Struct ReceiptSigner 

pub struct ReceiptSigner { /* private fields */ }

Registry-side receipt minting identity: the signing key plus the DID URL it is published under in the registry’s own DID document.

Lifecycle rule (RFC-ACDP-0010, normative): retired receipt keys MUST remain in the registry DID document’s verificationMethod indefinitely — rotation removes them from assertionMethod only (stops new receipts, keeps every previously minted receipt verifiable). Deleting an old key bricks every receipt it signed.

Implementations

impl ReceiptSigner

pub fn new( key: impl Into<AcdpSigningKey>, registry_did: impl Into<String>, key_id: impl Into<String>, ) -> Result<Self, AcdpError>

Create a signer. key_id’s DID portion MUST equal registry_did, which MUST be the did:web form of the registry’s serving authority.

pub fn registry_did(&self) -> &str

The registry DID this signer mints under.

pub fn mint( &self, ctx_id: &CtxId, lineage_id: &LineageId, origin_registry: &str, created_at: DateTime<Utc>, content_hash: &ContentHash, producer_key_fingerprint: &str, ) -> Result<RegistryReceipt, AcdpError>

Mint a signed receipt for an accepted publication.

producer_key_fingerprint MUST be the fingerprint of the key the validator actually used for producer-signature verification — not re-resolved later (that is the whole historical-validity guarantee).