Summary
The Heima TEE worker issues JWT-format auth tokens (tee-worker/omni-executor/core/src/auth/auth_token.rs), but calling them "JWT" in AgentKeys documentation and code is misleading. "JWT" implies short-lived, stateless, disposable tokens — but AgentKeys uses these as long-lived (30-day) bearer credentials that warrant high-security storage (OS keychain, memfd_secret, zeroize).
The term "JWT" causes reviewers and contributors to underestimate the security requirements for token storage and memory hygiene.
Proposal
Rename across AgentKeys codebase and documentation:
- "JWT auth token" → "session token" or "auth bearer token" or "TEE-issued bearer"
- The underlying format can stay JWT (signed, stateless verification) — only the user-facing name changes
- Heima-side rename is tracked separately (coordinate with Kai)
What needs to change
AgentKeys side (our repo)
Heima side (coordinate with Kai)
Why this matters
A 30-day bearer credential that grants TEE access to read all scoped credentials is a high-security item. Calling it "JWT" leads to:
- "JWTs are stateless and disposable, so we don't need memfd_secret" — wrong for 30-day tokens
- "JWTs don't need keychain, a plain file is fine" — wrong for high-value bearers
- "JWT leak is bounded by TTL" — technically true, but 30 days is not "bounded" in any practical sense
The rename makes the security posture obvious from the name itself.
References
wiki/blockchain-tee-architecture.md Section 4, 6 — JWT model documentationwiki/key-security.md Section 2 — auth token storage recommendations- Heima source:
tee-worker/omni-executor/core/src/auth/auth_token.rs
Summary
The Heima TEE worker issues JWT-format auth tokens (
tee-worker/omni-executor/core/src/auth/auth_token.rs), but calling them "JWT" in AgentKeys documentation and code is misleading. "JWT" implies short-lived, stateless, disposable tokens — but AgentKeys uses these as long-lived (30-day) bearer credentials that warrant high-security storage (OS keychain, memfd_secret, zeroize).The term "JWT" causes reviewers and contributors to underestimate the security requirements for token storage and memory hygiene.
Proposal
Rename across AgentKeys codebase and documentation:
What needs to change
AgentKeys side (our repo)
wiki/blockchain-tee-architecture.md,wiki/key-security.md,wiki/serve-and-audit.md— replace "JWT" terminologydocs/spec/1-step-analysis.md,docs/spec/tech-brief.md— update correction notesSession.tokenfield naming is already generic (good); any future JWT-specific code should use the new termHeima side (coordinate with Kai)
tee-worker/omni-executor/core/src/auth/auth_token.rs— renameAuthTokenClaimsand related typestee-worker/omni-executor/rpc-server/src/auth_token_key_store.rs— rename key storerequest_auth_token.request.ts— rename request functionWhy this matters
A 30-day bearer credential that grants TEE access to read all scoped credentials is a high-security item. Calling it "JWT" leads to:
The rename makes the security posture obvious from the name itself.
References
wiki/blockchain-tee-architecture.mdSection 4, 6 — JWT model documentationwiki/key-security.mdSection 2 — auth token storage recommendationstee-worker/omni-executor/core/src/auth/auth_token.rs