Skip to main content

aura_core/effects/
guardian.rs

1//! Guardian relationship effect trait
2//!
3//! Application-level effects for creating and managing guardian bindings
4//! via relational contexts. Implementations live in higher layers (protocol
5//! or feature crates) and must use consensus-backed GuardianBinding facts.
6
7use crate::frost::{PublicKeyPackage, Share};
8use crate::relational::{GuardianBinding, GuardianParameters};
9use crate::time::PhysicalTime;
10use crate::types::epochs::Epoch;
11use crate::{AuthorityId, ContextId, Hash32, Result};
12use async_trait::async_trait;
13use std::collections::HashMap;
14
15/// Input for requesting or cancelling a guardian relationship
16#[derive(Debug, Clone)]
17pub struct GuardianRequestInput {
18    /// Relational context where the request is recorded
19    pub context: ContextId,
20    /// Account authority to be protected
21    pub account: AuthorityId,
22    /// Prospective guardian authority
23    pub guardian: AuthorityId,
24    /// Commitment of the account authority (reduced state)
25    pub account_commitment: Hash32,
26    /// Commitment of the guardian authority (reduced state)
27    pub guardian_commitment: Hash32,
28    /// Parameters proposed for this guardian binding
29    pub parameters: GuardianParameters,
30    /// Timestamp when the request is made (uses unified time system)
31    pub requested_at: PhysicalTime,
32    /// Optional expiration for the request (uses unified time system)
33    pub expires_at: Option<PhysicalTime>,
34}
35
36impl GuardianRequestInput {
37    /// Get timestamp in milliseconds (backward compatibility)
38    pub fn requested_at_ms(&self) -> u64 {
39        self.requested_at.ts_ms
40    }
41
42    /// Get expiration in milliseconds (backward compatibility)
43    pub fn expires_at_ms(&self) -> Option<u64> {
44        self.expires_at.as_ref().map(|t| t.ts_ms)
45    }
46}
47
48/// Consensus inputs required to finalize a guardian binding
49#[derive(Debug, Clone)]
50pub struct GuardianAcceptInput {
51    /// Relational context where the binding will be stored
52    pub context: ContextId,
53    /// Account authority being protected
54    pub account: AuthorityId,
55    /// Guardian authority
56    pub guardian: AuthorityId,
57    /// Commitment of the account authority (prestate)
58    pub account_commitment: Hash32,
59    /// Commitment of the guardian authority (prestate)
60    pub guardian_commitment: Hash32,
61    /// Guardian binding parameters
62    pub parameters: GuardianParameters,
63    /// Consensus key packages for witnesses (indexed by AuthorityId)
64    pub key_packages: HashMap<AuthorityId, Share>,
65    /// Group public key for the witness set
66    pub group_public_key: PublicKeyPackage,
67    /// Epoch for consensus
68    pub epoch: Epoch,
69    // Note: Consensus configuration hash (witness set, quorum) already encoded
70    // into the public key / packages; kept explicit for future config
71}
72
73#[async_trait]
74pub trait GuardianEffects: Send + Sync {
75    /// Record a guardian request in the relational context
76    async fn request_guardian(&self, input: GuardianRequestInput) -> Result<()>;
77
78    /// Cancel a previously issued guardian request
79    async fn cancel_guardian_request(&self, input: GuardianRequestInput) -> Result<()>;
80
81    /// Accept a guardian request and create a consensus-backed GuardianBinding
82    async fn accept_guardian_request(&self, input: GuardianAcceptInput) -> Result<GuardianBinding>;
83}