diff --git a/Cargo.lock b/Cargo.lock
index 5c41419..37432d7 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1370,7 +1370,7 @@ dependencies = [
 
 [[package]]
 name = "ic-oss"
-version = "0.7.1"
+version = "0.7.2"
 dependencies = [
  "bytes",
  "candid",
@@ -1389,7 +1389,7 @@ dependencies = [
 
 [[package]]
 name = "ic-oss-can"
-version = "0.7.1"
+version = "0.7.2"
 dependencies = [
  "bytes",
  "candid",
@@ -1403,7 +1403,7 @@ dependencies = [
 
 [[package]]
 name = "ic-oss-cli"
-version = "0.7.1"
+version = "0.7.2"
 dependencies = [
  "anyhow",
  "bytes",
@@ -1429,34 +1429,14 @@ dependencies = [
  "tokio-util",
 ]
 
-[[package]]
-name = "ic-oss-cose"
-version = "0.7.1"
-dependencies = [
- "base64 0.21.7",
- "candid",
- "ciborium",
- "coset",
- "crc32fast",
- "ed25519-dalek",
- "hex",
- "ic-oss-types",
- "icrc-ledger-types",
- "k256",
- "num-traits",
- "serde",
- "serde_bytes",
- "sha2 0.10.8",
- "url",
-]
-
 [[package]]
 name = "ic-oss-types"
-version = "0.7.1"
+version = "0.7.2"
 dependencies = [
  "base64 0.21.7",
  "candid",
  "ciborium",
+ "coset",
  "crc32fast",
  "ed25519-dalek",
  "hex",
@@ -1525,7 +1505,7 @@ checksum = "8de254dd67bbd58073e23dc1c8553ba12fa1dc610a19de94ad2bbcd0460c067f"
 
 [[package]]
 name = "ic_oss_bucket"
-version = "0.7.1"
+version = "0.7.2"
 dependencies = [
  "base64 0.21.7",
  "bytes",
@@ -1538,7 +1518,6 @@ dependencies = [
  "ic-cdk 0.15.1",
  "ic-cdk-timers",
  "ic-http-certification",
- "ic-oss-cose",
  "ic-oss-types",
  "ic-stable-structures",
  "icrc-ledger-types",
@@ -1554,7 +1533,7 @@ dependencies = [
 
 [[package]]
 name = "ic_oss_cluster"
-version = "0.7.1"
+version = "0.7.2"
 dependencies = [
  "base64 0.21.7",
  "bytes",
@@ -1565,7 +1544,6 @@ dependencies = [
  "hex",
  "ic-cdk 0.15.1",
  "ic-cdk-timers",
- "ic-oss-cose",
  "ic-oss-types",
  "ic-stable-structures",
  "serde",
diff --git a/Cargo.toml b/Cargo.toml
index aaa0a4e..c9e114f 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -6,7 +6,6 @@ members = [
   "src/ic_oss_can",
   "src/ic_oss",
   "src/ic_oss_cli",
-  "src/ic_oss_cose",
   "examples/ai_canister",
 ]
 resolver = "2"
@@ -18,7 +17,7 @@ strip = true
 opt-level = 's'
 
 [workspace.package]
-version = "0.7.1"
+version = "0.7.2"
 edition = "2021"
 repository = "https://github.com/ldclabs/ic-oss"
 keywords = ["file", "storage", "oss", "s3", "icp"]
diff --git a/src/ic_oss_bucket/Cargo.toml b/src/ic_oss_bucket/Cargo.toml
index 2815e3f..1e85014 100644
--- a/src/ic_oss_bucket/Cargo.toml
+++ b/src/ic_oss_bucket/Cargo.toml
@@ -37,4 +37,3 @@ getrandom = { workspace = true }
 lazy_static = "1.4"
 hyperx = { git = "https://github.com/ldclabs/hyperx", rev = "4b9bd373b8c4d29a32e59912bf598ba69273c032" }
 ic-oss-types = { path = "../ic_oss_types", version = "0.7" }
-ic-oss-cose = { path = "../ic_oss_cose", version = "0.7" }
diff --git a/src/ic_oss_bucket/src/store.rs b/src/ic_oss_bucket/src/store.rs
index fc93a6d..f322390 100644
--- a/src/ic_oss_bucket/src/store.rs
+++ b/src/ic_oss_bucket/src/store.rs
@@ -4,8 +4,8 @@ use ic_http_certification::{
     cel::{create_cel_expr, DefaultCelBuilder},
     HttpCertification, HttpCertificationPath, HttpCertificationTree, HttpCertificationTreeEntry,
 };
-use ic_oss_cose::{Token, BUCKET_TOKEN_AAD};
 use ic_oss_types::{
+    cose::{Token, BUCKET_TOKEN_AAD},
     file::{
         FileChunk, FileInfo, UpdateFileInput, CHUNK_SIZE, MAX_FILE_SIZE, MAX_FILE_SIZE_PER_CALL,
     },
diff --git a/src/ic_oss_cluster/Cargo.toml b/src/ic_oss_cluster/Cargo.toml
index a4cd03b..47ab7d0 100644
--- a/src/ic_oss_cluster/Cargo.toml
+++ b/src/ic_oss_cluster/Cargo.toml
@@ -28,4 +28,3 @@ serde = { workspace = true }
 serde_bytes = { workspace = true }
 getrandom = { workspace = true }
 ic-oss-types = { path = "../ic_oss_types", version = "0.7" }
-ic-oss-cose = { path = "../ic_oss_cose", version = "0.7" }
diff --git a/src/ic_oss_cluster/src/api_admin.rs b/src/ic_oss_cluster/src/api_admin.rs
index d877b57..a7e196d 100644
--- a/src/ic_oss_cluster/src/api_admin.rs
+++ b/src/ic_oss_cluster/src/api_admin.rs
@@ -1,12 +1,12 @@
 use candid::Principal;
 use ic_cdk::api::management_canister::main::*;
-use ic_oss_cose::{
-    cose_sign1, coset::CborSerializable, sha256, Token as CoseToken, BUCKET_TOKEN_AAD,
-    CLUSTER_TOKEN_AAD, ES256K,
-};
 use ic_oss_types::{
     bucket::Token,
     cluster::{AddWasmInput, DeployWasmInput},
+    cose::{
+        cose_sign1, coset::CborSerializable, sha256, Token as CoseToken, BUCKET_TOKEN_AAD,
+        CLUSTER_TOKEN_AAD, ES256K,
+    },
     format_error,
     permission::Policies,
 };
diff --git a/src/ic_oss_cluster/src/api_auth.rs b/src/ic_oss_cluster/src/api_auth.rs
index a615a92..8ffad8d 100644
--- a/src/ic_oss_cluster/src/api_auth.rs
+++ b/src/ic_oss_cluster/src/api_auth.rs
@@ -1,5 +1,5 @@
 use candid::Principal;
-use ic_oss_cose::{
+use ic_oss_types::cose::{
     cose_sign1, coset::CborSerializable, sha256, Token, BUCKET_TOKEN_AAD, CLUSTER_TOKEN_AAD, ES256K,
 };
 use serde_bytes::ByteBuf;
diff --git a/src/ic_oss_cluster/src/store.rs b/src/ic_oss_cluster/src/store.rs
index 382633b..3293f33 100644
--- a/src/ic_oss_cluster/src/store.rs
+++ b/src/ic_oss_cluster/src/store.rs
@@ -1,8 +1,8 @@
 use candid::Principal;
 use ciborium::{from_reader, into_writer};
-use ic_oss_cose::{sha256, CLUSTER_TOKEN_AAD};
 use ic_oss_types::{
     cluster::{AddWasmInput, BucketDeploymentInfo, ClusterInfo},
+    cose::{sha256, CLUSTER_TOKEN_AAD},
     permission::Policies,
 };
 use ic_stable_structures::{
diff --git a/src/ic_oss_cose/Cargo.toml b/src/ic_oss_cose/Cargo.toml
deleted file mode 100644
index adb340f..0000000
--- a/src/ic_oss_cose/Cargo.toml
+++ /dev/null
@@ -1,27 +0,0 @@
-[package]
-name = "ic-oss-cose"
-description = "A Rust library based on COSE (RFC9052) and CWT (RFC8392) for issuing and verifying access tokens for the ic-oss cluster."
-publish = false                                                                                                                          # wait coset
-repository = "https://github.com/ldclabs/ic-oss/tree/main/src/ic_oss_cose"
-version.workspace = true
-edition.workspace = true
-keywords.workspace = true
-categories.workspace = true
-license.workspace = true
-
-[dependencies]
-base64 = { workspace = true }
-candid = { workspace = true }
-hex = { workspace = true }
-serde = { workspace = true }
-serde_bytes = { workspace = true }
-crc32fast = { workspace = true }
-num-traits = { workspace = true }
-url = { workspace = true }
-ciborium = { workspace = true }
-icrc-ledger-types = { workspace = true }
-k256 = { workspace = true }
-ed25519-dalek = { workspace = true }
-sha2 = { workspace = true }
-coset = "0.3.8"
-ic-oss-types = { path = "../ic_oss_types", version = "0.7" }
diff --git a/src/ic_oss_cose/README.md b/src/ic_oss_cose/README.md
deleted file mode 100644
index 98f7f4c..0000000
--- a/src/ic_oss_cose/README.md
+++ /dev/null
@@ -1,15 +0,0 @@
-# `ic-oss-cose`
-![License](https://img.shields.io/crates/l/ic-oss-cose.svg)
-[![Crates.io](https://img.shields.io/crates/d/ic-oss-cose.svg)](https://crates.io/crates/ic-oss-cose)
-[![Test](https://github.com/ldclabs/ic-oss/actions/workflows/test.yml/badge.svg)](https://github.com/ldclabs/ic-oss/actions/workflows/test.yml)
-[![Docs.rs](https://img.shields.io/docsrs/ic-oss-cose?label=docs.rs)](https://docs.rs/ic-oss-cose)
-[![Latest Version](https://img.shields.io/crates/v/ic-oss-cose.svg)](https://crates.io/crates/ic-oss-cose)
-
-[ic-oss](https://github.com/ldclabs/ic-oss) is a decentralized Object Storage Service on the Internet Computer.
-
-`ic-oss-cose` is a Rust library based on COSE (RFC9052) and CWT (RFC8392) for issuing and verifying access tokens for the `ic-oss` cluster.
-
-## License
-Copyright © 2024 [LDC Labs](https://github.com/ldclabs).
-
-`ldclabs/ic-oss` is licensed under the MIT License. See [LICENSE](../../LICENSE-MIT) for the full license text.
\ No newline at end of file
diff --git a/src/ic_oss_types/Cargo.toml b/src/ic_oss_types/Cargo.toml
index 92afd1b..5addec3 100644
--- a/src/ic_oss_types/Cargo.toml
+++ b/src/ic_oss_types/Cargo.toml
@@ -23,3 +23,4 @@ icrc-ledger-types = { workspace = true }
 k256 = { workspace = true }
 ed25519-dalek = { workspace = true }
 sha2 = { workspace = true }
+coset = "0.3.8"
diff --git a/src/ic_oss_cose/src/lib.rs b/src/ic_oss_types/src/cose.rs
similarity index 98%
rename from src/ic_oss_cose/src/lib.rs
rename to src/ic_oss_types/src/cose.rs
index 7949c8d..977bff2 100644
--- a/src/ic_oss_cose/src/lib.rs
+++ b/src/ic_oss_types/src/cose.rs
@@ -4,7 +4,6 @@ use coset::{
     iana, Algorithm, CborSerializable, CoseSign1, CoseSign1Builder, HeaderBuilder,
 };
 use ed25519_dalek::{Signature, VerifyingKey};
-use ic_oss_types::bucket;
 use k256::{ecdsa, ecdsa::signature::hazmat::PrehashVerifier};
 use num_traits::ToPrimitive;
 use serde::{Deserialize, Serialize};
@@ -14,6 +13,8 @@ use sha2::Digest;
 pub use coset;
 pub use iana::Algorithm::{EdDSA, ES256K};
 
+use crate::bucket;
+
 const CLOCK_SKEW: i64 = 5 * 60; // 5 minutes
 const ALG_ED25519: Algorithm = Algorithm::Assigned(EdDSA);
 const ALG_SECP256K1: Algorithm = Algorithm::Assigned(ES256K);
@@ -197,8 +198,8 @@ pub fn sha256(data: &[u8]) -> [u8; 32] {
 #[cfg(test)]
 mod test {
     use super::*;
+    use crate::permission::{Operation, Permission, Policies, Policy, Resource, Resources};
     use ed25519_dalek::Signer;
-    use ic_oss_types::permission::{Operation, Permission, Policies, Policy, Resource, Resources};
 
     #[test]
     fn test_ed25519_token() {
diff --git a/src/ic_oss_types/src/lib.rs b/src/ic_oss_types/src/lib.rs
index 7bd4fdd..70ffb5e 100644
--- a/src/ic_oss_types/src/lib.rs
+++ b/src/ic_oss_types/src/lib.rs
@@ -9,6 +9,7 @@ use std::collections::BTreeMap;
 
 pub mod bucket;
 pub mod cluster;
+pub mod cose;
 pub mod file;
 pub mod folder;
 pub mod permission;