Skip to content

v0.3.1 — rotation peer refresh (XFAIL killed)

Choose a tag to compare

@bene-art bene-art released this 03 May 18:38
9afedac

Summary

Closes #4. Communication now survives key rotation. The XFAIL test that's been the most prominent unfixed bug in the case study is gone.

What changed

When `verify_message` fails AND the REQ includes a fresh `identity_doc`, the receiver now attempts a KERI-style continuity check:

```
hash(new_doc.public_key) == cached_doc.next_key_digest
```

If the proof holds, the cache is refreshed and verification retried. If it doesn't, rejected as `invalid_signature` (treat as attack — only the original key holder could have committed to the right `next_key_digest`).

Client contract

The rotated party MUST include their fresh `identity_doc` on the first post-rotation REQ:

```python
req = build_req(
from_private_key=identity._private_key,
from_id=identity.agent_id,
to_id=peer_id,
intent="task",
payload={"action": "ping"},
identity_doc=identity.to_identity_document(), # required after rotation
)
```

Subsequent REQs to the same peer don't need `identity_doc` — the cache is now fresh.

Test results

v0.3.0 v0.3.1
Tests passing 129 131
Documented xfails 1 0
CI 3.11 / 3.12 / 3.13 green 3.11 / 3.12 / 3.13 green

Stats arc since v0.1.3

v0.1.3 (case study era) v0.3.1
Tests 118 + 1 xfail 131
Critical auth bypasses 3 0
Durability gaps 1 0
Documented xfails 1 0

Install

```bash
pip install --upgrade pact-passport
```

Remaining backlog

  • #10 cap envelope inline — wire-format change, makes delegation actually propagate (v0.4.0)
  • #11 streaming RES_CHUNK design — deferred to v0.5+