Skip to main content

verify_commit_against_kel

Function verify_commit_against_kel 

Source
pub async fn verify_commit_against_kel(
    commit_bytes: &[u8],
    device_kel: &[Event],
    root_kel: &[Event],
    pinned_roots: &[String],
    provider: &dyn CryptoProvider,
) -> CommitVerdict
Expand description

Verify a commit purely by KEL replay + delegation + in-process SSH-signature check.

Args:

  • commit_bytes: The raw git commit object (with the gpgsig SSH signature).
  • device_kel: The signer device’s KEL events (a dip, or the root’s icp when the root signs directly).
  • root_kel: The root identity’s KEL events (the delegator).
  • pinned_roots: Trusted root did:keri: strings (from .auths/roots).
  • provider: Crypto provider for in-process signature verification.

Usage:

let verdict = verify_commit_against_kel(commit, &device_kel, &root_kel, &pinned, &provider).await;
assert!(verdict.is_valid());