Module agent_key 

AgentKey — a short-lived per-agent ed25519 sub-key, certified by a UserKey.

Agent keys are issued in memory (AgentKey::issue) and never persisted. Each one carries a CertChain proving the user signed off on this agent’s identity and metadata. Peers verify the cert chain once on first contact and cache the agent’s public key.

Structs

AgentKey

A short-lived per-agent keypair, signed by the user’s root key.

AgentMetadata

Metadata claimed by an agent at certificate-issue time. These fields are signed by the user; they cannot be tampered with without invalidating the cert.

CertChain

The proof that this agent serves a specific user — directly (root) or through a chain of attenuating delegations.

SerdeSig

Newtype wrapping Signature so it can roundtrip through serde (the dalek type intentionally doesn’t derive Serialize).

Enums

Issuer

Who signed a CertChain — the trust anchor for that link.