Expand description
Trust state machine — v0.1 minimal subset.
Tier semantics:
- UNTRUSTED: card pinned, SAS not yet confirmed; messages ignored.
- VERIFIED: SAS confirmed bilateral; messages accepted.
- ATTESTED: reserved (v0.2+) — used today only for self-attest.
- TRUSTED: reserved (v0.2+).
Promotion is one-way (UNTRUSTED → VERIFIED). Demotion would be ambiguous in a bilateral setting and is deliberately not modeled.
Enums§
Functions§
- add_
agent_ card_ pin - Pin a peer’s card into our trust at the given tier (default UNTRUSTED).
- add_
self_ to_ trust - Self-pin our own keypair into trust at ATTESTED. Convenience for
wire init. - empty_
trust - get_
tier - promote_
to_ verified - Promote UNTRUSTED → VERIFIED. Returns
Err(reason)if not pinned or already past UNTRUSTED (promotion is one-way). - tier_
order - Tier ranking — higher is more trusted. Useful for
>=gating.
Type Aliases§
- Trust
- Trust state — kept as a free-form JSON Value so we can persist + read with any conforming impl. v0.2+ may swap this for a typed struct.