Skip to main content

KeyRegistry

aion_context::key_registry

Struct KeyRegistry 

Source 
pub struct KeyRegistry { /* private fields */ }
Expand description

Authoritative registry of master keys and operational-key epochs.

Implementations§

Source§

impl KeyRegistry

Source

pub fn new() -> Self

Construct an empty registry.

Source

pub fn register_author( &mut self, author: AuthorId, master_key: VerifyingKey, initial_operational_key: VerifyingKey, created_at_version: u64, ) -> Result<()>

Register a new author with a master key and an initial operational key (epoch 0).

§Errors

Returns Err if the author is already registered.

Source

pub fn apply_rotation(&mut self, record: &KeyRotationRecord) -> Result<()>

Apply a rotation record to the registry.

§Errors

Returns Err if:

  • the author is unknown,
  • from_epoch is not the current active epoch,
  • to_epoch != from_epoch + 1,
  • effective_from_version precedes the current active epoch’s created_at_version,
  • the master signature does not verify.
Source

pub fn apply_revocation(&mut self, record: &RevocationRecord) -> Result<()>

Apply a revocation record to the registry.

§Errors

Returns Err if the author / epoch is unknown, the epoch is already revoked, or the master signature does not verify.

Source

pub fn active_epoch_at( &self, author: AuthorId, version_number: u64, ) -> Option<&KeyEpoch>

Return the operational epoch that was valid for author at version_number, or None if no epoch covers that version.

Source

pub fn master_key(&self, author: AuthorId) -> Option<&VerifyingKey>

Return the registered master key for author, if any.

Source

pub fn epochs_for(&self, author: AuthorId) -> &[KeyEpoch]

Return every recorded epoch for author, in insertion order.

Source

pub fn insert_epoch_unchecked( &mut self, author: AuthorId, epoch: u32, public_key: [u8; 32], active_from_version: u64, ) -> Result<()>

Append an epoch to author without verifying a signed rotation record.

The caller is asserting that this registry is itself the trust anchor — e.g. a pinning file the operator brings to verification. Self::apply_rotation is the signed-record path and is the correct choice when the rotation arrives from an untrusted source (transparency log, network peer).

The prior active epoch is transitioned to KeyStatus::Rotated at active_from_version. The new epoch is inserted with KeyStatus::Active status.

§Errors

Returns Err if:

  • the author is not registered,
  • epoch is not strictly greater than every existing epoch for this author,
  • active_from_version is not strictly greater than the prior active epoch’s created_at_version,
  • the author currently has no active epoch (i.e. the prior epoch is already revoked or rotated).
Source

pub fn insert_revocation_unchecked( &mut self, author: AuthorId, epoch: u32, reason: RevocationReason, effective_from_version: u64, ) -> Result<()>

Mark epoch as revoked for author without verifying a signed revocation record.

See Self::insert_epoch_unchecked for when this is the correct path vs. Self::apply_revocation.

§Errors

Returns Err if the author / epoch is unknown or already revoked.

Source

pub fn from_trusted_json(input: &str) -> Result<Self>

Load a trusted registry from the CLI JSON file format.

The on-disk shape is:

{
  "version": 1,
  "authors": [
    {
      "author_id": 50001,
      "master_key": "<base64-32-bytes>",
      "epochs": [
        { "epoch": 0, "public_key": "<base64-32-bytes>", "active_from_version": 0 }
      ],
      "revocations": []
    }
  ]
}

This is a trusted load: every epoch and revocation is inserted via the _unchecked path. Use it for operator- supplied pinning files; use Self::apply_rotation and Self::apply_revocation for records that arrived from an untrusted source.

§Errors

Returns Err if the JSON is malformed, the format version is not 1, any base64 field does not decode to exactly 32 bytes, any author appears twice, any epoch number repeats or is non-monotonic within an author, or any revocation points at an unknown epoch.

Source

pub fn to_trusted_json(&self) -> Result<String>

Serialize the registry to the trusted-JSON format parsed by Self::from_trusted_json. Authors and epochs are emitted in stable, sorted order (author_id ascending, then epoch ascending) so output is deterministic.

§Errors

Returns Err if serde_json fails to serialize — which in practice does not happen with the on-disk shape this method constructs.

Trait Implementations§

Source§

impl Debug for KeyRegistry

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for KeyRegistry

Source§

fn default() -> KeyRegistry

Returns the “default value” for a type. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more