arkhe-forge-platform 0.13.0

L2 services for ArkheForge Runtime: projection observer, manifest loader, policy, rate limiter, audit receipts, crypto-erasure coordinator, process-protection shim. Builds on L0 arkhe-kernel + L1 arkhe-forge-core.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33

//! Multi-KMS infrastructure — health + threshold HSM + KMS abstraction.
//!
//! Mitigates the HSM operator collusion threat (actor 5).
//! Submodules:
//!
//! - [`health`] — multi-channel health check (DoH / alternate region /
//!   static-IP, N-of-M quorum).
//! - `threshold` (feature `tier-2-multi-kms`) — byte-level GF(256) Shamir
//!   `t-of-n` secret sharing for the auto_promote authorization token.
//! - [`journal`] — consumed-token audit journal (in-memory dev impl;
//!   production wires a chain-signed persistent backend on top).
//! - [`kms_backend`] — `KmsBackend` trait + [`MockKmsBackend`] Tier-0 impl.
//!
//! Real KMS-specific implementations (AWS, GCP, Azure) sit behind feature
//! gates — see the `tier-2-aws-kms` feature in `Cargo.toml`.

pub mod health;
pub mod journal;
pub mod kms_backend;

// Threshold HSM is a Tier-2 feature: shells that never run multi-KMS HA
// (Tier-0 dev, Tier-1 free-tier KMS) do not need the Shamir surface and
// would otherwise pay the `getrandom` link cost.
#[cfg(feature = "tier-2-multi-kms")]
pub mod threshold;

#[cfg(feature = "tier-2-aws-kms")]
pub mod aws_kms;

pub use kms_backend::{KekRef, KeyDeletionAttestation, KmsBackend, KmsError, MockKmsBackend};

#[cfg(feature = "tier-2-aws-kms")]
pub use aws_kms::AwsKmsBackend;