feat(kt): add key revocation and Merkle-log audit support

Add RevocationLog with domain-separated leaf hashes (0x02 prefix) for tracking revoked identity keys alongside the KT MerkleLog. Includes: - RevocationLog with O(1) lookup, serialization, and double-revoke guard - MerkleLog.append_raw() for pre-computed hashes - MerkleLog.audit_log(start, end) for paginated log retrieval - RevokeKey (510), CheckRevocation (511), AuditKeyTransparency (520) RPCs - Server domain logic + v2 handlers + FileBackedStore/SqlStore persistence - 4 new revocation tests + all 21 KT tests + 65 server tests passing
2026-03-04 20:53:41 +01:00
parent f667281831
commit 1768f85258
11 changed files with 657 additions and 11 deletions
--- a/proto/qpq/v1/keys.proto
+++ b/proto/qpq/v1/keys.proto
@@ -43,3 +43,42 @@ message FetchHybridKeysRequest {
 message FetchHybridKeysResponse {
  repeated bytes keys = 1;
 }
+
+// Key revocation (method ID 510).
+message RevokeKeyRequest {
+  bytes identity_key = 1;
+  string reason = 2; // "compromised", "superseded", "user_revoked"
+}
+
+message RevokeKeyResponse {
+  bool success = 1;
+  uint64 leaf_index = 2; // Index of revocation entry in the KT Merkle log
+}
+
+// Check revocation status (method ID 511).
+message CheckRevocationRequest {
+  bytes identity_key = 1;
+}
+
+message CheckRevocationResponse {
+  bool revoked = 1;
+  string reason = 2;
+  uint64 timestamp_ms = 3;
+}
+
+// KT audit log retrieval (method ID 520).
+message AuditKeyTransparencyRequest {
+  uint64 start = 1;
+  uint64 end = 2; // 0 = up to current size
+}
+
+message AuditKeyTransparencyResponse {
+  repeated LogEntry entries = 1;
+  uint64 tree_size = 2;
+  bytes root = 3;
+}
+
+message LogEntry {
+  uint64 index = 1;
+  bytes leaf_hash = 2;
+}