Skip to main content

DeRecSecret

derec_proto

Struct DeRecSecret 

Source 
pub struct DeRecSecret {
    pub secret_data: Vec<u8>,
    pub creation_time: Option<Timestamp>,
    pub helper_threshold_for_recovery: i64,
    pub helper_threshold_for_confirming_share_receipt: i64,
    pub helpers: Vec<HelperSpecificInfo>,
}
Expand description

DeRecSecret represents the canonical structure of the secret material that is encrypted and distributed across Helpers.

§Context

Before distribution:

  • the Owner constructs a DeRecSecret
  • the secretData is encrypted (e.g., via AES-GCM)
  • the encryption key is split using a secret sharing scheme (e.g., Shamir)

The resulting shares are then distributed to Helpers.

This message defines the structure used by “share algorithm 0”.

§Semantics

A DeRecSecret contains:

  • the raw secret payload
  • metadata describing the sharing configuration
  • the set of Helpers and their associated parameters

This metadata is critical for:

  • reconstructing the secret during recovery
  • validating the integrity and configuration of shares

§Thresholds

Two thresholds are defined:

  1. Recovery threshold:

    • Minimum number of Helpers required to reconstruct the secret

  2. Confirmation threshold:

    • Minimum number of Helpers that must acknowledge receipt of a new share version before older versions can be safely deleted

§Security Considerations

  • The entire DeRecSecret MUST be encrypted before distribution
  • Helpers MUST NOT have access to the plaintext secretData
  • Metadata should not leak sensitive information beyond what is required

§Versioning

Each share distribution version implicitly corresponds to a snapshot of this structure. Changes to:

  • secretData
  • helper set
  • thresholds

result in a new version being generated and distributed.

Fields§

§secret_data: Vec<u8>

Arbitrary secret payload.

This may include cryptographic keys, credentials, documents, or any serialized data the Owner wishes to protect.

§creation_time: Option<Timestamp>

Timestamp indicating when this secret (or this version of it) was created.

Used for auditing, version tracking, and observability.

§helper_threshold_for_recovery: i64

Minimum number of Helpers required to reconstruct the secret.

This corresponds to the threshold parameter of the underlying secret sharing scheme.

§helper_threshold_for_confirming_share_receipt: i64

Minimum number of Helpers that must confirm receipt of a share before older versions can be deleted.

This ensures that sufficient redundancy exists before removing previous share versions.

§helpers: Vec<HelperSpecificInfo>

List of Helpers participating in this secret.

Each entry defines:

  • the identity of the Helper
  • the parameters agreed with that Helper

The size of this list defines the total number of shares generated.

Trait Implementations§

Source§

impl Clone for DeRecSecret

Source§

fn clone(&self) -> DeRecSecret

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for DeRecSecret

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for DeRecSecret

Source§

fn default() -> Self

Returns the “default value” for a type. Read more
Source§

impl Message for DeRecSecret

Source§

fn encoded_len(&self) -> usize

Returns the encoded length of the message without a length delimiter.
Source§

fn clear(&mut self)

Clears the message, resetting all fields to their default.
Source§

fn encode(&self, buf: &mut impl BufMut) -> Result<(), EncodeError>
where Self: Sized,

Encodes the message to a buffer. Read more
Source§

fn encode_to_vec(&self) -> Vec<u8>
where Self: Sized,

Encodes the message to a newly allocated buffer.
Source§

fn encode_length_delimited( &self, buf: &mut impl BufMut, ) -> Result<(), EncodeError>
where Self: Sized,

Encodes the message with a length-delimiter to a buffer. Read more
Source§

fn encode_length_delimited_to_vec(&self) -> Vec<u8>
where Self: Sized,

Encodes the message with a length-delimiter to a newly allocated buffer.
Source§

fn decode(buf: impl Buf) -> Result<Self, DecodeError>
where Self: Default,

Decodes an instance of the message from a buffer. Read more
Source§

fn decode_length_delimited(buf: impl Buf) -> Result<Self, DecodeError>
where Self: Default,

Decodes a length-delimited instance of the message from the buffer.
Source§

fn merge(&mut self, buf: impl Buf) -> Result<(), DecodeError>
where Self: Sized,

Decodes an instance of the message from a buffer, and merges it into self. Read more
Source§

fn merge_length_delimited(&mut self, buf: impl Buf) -> Result<(), DecodeError>
where Self: Sized,

Decodes a length-delimited instance of the message from buffer, and merges it into self.
Source§

impl PartialEq for DeRecSecret

Source§

fn eq(&self, other: &DeRecSecret) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl StructuralPartialEq for DeRecSecret

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.