Skip to main content

MigrationIdentityContext

net::adapter::net::subprotocol::migration_handler

Struct MigrationIdentityContext 

Source 
pub struct MigrationIdentityContext {
    pub unseal_snapshot: EnvelopeUnsealFn,
    pub peer_static_lookup: Arc<dyn Fn(u64) -> Option<[u8; 32]> + Send + Sync>,
}
Expand description

Identity-transport context for automatic envelope seal/open in the migration dispatcher.

When populated, the handler:

  • Source path: after taking a snapshot, if the target’s X25519 static pub is known (via peer_static_lookup) AND the local daemon’s keypair is available, seal the envelope into the snapshot before chunking.
  • Target path: on SnapshotReady with an attached envelope, call unseal_snapshot to recover the daemon’s keypair, and pass that into restore_snapshot instead of whatever the factory registry has pre-registered.

A None context means the dispatcher ignores envelopes — the pre-identity-envelope fallback path where both nodes pre-register matching keypairs.

§Key hygiene

This struct used to carry the local Noise static private key as a pub [u8; 32] field. Any SDK caller with access to a MigrationIdentityContext could copy the node’s long-term secret out, which is unacceptable — the Noise static is what backs the node’s identity in the mesh, not just the envelope-open path.

The private key is now captured inside the unseal_snapshot closure (built by MeshNode::migration_identity_context) and never surfaced as a struct field. Callers can still hand the context to the dispatcher, but they cannot extract the key from it. This matches how peer_static_lookup already worked.

Fields§

§unseal_snapshot: EnvelopeUnsealFn

Open an identity envelope attached to snapshot, if present, using the local static X25519 private key captured at construction time. Returns Ok(None) when the snapshot has no envelope, Ok(Some(kp)) on a successful open, and an error string on seal-open / attestation failure.

Built by MeshNode::migration_identity_context; the closure owns a zeroize-on-drop StaticSecret so the key material is wiped when the context is dropped.

§peer_static_lookup: Arc<dyn Fn(u64) -> Option<[u8; 32]> + Send + Sync>

Callback: given a peer node_id, return its X25519 static public key if we have an active session with it. Used by the source path to pick the seal recipient.

Trait Implementations§

Source§

impl Clone for MigrationIdentityContext

Source§

fn clone(&self) -> MigrationIdentityContext

Returns a duplicate of the value. Read more
1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for MigrationIdentityContext

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more