Struct UserKey 

pub struct UserKey { /* private fields */ }

A user-level ed25519 keypair. Root of trust for an agent mesh.

The private half is held in memory by this struct and zeroized on drop. Use save to persist to disk (refuses to overwrite existing files) and load to rehydrate.

Implementations

impl UserKey

pub fn generate() -> Self

Generate a fresh user key from the operating system RNG.

pub fn public(&self) -> UserPublic

Public verifying half of the key — safe to share with peers.

pub fn fingerprint(&self) -> Fingerprint

BLAKE3 fingerprint of the public key bytes.

pub fn sign(&self, message: &[u8]) -> Signature

Sign an arbitrary message with the user’s root key.

In practice this is called sparingly — typically just to issue agent certificates and the one-time GitHub binding.

pub fn save(&self, path: &Path) -> Result<()>

Save the private key to disk in PKCS#8 PEM format.

Refuses to overwrite an existing file (returns MeshError::Io with AlreadyExists). On Unix systems the resulting file is chmod 0600. The parent directory is created if it doesn’t exist.

pub fn load(path: &Path) -> Result<Self>

Load a private key previously written by save.

Trait Implementations

impl Debug for UserKey

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Drop for UserKey

fn drop(&mut self)

Executes the destructor for this type.

fn pin_drop(self: Pin<&mut Self>)

🔬This is a nightly-only experimental API. (pin_ergonomics)

Execute the destructor for this type, but different to Drop::drop, it requires self to be pinned.