with a value object that carries validation, comparison behavior, or validity semantics with it.
Constrained identity and secret values
The repository treats string-backed identifiers as domain primitives instead of loose text values. In Codebelt.SharedKernel, Token establishes the base rules for length, whitespace, and repeated-character frequency, while Secret and CorrelationId narrow that model for sensitive values and trace identifiers. This keeps token hygiene close to construction and makes invalid identifiers fail before they spread into application flow.
UTC and duration semantics as value objects
Time handling is split into two distinct concerns: absolute timestamps and bounded durations. Codebelt.SharedKernel uses CoordinatedUniversalTime to reject non-UTC values up front, then layers ClockSkew and TimeToLive on top of comparable TimeSpan-based value objects so expiry windows and tolerated drift stay explicit. That separation matters because a timestamp, an allowed skew, and a lifespan are all time-related, but they represent different business constraints.
Credential validity as composed domain state
Access control is modeled as composition rather than scattered checks. Codebelt.SharedKernel combines Secret, CoordinatedUniversalTime, ClockSkew, and TimeToLive in AccessKey and AccessKeyOptions, then centralizes the runtime check in AccessKeyExtensions.IsValid(...). The important idea is not just that a key has a secret, but that its validity window and skew tolerance travel with the credential as part of the same immutable state.
Usage guidance
Use this repository when multiple services, modules, or bounded contexts must agree on the same identifier rules, UTC normalization rules, or credential-validity rules. It is a good fit when those concepts are part of your domain language and you want construction-time guards instead of repeated ad hoc checks.
Avoid pulling the shared kernel into a model that only needs plain framework primitives or one-off local value objects. If a rule is truly local to a single domain and does not need the token, time, or access-key semantics defined here, a smaller local type or no package at all is the better choice.