Expand description
SP-capability-v2 revocation-store trait + reference impl.
- Trait
UcanRevocationStore(read-onlyis_revoked) is the contract the verifier (Phase B.2) consults on every chain link. InMemoryUcanRevocationStore(Phase E) is the reference impl for tests + small deployments. Adopters wrap their own revocation table behind the same trait (celia’sconsent.status='revoked'rows + newucan_cidindex — spec §6).
Design choice: revoke() is inherent on InMemoryUcanRevocationStore
rather than required on the trait. Rationale — production adopters
revoke via adopter-specific paths (celia Tauri command + recursive
SQL cascade; future atd-ref-server admin CLI; etc.) whose signatures
differ. Keeping the trait read-only matches the verifier’s actual
need, and avoids forcing every wrapper to expose a mutator it
doesn’t have. SP-capability-v2 §4.7 leaves “how revocations get
recorded” deliberately adopter-side.
Spec: docs/archive/superpowers/specs/2026-05-11-sp-capability-v2-design.md §4.7
Structs§
- InMemory
Ucan Revocation Store - Reference revocation store: an
Arc<RwLock<HashSet<String>>>of revoked CIDs. Suitable for tests and small in-process deployments.
Traits§
- Ucan
Revocation Store - A store that can answer “has this UCAN been revoked?” for a CID.