Raises a Spark.Error.DslError at compile verification when the
age do sensitive [...] end classification cannot hold (Spark surfaces
verifier errors as compiler diagnostics — build-blocking under
--warnings-as-errors):
- R1 — every listed name is a declared attribute. A typo would silently protect nothing.
- R2 — every sensitive attribute is binary-storage-typed
(
Ash.Type.storage_type == :binary: app-side-encrypted bytes,$age64$round-trip) or listed inskip(never written to the graph). - R3 — the multitenancy discriminator is not sensitive. It is a plaintext selector by design: Ash core injects it as a plaintext filter/force-set, and ash_age holds no key material to encrypt it.
- R4 — an
edgepropertieskey naming a sensitive attribute requires every same-named DECLARED action argument to be binary-storage-typed; otherwise the classified datum flows onto edges as plaintext through a same-named plaintext argument. (AshAge.Changes.CreateEdgeenforces the runtime half for undeclared/injected arguments.)
The verifier checks a TYPE SHAPE, not encryption: a :binary attribute
holding plaintext bytes passes. Encrypting is the host app's obligation —
ash_age cannot verify ciphertext.