barrel_p2p_dist_keys (barrel_p2p v0.1.0)

View Source

Summary

Functions

delete_key(Node)

Delete a trusted key

fingerprint(PubKey)

SHA-256 fingerprint of an Ed25519 public key. Pure helper for diagnostics (logs, key-mismatch reports). The store/lookup API is keyed by node atom, not by fingerprint.

get_trust_mode()

Get current trust mode

handle_call(Request, From, State)
handle_cast(Msg, State)
handle_info(Info, State)
init(_)
is_trusted(Node, PubKey)

Check if a node's public key is trusted. Thin wrapper around lookup_pin/1 kept for back-compat with existing boolean callers.

list_trusted()

List all trusted nodes

lookup_key(Node)

Lookup the public key for a node

lookup_pin(Node)

Tri-state pin lookup. Distinguishes "no pin recorded" from "pin exists" so callers can refuse re-pin attempts. Accepts a node atom or a (peer-supplied) name binary; a binary resolves through binary_to_existing_atom so a lookup never mints a new atom. An unknown name is not_pinned.

set_trust_mode(Mode)

Set trust mode (strict or tofu)

start_link()

Start the key storage server

store_key(Node, PubKey)

Store a public key for a node, overwriting any existing pin unconditionally. This is an operator API and is NOT reachable from the wire; the handshake path uses store_key_if_new/2, which refuses to re-pin a different key. To rotate a peer's pin deliberately, delete_key/1 then store_key/2.

store_key_if_new(Node, PubKey)

Store a key if no key exists for this node (TOFU mode)

terminate(Reason, State)

Functions

delete_key(Node)

-spec delete_key(node()) -> ok.

Delete a trusted key

fingerprint(PubKey)

-spec fingerprint(binary()) -> binary().

SHA-256 fingerprint of an Ed25519 public key. Pure helper for diagnostics (logs, key-mismatch reports). The store/lookup API is keyed by node atom, not by fingerprint.

get_trust_mode()

-spec get_trust_mode() -> strict | tofu.

Get current trust mode

handle_call(Request, From, State)

handle_cast(Msg, State)

handle_info(Info, State)

init(_)

is_trusted(Node, PubKey)

-spec is_trusted(node(), binary()) -> boolean().

Check if a node's public key is trusted. Thin wrapper around lookup_pin/1 kept for back-compat with existing boolean callers.

list_trusted()

-spec list_trusted() ->
                      [#peer_key{node :: node() | undefined,
                                 fingerprint :: binary() | undefined,
                                 public_key :: binary(),
                                 added_at :: integer(),
                                 last_seen :: integer(),
                                 trust_level :: permanent | tofu}].

List all trusted nodes

lookup_key(Node)

-spec lookup_key(node()) -> {ok, binary()} | {error, not_found}.

Lookup the public key for a node

lookup_pin(Node)

-spec lookup_pin(node() | binary() | term()) -> not_pinned | {pinned, binary()}.

Tri-state pin lookup. Distinguishes "no pin recorded" from "pin exists" so callers can refuse re-pin attempts. Accepts a node atom or a (peer-supplied) name binary; a binary resolves through binary_to_existing_atom so a lookup never mints a new atom. An unknown name is not_pinned.

set_trust_mode(Mode)

-spec set_trust_mode(strict | tofu) -> ok.

Set trust mode (strict or tofu)

start_link()

-spec start_link() -> {ok, pid()} | ignore | {error, term()}.

Start the key storage server

store_key(Node, PubKey)

-spec store_key(node() | term(), binary()) -> ok | {error, term()}.

Store a public key for a node, overwriting any existing pin unconditionally. This is an operator API and is NOT reachable from the wire; the handshake path uses store_key_if_new/2, which refuses to re-pin a different key. To rotate a peer's pin deliberately, delete_key/1 then store_key/2.

store_key_if_new(Node, PubKey)

-spec store_key_if_new(node() | term(), binary()) -> ok | {error, term()}.

Store a key if no key exists for this node (TOFU mode)

terminate(Reason, State)