Skip to main content

ProjectedContext

scp_node::projection

Struct ProjectedContext 

Source 
pub struct ProjectedContext { /* private fields */ }
Expand description

A broadcast context whose messages are projected (decrypted and served) by this node’s HTTP endpoints.

Maps epoch numbers to their corresponding BroadcastKeys so the projection handlers can decrypt messages from any epoch the node has observed. Multiple epochs are retained for the blob TTL window so messages encrypted under previous keys can still be decrypted.

Stores the context’s BroadcastAdmission mode and optional ProjectionPolicy so projection handlers can enforce authentication requirements (SCP-GG-007, SCP-GG-008).

See spec section 18.11.5.

Implementations§

Source§

impl ProjectedContext

Source

pub fn new( context_id: &str, broadcast_key: BroadcastKey, admission: BroadcastAdmission, projection_policy: Option<ProjectionPolicy>, ) -> Self

Creates a new ProjectedContext from a context ID, initial broadcast key, admission mode, and optional projection policy.

The routing ID is computed as SHA-256(context_id) per spec section 5.14.6. The key is inserted at its own epoch number. The admission mode and projection policy are stored for use by projection handlers when deciding whether to require authentication (spec section 18.11.2.1).

Source

pub const fn routing_id(&self) -> &[u8; 32]

Returns the routing ID for this projected context.

Source

pub fn context_id(&self) -> &str

Returns the context ID (hex-encoded string).

Source

pub const fn keys(&self) -> &HashMap<u64, BroadcastKey>

Returns a reference to the keys map (epoch -> broadcast key).

Source

pub const fn admission(&self) -> BroadcastAdmission

Returns the admission mode for this broadcast context.

Source

pub const fn projection_policy(&self) -> Option<&ProjectionPolicy>

Returns the projection policy, if any.

Source

pub fn insert_key(&mut self, broadcast_key: BroadcastKey)

Inserts a broadcast key for the given epoch.

Keys are retained indefinitely rather than pruned after the blob TTL window (spec §18.11.5). This is acceptable because:

  • Key rotations only occur on subscriber blocks (uncommon)
  • Each key is ~40 bytes (32-byte secret + epoch + author DID ref)
  • Even hundreds of epochs per context is negligible memory

If pruning becomes necessary, add a prune_before(epoch) method keyed to the relay’s max_blob_ttl.

Important: After a governance ban (RevokeReadAccess / governance_ban_subscriber), all author keys are rotated in the ContextManager. The caller MUST propagate the new-epoch keys to the projection registry via this method; otherwise the projection endpoint cannot decrypt content encrypted under the new keys.

Source

pub fn retain_only_epochs(&mut self, epochs: &HashSet<u64>)

Removes all keys whose epoch is NOT in the given set.

Used after a Full-scope governance ban to ensure historical content encrypted under pre-ban keys is no longer decryptable by the projection endpoint. Messages referencing purged epochs will return 410 Gone rather than serving content that a banned subscriber may have previously accessed.

Takes a set of epochs to retain (typically the new post-rotation epochs). This correctly handles epoch-divergent multi-author contexts where authors may be at different epochs.

Source

pub fn key_for_epoch(&self, epoch: u64) -> Option<&BroadcastKey>

Returns the broadcast key for the given epoch, if present.

Trait Implementations§

Source§

impl Debug for ProjectedContext

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

Source§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

Source§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

Source§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> Classify for T

Source§

type Classified = T

Source§

fn classify(self) -> T

Source§

impl<T> Declassify for T

Source§

type Declassified = T

Source§

fn declassify(self) -> T

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<Unshared, Shared> IntoShared<Shared> for Unshared
where Shared: FromUnshared<Unshared>,

Source§

fn into_shared(self) -> Shared

Creates a shared type from an unshared type.
Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more