pub struct PeerCommitmentRecord {
pub commitment_capable: bool,
pub received_at: Instant,
pub last_sig_verify_at: Instant,
/* private fields */
}Expand description
Auditor-side per-peer commitment state.
Holds two things that together implement v10/v12 §2 step 5 and §6:
last_commitment: the most recently received, verified, signed commitment from this peer.Noneif we’ve evicted it (TTL, sybil cap, peer-removed) or never received one.commitment_capable: a sticky boolean that flips totrueon the first successful gossip ingest and NEVER reverts. Used by holder-eligibility (§6) and bootstrap-claim shield: a peer that has at least once proven it speaks v12 is forever held to that standard. Without stickiness, a peer could flip the flag off by silencing its gossip and downgrade to the weaker legacy audit path.
Fields§
§commitment_capable: boolSticky: true once this peer has gossiped a valid commitment.
Set on ingest. Never set back to false except by full
PeerRemoved cleanup.
received_at: InstantWhen last_commitment was received. Used for TTL on the
commitment itself (independent of the commitment_capable
stickiness — losing the commitment via TTL doesn’t make us
forget the peer ever spoke v12).
last_sig_verify_at: InstantLast time we performed an ML-DSA signature verify for this peer’s commitment. Used to enforce the §2 step 3 rate limit (at most one sig verify per peer per 60s).
Implementations§
Source§impl PeerCommitmentRecord
impl PeerCommitmentRecord
Sourcepub fn from_verified(commitment: StorageCommitment, now: Instant) -> Self
pub fn from_verified(commitment: StorageCommitment, now: Instant) -> Self
Construct from a freshly-verified commitment. commitment_capable
is set to true here and must remain so for the lifetime of the
record.
Sourcepub fn capable_but_no_commitment(now: Instant) -> Self
pub fn capable_but_no_commitment(now: Instant) -> Self
Mark commitment-capable without storing a commitment (used when we’ve TTL-expired the commitment itself but want to remember the peer has spoken v12 before).
Sourcepub fn last_commitment(&self) -> Option<&StorageCommitment>
pub fn last_commitment(&self) -> Option<&StorageCommitment>
The stored commitment, if any. Read-only view of the private field.
Sourcepub fn commitment_hash(&self) -> Option<[u8; 32]>
pub fn commitment_hash(&self) -> Option<[u8; 32]>
The cached commitment_hash of the stored commitment (§13) — None
when no commitment is held. Avoids re-serializing/re-hashing on every
verifier snapshot.
Sourcepub fn set_commitment(&mut self, commitment: StorageCommitment, now: Instant)
pub fn set_commitment(&mut self, commitment: StorageCommitment, now: Instant)
Replace the stored commitment and refresh the cached hash together, so the two never drift.
Sourcepub fn clear_commitment(&mut self)
pub fn clear_commitment(&mut self)
Drop the stored commitment and its cached hash together.
Trait Implementations§
Source§impl Clone for PeerCommitmentRecord
impl Clone for PeerCommitmentRecord
Source§fn clone(&self) -> PeerCommitmentRecord
fn clone(&self) -> PeerCommitmentRecord
1.0.0 (const: unstable) · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source. Read moreAuto Trait Implementations§
impl Freeze for PeerCommitmentRecord
impl RefUnwindSafe for PeerCommitmentRecord
impl Send for PeerCommitmentRecord
impl Sync for PeerCommitmentRecord
impl Unpin for PeerCommitmentRecord
impl UnsafeUnpin for PeerCommitmentRecord
impl UnwindSafe for PeerCommitmentRecord
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
impl<ST, DT> CastableFrom<ST, Initialized, Initialized> for DT
impl<ST, DT> CastableFrom<ST, Uninit, Uninit> for DT
Source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
Source§impl<T> Instrument for T
impl<T> Instrument for T
Source§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
Source§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
Source§impl<T> IntoEither for T
impl<T> IntoEither for T
Source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
self into a Left variant of Either<Self, Self>
if into_left is true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read moreSource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
self into a Left variant of Either<Self, Self>
if into_left(&self) returns true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read more