pub struct TrustRoot {
pub log_public_key: Ed25519PublicKey,
pub log_origin: LogOrigin,
pub witnesses: Vec<TrustRootWitness>,
pub signature_algorithm: SignatureAlgorithm,
pub ecdsa_log_public_key_der: Option<Vec<u8>>,
pub independence_policy: IndependencePolicy,
}Expand description
Trust root for verifying transparency log checkpoints.
Contains the log’s signing public key and an optional witness list. For Epic 1 (fn-72), this is hardcoded in the verifier binary. TUF-based distribution comes in fn-76.
Args:
log_public_key— The Ed25519 public key of the log operator.log_origin— The log origin string for checkpoint verification.witnesses— List of trusted witness public keys and names.
Usage:
let trust_root = TrustRoot {
log_public_key: Ed25519PublicKey::from_bytes(key_bytes),
log_origin: LogOrigin::new("auths.dev/log")?,
witnesses: vec![],
};Fields§
§log_public_key: Ed25519PublicKeyThe log operator’s Ed25519 public key. Used only when
signature_algorithm == Ed25519. Under the EcdsaP256 path,
this field MUST NOT be the trust anchor — see
Self::ecdsa_log_public_key_der for that.
log_origin: LogOriginThe log origin string (e.g., “auths.dev/log”).
witnesses: Vec<TrustRootWitness>Trusted witness keys. Empty for Epic 1.
signature_algorithm: SignatureAlgorithmSignature algorithm for checkpoint verification. Defaults to Ed25519. Rekor production shard uses EcdsaP256.
ecdsa_log_public_key_der: Option<Vec<u8>>DER-encoded SubjectPublicKeyInfo for the log’s ECDSA-P256
public key. REQUIRED when signature_algorithm == EcdsaP256;
the verifier compares the bundle-carried ECDSA pubkey against
this pinned value byte-for-byte before using it to verify the
checkpoint signature. Without this field, an attacker can
submit a bundle with a self-chosen ECDSA key that verifies
its own forged signature — a classic “trust the key I sent
you” anti-pattern.
independence_policy: IndependencePolicyMinimum-diversity thresholds the actual cosigning quorum must clear,
layered on top of the n/2+1 count. Defaults to unconstrained (no
diversity required) so a legacy trust root that pins no policy keeps its
existing behavior; a commons trust root built from a pinned
witness_policy.json carries real thresholds and enforces them.