Expand description
§Hardbound
Public trait surface for the hardware-bound enterprise trust tier of Web4. Hardbound implementations anchor identity, vault keys, witness chain signatures, and policy decisions in hardware (TPM 2.0, YubiKey, Secure Enclave, HSM, etc.).
This crate is the contract, not the implementation. The
reference closed-source implementation lives at
https://metalinxx.io. Any compatible implementation that
satisfies these traits can plug into the Hestia daemon at
the hardware-trust extension point.
§Four primitives
| Trait | Replaces in consumer Hestia |
|---|---|
TrustedKeyProvider | software-derived sovereign LCT |
SealedVault | passphrase-derived AEAD key |
AttestationSigner | Phase-1 placeholder signer LCT |
OversightPolicy | default-allow stub |
See https://github.com/dp-web4/hestia/blob/main/demo/enterprise/README.md
for the architectural map and the rationale behind each replacement.
§Status
0.0.1 — initial contract. Trait shapes may shift before 0.1.0.
Implementations should pin a minor version and watch the changelog.
Structs§
- Attestation
- One attested signature over a payload, signed by a
TrustedKeyProviderinside its hardware anchor. - Policy
Action - A pending action to be evaluated against policy.
Enums§
- Error
- Categories of failure an implementation may report. The contract avoids being prescriptive about the underlying hardware error — most callers care about which class of failure happened.
- Policy
Decision - Policy verdict for a
PolicyAction.
Constants§
- VERSION
- Crate version, for runtime banner messages.
Traits§
- Attestation
Signer - Produces
Attestations over arbitrary payloads. - Oversight
Policy - A policy engine. Implementations may be:
- Sealed
Vault - A vault whose AEAD key is unsealed only on the originally-bound hardware.
- Trusted
KeyProvider - A handle to key material that lives inside hardware.
Type Aliases§
- Result
- Result alias used across the contract.