c/quicproquo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(kt): add key revocation and Merkle-log audit support

Browse Source 
Add RevocationLog with domain-separated leaf hashes (0x02 prefix) for
tracking revoked identity keys alongside the KT MerkleLog. Includes:

- RevocationLog with O(1) lookup, serialization, and double-revoke guard
- MerkleLog.append_raw() for pre-computed hashes
- MerkleLog.audit_log(start, end) for paginated log retrieval
- RevokeKey (510), CheckRevocation (511), AuditKeyTransparency (520) RPCs
- Server domain logic + v2 handlers + FileBackedStore/SqlStore persistence
- 4 new revocation tests + all 21 KT tests + 65 server tests passing
This commit is contained in:
Christian Nennemann
2026-03-04 20:53:41 +01:00
parent f667281831
commit 1768f85258
11 changed files with 657 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
crates/quicproquo-kt/src/lib.rs
View File

@@ -25,10 +25,12 @@ use sha2::{Digest, Sha256};
mod error;
mod proof;
pub mod revocation;
mod tree;
pub use error::KtError;
pub use proof::{verify_inclusion, InclusionProof};
pub use revocation::{RevocationEntry, RevocationLog, RevocationReason};
pub use tree::MerkleLog;
/// Domain-separation prefix for leaf nodes (RFC 6962 §2.1).