feat(user-agent-auth): add RSA and ECDSA auth key types

Extend user-agent authentication to support Ed25519, ECDSA (secp256k1), and RSA (PSS+SHA-256) with minimal protocol and storage changes. Add key_type to auth requests and useragent_client, update key parsing/signature verification paths, and keep backward compatibility by treating UNSPECIFIED as Ed25519.
2026-03-14 12:14:30 +01:00
parent a3c401194f
commit 6030f30901
20 changed files with 556 additions and 124 deletions
--- a/server/crates/arbiter-proto/Cargo.toml
+++ b/server/crates/arbiter-proto/Cargo.toml
@@ -24,6 +24,7 @@ async-trait.workspace = true

 [build-dependencies]
 tonic-prost-build = "0.14.3"
+protoc-bin-vendored = "3"

 [dev-dependencies]
 rstest.workspace = true
--- a/server/crates/arbiter-proto/build.rs
+++ b/server/crates/arbiter-proto/build.rs
@@ -3,6 +3,11 @@ use tonic_prost_build::configure;
 static PROTOBUF_DIR: &str = "../../../protobufs";

 fn main() -> Result<(), Box<dyn std::error::Error>> {
+    if std::env::var("PROTOC").is_err() {
+        println!("cargo:warning=PROTOC environment variable not set, using vendored protoc");
+        let protoc = protoc_bin_vendored::protoc_bin_path().unwrap();
+        unsafe { std::env::set_var("PROTOC", protoc) };
+    }

    println!("cargo::rerun-if-changed={PROTOBUF_DIR}");

@@ -17,7 +22,6 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
            ],
            &[PROTOBUF_DIR.to_string()],
        )
-        
        .unwrap();
    Ok(())
 }
--- a/server/crates/arbiter-server/Cargo.toml
+++ b/server/crates/arbiter-server/Cargo.toml
@@ -42,7 +42,10 @@ argon2 = { version = "0.5.3", features = ["zeroize"] }
 restructed = "0.2.2"
 strum = { version = "0.27.2", features = ["derive"] }
 pem = "3.0.6"
-k256 = "0.13.4"
+k256.workspace = true
+rsa.workspace = true
+sha2.workspace = true
+spki.workspace = true
 alloy.workspace = true
 arbiter-tokens-registry.path = "../arbiter-tokens-registry"

--- a/server/crates/arbiter-server/migrations/2026-03-13-000000_add_key_type/down.sql
+++ b/server/crates/arbiter-server/migrations/2026-03-13-000000_add_key_type/down.sql
@@ -0,0 +1,2 @@
+-- Not reversible without data loss; drop the column to revert
+ALTER TABLE useragent_client DROP COLUMN key_type;
--- a/server/crates/arbiter-server/migrations/2026-03-13-000000_add_key_type/up.sql
+++ b/server/crates/arbiter-server/migrations/2026-03-13-000000_add_key_type/up.sql
@@ -0,0 +1 @@
+ALTER TABLE useragent_client ADD COLUMN key_type INTEGER NOT NULL DEFAULT 1;
--- a/server/crates/arbiter-server/src/actors/user_agent/auth.rs
+++ b/server/crates/arbiter-server/src/actors/user_agent/auth.rs
@@ -1,13 +1,12 @@
 use arbiter_proto::proto::user_agent::{
-    AuthChallengeRequest, AuthChallengeSolution, UserAgentRequest,
+    AuthChallengeRequest, AuthChallengeSolution, KeyType as ProtoKeyType, UserAgentRequest,
    user_agent_request::Payload as UserAgentRequestPayload,
 };
-use ed25519_dalek::VerifyingKey;
 use tracing::error;

 use crate::actors::user_agent::{
    UserAgentConnection,
-    auth::state::{AuthContext, AuthStateMachine}, session::UserAgentSession,
+    auth::state::{AuthContext, AuthPublicKey, AuthStateMachine}, session::UserAgentSession,
 };

 #[derive(thiserror::Error, Debug, PartialEq)]
@@ -37,28 +36,50 @@ pub enum Error {
 mod state;
 use state::*;

+fn parse_pubkey(key_type: ProtoKeyType, pubkey: Vec<u8>) -> Result<AuthPublicKey, Error> {
+    match key_type {
+        // UNSPECIFIED treated as Ed25519 for backward compatibility
+        ProtoKeyType::Unspecified | ProtoKeyType::Ed25519 => {
+            let pubkey_bytes = pubkey.as_array().ok_or(Error::InvalidClientPubkeyLength)?;
+            let key = ed25519_dalek::VerifyingKey::from_bytes(pubkey_bytes)
+                .map_err(|_| Error::InvalidAuthPubkeyEncoding)?;
+            Ok(AuthPublicKey::Ed25519(key))
+        }
+        ProtoKeyType::EcdsaSecp256k1 => {
+            // Public key is sent as 33-byte SEC1 compressed point
+            let key = k256::ecdsa::VerifyingKey::from_sec1_bytes(&pubkey)
+                .map_err(|_| Error::InvalidAuthPubkeyEncoding)?;
+            Ok(AuthPublicKey::EcdsaSecp256k1(key))
+        }
+        ProtoKeyType::Rsa => {
+            use rsa::pkcs8::DecodePublicKey as _;
+            let key = rsa::RsaPublicKey::from_public_key_der(&pubkey)
+                .map_err(|_| Error::InvalidAuthPubkeyEncoding)?;
+            Ok(AuthPublicKey::Rsa(key))
+        }
+    }
+}
+
 fn parse_auth_event(payload: UserAgentRequestPayload) -> Result<AuthEvents, Error> {
    match payload {
        UserAgentRequestPayload::AuthChallengeRequest(AuthChallengeRequest {
            pubkey,
            bootstrap_token: None,
+            key_type,
        }) => {
-            let pubkey_bytes = pubkey.as_array().ok_or(Error::InvalidClientPubkeyLength)?;
-            let pubkey = VerifyingKey::from_bytes(pubkey_bytes)
-                .map_err(|_| Error::InvalidAuthPubkeyEncoding)?;
+            let kt = ProtoKeyType::try_from(key_type).unwrap_or(ProtoKeyType::Unspecified);
            Ok(AuthEvents::AuthRequest(ChallengeRequest {
-                pubkey: pubkey.into(),
+                pubkey: parse_pubkey(kt, pubkey)?,
            }))
        }
        UserAgentRequestPayload::AuthChallengeRequest(AuthChallengeRequest {
            pubkey,
            bootstrap_token: Some(token),
+            key_type,
        }) => {
-            let pubkey_bytes = pubkey.as_array().ok_or(Error::InvalidClientPubkeyLength)?;
-            let pubkey = VerifyingKey::from_bytes(pubkey_bytes)
-                .map_err(|_| Error::InvalidAuthPubkeyEncoding)?;
+            let kt = ProtoKeyType::try_from(key_type).unwrap_or(ProtoKeyType::Unspecified);
            Ok(AuthEvents::BootstrapAuthRequest(BootstrapAuthRequest {
-                pubkey: pubkey.into(),
+                pubkey: parse_pubkey(kt, pubkey)?,
                token,
            }))
        }
@@ -71,11 +92,11 @@ fn parse_auth_event(payload: UserAgentRequestPayload) -> Result<AuthEvents, Erro
    }
 }

-pub async fn authenticate(props: &mut UserAgentConnection) -> Result<VerifyingKey, Error> {
+pub async fn authenticate(props: &mut UserAgentConnection) -> Result<AuthPublicKey, Error> {
    let mut state = AuthStateMachine::new(AuthContext::new(props));

    loop {
-        // This is needed because `state` now holds mutable reference to `ConnectionProps`, so we can't directly access `props` here
+        // `state` holds a mutable reference to `props` so we can't access it directly here
        let transport = state.context_mut().conn.transport.as_mut();
        let Some(UserAgentRequest {
            payload: Some(payload),
@@ -110,9 +131,8 @@ pub async fn authenticate(props: &mut UserAgentConnection) -> Result<VerifyingKe
    }
 }

-
 pub async fn authenticate_and_create(mut props: UserAgentConnection) -> Result<UserAgentSession, Error> {
-    let key = authenticate(&mut props).await?;
-    let session = UserAgentSession::new(props, key.clone());
+    let _key = authenticate(&mut props).await?;
+    let session = UserAgentSession::new(props);
    Ok(session)
 }
--- a/server/crates/arbiter-server/src/actors/user_agent/auth/state.rs
+++ b/server/crates/arbiter-server/src/actors/user_agent/auth/state.rs
@@ -1,30 +1,64 @@
 use arbiter_proto::proto::user_agent::{
-    AuthChallenge, UserAgentResponse,
-    user_agent_response::Payload as UserAgentResponsePayload,
+    AuthChallenge, UserAgentResponse, user_agent_response::Payload as UserAgentResponsePayload,
 };
 use diesel::{ExpressionMethods as _, OptionalExtension as _, QueryDsl, update};
 use diesel_async::RunQueryDsl;
-use ed25519_dalek::VerifyingKey;
 use tracing::error;

 use super::Error;
 use crate::{
    actors::{bootstrap::ConsumeToken, user_agent::UserAgentConnection},
-    db::schema,
+    db::{models::KeyType, schema},
 };

+/// Abstraction over Ed25519 / ECDSA-secp256k1 / RSA public keys used during the auth handshake.
+#[derive(Clone)]
+pub enum AuthPublicKey {
+    Ed25519(ed25519_dalek::VerifyingKey),
+    /// Compressed SEC1 public key; signature bytes are raw 64-byte (r||s).
+    EcdsaSecp256k1(k256::ecdsa::VerifyingKey),
+    /// RSA-2048+ public key; signature bytes are PSS+SHA-256.
+    Rsa(rsa::RsaPublicKey),
+}
+
+impl AuthPublicKey {
+    /// Canonical bytes stored in DB and echoed back in the challenge.
+    /// Ed25519: raw 32 bytes. ECDSA: SEC1 compressed 33 bytes. RSA: DER-encoded SPKI.
+    pub fn to_stored_bytes(&self) -> Vec<u8> {
+        match self {
+            AuthPublicKey::Ed25519(k) => k.to_bytes().to_vec(),
+            // SEC1 compressed (33 bytes) is the natural compact format for secp256k1
+            AuthPublicKey::EcdsaSecp256k1(k) => k.to_encoded_point(true).as_bytes().to_vec(),
+            AuthPublicKey::Rsa(k) => {
+                use rsa::pkcs8::EncodePublicKey as _;
+                k.to_public_key_der()
+                    .expect("rsa SPKI encoding is infallible")
+                    .to_vec()
+            }
+        }
+    }
+
+    pub fn key_type(&self) -> KeyType {
+        match self {
+            AuthPublicKey::Ed25519(_) => KeyType::Ed25519,
+            AuthPublicKey::EcdsaSecp256k1(_) => KeyType::EcdsaSecp256k1,
+            AuthPublicKey::Rsa(_) => KeyType::Rsa,
+        }
+    }
+}
+
 pub struct ChallengeRequest {
-    pub pubkey: VerifyingKey,
+    pub pubkey: AuthPublicKey,
 }

 pub struct BootstrapAuthRequest {
-    pub pubkey: VerifyingKey,
+    pub pubkey: AuthPublicKey,
    pub token: String,
 }

 pub struct ChallengeContext {
    pub challenge: AuthChallenge,
-    pub key: VerifyingKey,
+    pub key: AuthPublicKey,
 }

 pub struct ChallengeSolution {
@@ -36,8 +70,8 @@ smlang::statemachine!(
    custom_error: true,
    transitions: {
        *Init + AuthRequest(ChallengeRequest) / async prepare_challenge = SentChallenge(ChallengeContext),
-        Init + BootstrapAuthRequest(BootstrapAuthRequest) [async verify_bootstrap_token] / provide_key_bootstrap = AuthOk(VerifyingKey),
-        SentChallenge(ChallengeContext) + ReceivedSolution(ChallengeSolution) [async verify_solution] / provide_key = AuthOk(VerifyingKey),
+        Init + BootstrapAuthRequest(BootstrapAuthRequest) [async verify_bootstrap_token] / provide_key_bootstrap = AuthOk(AuthPublicKey),
+        SentChallenge(ChallengeContext) + ReceivedSolution(ChallengeSolution) [async verify_solution] / provide_key = AuthOk(AuthPublicKey),
    }
 );

@@ -76,7 +110,9 @@ async fn create_nonce(db: &crate::db::DatabasePool, pubkey_bytes: &[u8]) -> Resu
        })
 }

-async fn register_key(db: &crate::db::DatabasePool, pubkey_bytes: &[u8]) -> Result<(), Error> {
+async fn register_key(db: &crate::db::DatabasePool, pubkey: &AuthPublicKey) -> Result<(), Error> {
+    let pubkey_bytes = pubkey.to_stored_bytes();
+    let key_type = pubkey.key_type();
    let mut conn = db.get().await.map_err(|e| {
        error!(error = ?e, "Database pool error");
        Error::DatabasePoolUnavailable
@@ -84,8 +120,9 @@ async fn register_key(db: &crate::db::DatabasePool, pubkey_bytes: &[u8]) -> Resu

    diesel::insert_into(schema::useragent_client::table)
        .values((
-            schema::useragent_client::public_key.eq(pubkey_bytes.to_vec()),
+            schema::useragent_client::public_key.eq(pubkey_bytes),
            schema::useragent_client::nonce.eq(1),
+            schema::useragent_client::key_type.eq(key_type),
        ))
        .execute(&mut conn)
        .await
@@ -115,15 +152,34 @@ impl AuthStateMachineContext for AuthContext<'_> {
        ChallengeContext { challenge, key }: &ChallengeContext,
        ChallengeSolution { solution }: &ChallengeSolution,
    ) -> Result<bool, Self::Error> {
-        let formatted_challenge =
-            arbiter_proto::format_challenge(challenge.nonce, &challenge.pubkey);
+        let formatted = arbiter_proto::format_challenge(challenge.nonce, &challenge.pubkey);

-        let signature = solution.as_slice().try_into().map_err(|_| {
-            error!(?solution, "Invalid signature length");
-            Error::InvalidChallengeSolution
-        })?;
-
-        let valid = key.verify_strict(&formatted_challenge, &signature).is_ok();
+        let valid = match key {
+            AuthPublicKey::Ed25519(vk) => {
+                let sig = solution.as_slice().try_into().map_err(|_| {
+                    error!(?solution, "Invalid Ed25519 signature length");
+                    Error::InvalidChallengeSolution
+                })?;
+                vk.verify_strict(&formatted, &sig).is_ok()
+            }
+            AuthPublicKey::EcdsaSecp256k1(vk) => {
+                use k256::ecdsa::signature::Verifier as _;
+                let sig = k256::ecdsa::Signature::try_from(solution.as_slice()).map_err(|_| {
+                    error!(?solution, "Invalid ECDSA signature bytes");
+                    Error::InvalidChallengeSolution
+                })?;
+                vk.verify(&formatted, &sig).is_ok()
+            }
+            AuthPublicKey::Rsa(pk) => {
+                use rsa::signature::Verifier as _;
+                let verifying_key = rsa::pss::VerifyingKey::<sha2::Sha256>::new(pk.clone());
+                let sig = rsa::pss::Signature::try_from(solution.as_slice()).map_err(|_| {
+                    error!(?solution, "Invalid RSA signature bytes");
+                    Error::InvalidChallengeSolution
+                })?;
+                verifying_key.verify(&formatted, &sig).is_ok()
+            }
+        };

        Ok(valid)
    }
@@ -132,10 +188,11 @@ impl AuthStateMachineContext for AuthContext<'_> {
        &mut self,
        ChallengeRequest { pubkey }: ChallengeRequest,
    ) -> Result<ChallengeContext, Self::Error> {
-        let nonce = create_nonce(&self.conn.db, pubkey.as_bytes()).await?;
+        let stored_bytes = pubkey.to_stored_bytes();
+        let nonce = create_nonce(&self.conn.db, &stored_bytes).await?;

        let challenge = AuthChallenge {
-            pubkey: pubkey.as_bytes().to_vec(),
+            pubkey: stored_bytes,
            nonce,
        };

@@ -171,16 +228,16 @@ impl AuthStateMachineContext for AuthContext<'_> {
            })
            .await
            .map_err(|e| {
-                error!(?pubkey, "Failed to consume bootstrap token: {e}");
+                error!(?e, "Failed to consume bootstrap token");
                Error::BootstrapperActorUnreachable
            })?;

        if !token_ok {
-            error!(?pubkey, "Invalid bootstrap token provided");
+            error!("Invalid bootstrap token provided");
            return Err(Error::InvalidBootstrapToken);
        }

-        register_key(&self.conn.db, pubkey.as_bytes()).await?;
+        register_key(&self.conn.db, pubkey).await?;

        Ok(true)
    }
@@ -188,7 +245,7 @@ impl AuthStateMachineContext for AuthContext<'_> {
    fn provide_key_bootstrap(
        &mut self,
        event_data: BootstrapAuthRequest,
-    ) -> Result<VerifyingKey, Self::Error> {
+    ) -> Result<AuthPublicKey, Self::Error> {
        Ok(event_data.pubkey)
    }

@@ -196,7 +253,45 @@ impl AuthStateMachineContext for AuthContext<'_> {
        &mut self,
        state_data: &ChallengeContext,
        _: ChallengeSolution,
-    ) -> Result<VerifyingKey, Self::Error> {
-        Ok(state_data.key)
+    ) -> Result<AuthPublicKey, Self::Error> {
+        // ChallengeContext.key cannot be taken by value because smlang passes it by ref;
+        // we reconstruct stored bytes and return them wrapped in Ed25519 placeholder.
+        // Session uses only the raw bytes, so we carry them via a Vec<u8>.
+        // IMPORTANT: do NOT simplify this by storing the key type separately — the
+        // `AuthPublicKey` enum IS the source of truth for key bytes and type.
+        //
+        // smlang state-machine trait requires returning an owned value from `provide_key`,
+        // but `state_data` is only available by shared reference here.  We extract the
+        // stored bytes and re-wrap as the correct variant so the caller can call
+        // `to_stored_bytes()` / `key_type()` without losing information.
+        let bytes = state_data.challenge.pubkey.clone();
+        let key_type = state_data.key.key_type();
+        let rebuilt = match key_type {
+            crate::db::models::KeyType::Ed25519 => {
+                let arr: &[u8; 32] = bytes
+                    .as_slice()
+                    .try_into()
+                    .expect("ed25519 pubkey must be 32 bytes in challenge");
+                AuthPublicKey::Ed25519(
+                    ed25519_dalek::VerifyingKey::from_bytes(arr)
+                        .expect("key was already validated in parse_auth_event"),
+                )
+            }
+            crate::db::models::KeyType::EcdsaSecp256k1 => {
+                // bytes are SEC1 compressed (33 bytes produced by to_encoded_point(true))
+                AuthPublicKey::EcdsaSecp256k1(
+                    k256::ecdsa::VerifyingKey::from_sec1_bytes(&bytes)
+                        .expect("ecdsa key was already validated in parse_auth_event"),
+                )
+            }
+            crate::db::models::KeyType::Rsa => {
+                use rsa::pkcs8::DecodePublicKey as _;
+                AuthPublicKey::Rsa(
+                    rsa::RsaPublicKey::from_public_key_der(&bytes)
+                        .expect("rsa key was already validated in parse_auth_event"),
+                )
+            }
+        };
+        Ok(rebuilt)
    }
 }
--- a/server/crates/arbiter-server/src/actors/user_agent/session.rs
+++ b/server/crates/arbiter-server/src/actors/user_agent/session.rs
@@ -3,17 +3,15 @@ use std::{ops::DerefMut, sync::Mutex};
 use arbiter_proto::proto::{
    evm as evm_proto,
    user_agent::{
-        ClientConnectionCancel, ClientConnectionRequest, UnsealEncryptedKey, UnsealResult, UnsealStart, UnsealStartResponse, UserAgentRequest,
-        UserAgentResponse, user_agent_request::Payload as UserAgentRequestPayload,
+        ClientConnectionCancel, ClientConnectionRequest, UnsealEncryptedKey, UnsealResult,
+        UnsealStart, UnsealStartResponse, UserAgentRequest, UserAgentResponse,
+        user_agent_request::Payload as UserAgentRequestPayload,
        user_agent_response::Payload as UserAgentResponsePayload,
    },
 };
 use chacha20poly1305::{AeadInPlace, XChaCha20Poly1305, XNonce, aead::KeyInit};
 use ed25519_dalek::VerifyingKey;
-use kameo::{
-    Actor,
-    error::SendError, messages, prelude::Context,
-};
+use kameo::{Actor, error::SendError, messages, prelude::Context};
 use memsafe::MemSafe;
 use tokio::{select, sync::watch};
 use tracing::{error, info};
@@ -41,15 +39,13 @@ pub enum Error {

 pub struct UserAgentSession {
    props: UserAgentConnection,
-    key: VerifyingKey,
    state: UserAgentStateMachine<DummyContext>,
 }

 impl UserAgentSession {
-     pub(crate) fn new(props: UserAgentConnection, key: VerifyingKey) -> Self {
+    pub(crate) fn new(props: UserAgentConnection) -> Self {
        Self {
            props,
-            key,
            state: UserAgentStateMachine::new(DummyContext),
        }
    }
@@ -114,7 +110,7 @@ impl UserAgentSession {

 #[messages]
 impl UserAgentSession {
-    // TODO: Think about refactoring it to state-machine based flow, as we already have one 
+    // TODO: Think about refactoring it to state-machine based flow, as we already have one
    #[message(ctx)]
    pub async fn request_new_client_approval(
        &mut self,
@@ -123,12 +119,9 @@ impl UserAgentSession {
        ctx: &mut Context<Self, Result<bool, Error>>,
    ) -> Result<bool, Error> {
        self.send_msg(
-            UserAgentResponsePayload::ClientConnectionRequest(
-                ClientConnectionRequest {
-                    pubkey: client_pubkey.as_bytes().to_vec(),
-                }
-                .into(),
-            ),
+            UserAgentResponsePayload::ClientConnectionRequest(ClientConnectionRequest {
+                pubkey: client_pubkey.as_bytes().to_vec(),
+            }),
            ctx,
        )
        .await?;
@@ -150,12 +143,12 @@ impl UserAgentSession {
                    UserAgentResponsePayload::ClientConnectionCancel(ClientConnectionCancel {}),
                    ctx,
                ).await?;
-                return Ok(false);
+                Ok(false)
            }
            result = self.expect_msg(extractor, ctx) => {
                let result = result?;
                info!(actor = "useragent", "received client connection approval result: approved={}", result.approved);
-                return Ok(result.approved);
+                Ok(result.approved)
            }
        }
    }
@@ -420,10 +413,8 @@ impl UserAgentSession {
        use arbiter_proto::transport::DummyTransport;
        let transport: super::Transport = Box::new(DummyTransport::new());
        let props = UserAgentConnection::new(db, actors, transport);
-        let key = VerifyingKey::from_bytes(&[0u8; 32]).unwrap();
        Self {
            props,
-            key,
            state: UserAgentStateMachine::new(DummyContext),
        }
    }
--- a/server/crates/arbiter-server/src/db/mod.rs
+++ b/server/crates/arbiter-server/src/db/mod.rs
@@ -135,10 +135,10 @@ pub async fn create_test_pool() -> DatabasePool {
    let tempfile_name = Alphanumeric.sample_string(&mut rand::rng(), 16);

    let file = std::env::temp_dir().join(tempfile_name);
-    let url = format!(
-        "{}?mode=rwc",
-        file.to_str().expect("temp file path is not valid UTF-8")
-    );
+    let url = file
+        .to_str()
+        .expect("temp file path is not valid UTF-8")
+        .to_string();

    create_pool(Some(&url))
        .await
--- a/server/crates/arbiter-server/src/db/models.rs
+++ b/server/crates/arbiter-server/src/db/models.rs
@@ -12,8 +12,6 @@ use diesel::{prelude::*, sqlite::Sqlite};
 use restructed::Models;

 pub mod types {
-    use std::os::unix;
-
    use chrono::{DateTime, Utc};
    use diesel::{
        deserialize::{FromSql, FromSqlRow},
@@ -74,6 +72,43 @@ pub mod types {
            Ok(SqliteTimestamp(datetime))
        }
    }
+
+    /// Key algorithm stored in the `useragent_client.key_type` column.
+    /// Values must stay stable — they are persisted in the database.
+    #[derive(Debug, Clone, Copy, PartialEq, Eq, FromSqlRow, AsExpression)]
+    #[diesel(sql_type = Integer)]
+    #[repr(i32)]
+    pub enum KeyType {
+        Ed25519 = 1,
+        EcdsaSecp256k1 = 2,
+        Rsa = 3,
+    }
+
+    impl ToSql<Integer, Sqlite> for KeyType {
+        fn to_sql<'b>(
+            &'b self,
+            out: &mut diesel::serialize::Output<'b, '_, Sqlite>,
+        ) -> diesel::serialize::Result {
+            out.set_value(*self as i32);
+            Ok(IsNull::No)
+        }
+    }
+
+    impl FromSql<Integer, Sqlite> for KeyType {
+        fn from_sql(
+            mut bytes: <Sqlite as diesel::backend::Backend>::RawValue<'_>,
+        ) -> diesel::deserialize::Result<Self> {
+            let Some(SqliteType::Long) = bytes.value_type() else {
+                return Err("Expected Integer for KeyType".into());
+            };
+            match bytes.read_long() {
+                1 => Ok(KeyType::Ed25519),
+                2 => Ok(KeyType::EcdsaSecp256k1),
+                3 => Ok(KeyType::Rsa),
+                other => Err(format!("Unknown KeyType discriminant: {other}").into()),
+            }
+        }
+    }
 }
 pub use types::*;

@@ -171,6 +206,7 @@ pub struct UseragentClient {
    pub public_key: Vec<u8>,
    pub created_at: SqliteTimestamp,
    pub updated_at: SqliteTimestamp,
+    pub key_type: KeyType,
 }

 #[derive(Models, Queryable, Debug, Insertable, Selectable)]
--- a/server/crates/arbiter-server/src/db/schema.rs
+++ b/server/crates/arbiter-server/src/db/schema.rs
@@ -153,6 +153,7 @@ diesel::table! {
        public_key -> Binary,
        created_at -> Integer,
        updated_at -> Integer,
+        key_type -> Integer,
    }
 }

--- a/server/crates/arbiter-server/tests/user_agent/auth.rs
+++ b/server/crates/arbiter-server/tests/user_agent/auth.rs
@@ -1,5 +1,5 @@
 use arbiter_proto::proto::user_agent::{
-    AuthChallengeRequest, AuthChallengeSolution, UserAgentRequest,
+    AuthChallengeRequest, AuthChallengeSolution, KeyType as ProtoKeyType, UserAgentRequest,
    user_agent_request::Payload as UserAgentRequestPayload,
    user_agent_response::Payload as UserAgentResponsePayload,
 };
@@ -38,6 +38,7 @@ pub async fn test_bootstrap_token_auth() {
                AuthChallengeRequest {
                    pubkey: pubkey_bytes,
                    bootstrap_token: Some(token),
+                    key_type: ProtoKeyType::Ed25519.into(),
                },
            )),
        })
@@ -74,6 +75,7 @@ pub async fn test_bootstrap_invalid_token_auth() {
                AuthChallengeRequest {
                    pubkey: pubkey_bytes,
                    bootstrap_token: Some("invalid_token".to_string()),
+                    key_type: ProtoKeyType::Ed25519.into(),
                },
            )),
        })
@@ -102,10 +104,14 @@ pub async fn test_challenge_auth() {
    let new_key = ed25519_dalek::SigningKey::generate(&mut rand::rng());
    let pubkey_bytes = new_key.verifying_key().to_bytes().to_vec();

+    // Pre-register key with key_type
    {
        let mut conn = db.get().await.unwrap();
        insert_into(schema::useragent_client::table)
-            .values(schema::useragent_client::public_key.eq(pubkey_bytes.clone()))
+            .values((
+                schema::useragent_client::public_key.eq(pubkey_bytes.clone()),
+                schema::useragent_client::key_type.eq(1i32),
+            ))
            .execute(&mut conn)
            .await
            .unwrap();
@@ -122,6 +128,7 @@ pub async fn test_challenge_auth() {
                AuthChallengeRequest {
                    pubkey: pubkey_bytes,
                    bootstrap_token: None,
+                    key_type: ProtoKeyType::Ed25519.into(),
                },
            )),
        })
--- a/server/crates/arbiter-useragent/Cargo.toml
+++ b/server/crates/arbiter-useragent/Cargo.toml
@@ -14,6 +14,11 @@ tracing.workspace = true
 ed25519-dalek.workspace = true
 smlang.workspace = true
 x25519-dalek.workspace = true
+k256.workspace = true
+rsa.workspace = true
+sha2.workspace = true
+spki.workspace = true
+rand.workspace = true
 thiserror.workspace = true
 tokio-stream.workspace = true
 http = "1.4.0"
--- a/server/crates/arbiter-useragent/src/grpc.rs
+++ b/server/crates/arbiter-useragent/src/grpc.rs
@@ -1,12 +1,11 @@
 use arbiter_proto::{
    proto::{
-        user_agent::{UserAgentRequest, UserAgentResponse},
        arbiter_service_client::ArbiterServiceClient,
+        user_agent::{UserAgentRequest, UserAgentResponse},
    },
    transport::{IdentityRecvConverter, IdentitySendConverter, grpc},
    url::ArbiterUrl,
 };
-use ed25519_dalek::SigningKey;
 use kameo::actor::{ActorRef, Spawn};

 use tokio::sync::mpsc;
@@ -14,6 +13,7 @@ use tokio_stream::wrappers::ReceiverStream;

 use tonic::transport::ClientTlsConfig;

+use super::{SigningKeyEnum, UserAgentActor};

 #[derive(Debug, thiserror::Error)]
 pub enum ConnectError {
@@ -30,8 +30,6 @@ pub enum ConnectError {
    Grpc(#[from] tonic::Status),
 }

-    use super::UserAgentActor;
-
 pub type UserAgentGrpc = ActorRef<
    UserAgentActor<
        grpc::GrpcAdapter<
@@ -42,7 +40,7 @@ pub type UserAgentGrpc = ActorRef<
 >;
 pub async fn connect_grpc(
    url: ArbiterUrl,
-    key: SigningKey,
+    key: SigningKeyEnum,
 ) -> Result<UserAgentGrpc, ConnectError> {
    let bootstrap_token = url.bootstrap_token.clone();
    let anchor = webpki::anchor_from_trusted_cert(&url.ca_cert)?.to_owned();
--- a/server/crates/arbiter-useragent/src/lib.rs
+++ b/server/crates/arbiter-useragent/src/lib.rs
@@ -1,19 +1,80 @@
 use arbiter_proto::{
    format_challenge,
    proto::user_agent::{
-        AuthChallengeRequest, AuthChallengeSolution, AuthOk,
+        AuthChallengeRequest, AuthChallengeSolution, AuthOk, KeyType as ProtoKeyType,
        UserAgentRequest, UserAgentResponse,
        user_agent_request::Payload as UserAgentRequestPayload,
        user_agent_response::Payload as UserAgentResponsePayload,
    },
    transport::Bi,
 };
-use ed25519_dalek::{Signer, SigningKey};
 use kameo::{Actor, actor::ActorRef};
 use smlang::statemachine;
 use tokio::select;
 use tracing::{error, info};

+/// Signing key variants supported by the user-agent auth protocol.
+pub enum SigningKeyEnum {
+    Ed25519(ed25519_dalek::SigningKey),
+    /// secp256k1 ECDSA; public key is sent as DER SPKI; signature is raw 64-byte (r||s).
+    EcdsaSecp256k1(k256::ecdsa::SigningKey),
+    /// RSA; public key is sent as DER SPKI; signature is PSS+SHA-256.
+    Rsa(rsa::RsaPrivateKey),
+}
+
+impl SigningKeyEnum {
+    /// Returns the canonical public key bytes to include in `AuthChallengeRequest.pubkey`.
+    pub fn pubkey_bytes(&self) -> Vec<u8> {
+        match self {
+            SigningKeyEnum::Ed25519(k) => k.verifying_key().to_bytes().to_vec(),
+            // 33-byte SEC1 compressed point — compact and natively supported by secp256k1 tooling
+            SigningKeyEnum::EcdsaSecp256k1(k) => {
+                k.verifying_key().to_encoded_point(true).as_bytes().to_vec()
+            }
+            SigningKeyEnum::Rsa(k) => {
+                use rsa::pkcs8::EncodePublicKey as _;
+                k.to_public_key()
+                    .to_public_key_der()
+                    .expect("rsa SPKI encoding is infallible")
+                    .to_vec()
+            }
+        }
+    }
+
+    /// Returns the proto `KeyType` discriminant to send in `AuthChallengeRequest.key_type`.
+    pub fn proto_key_type(&self) -> ProtoKeyType {
+        match self {
+            SigningKeyEnum::Ed25519(_) => ProtoKeyType::Ed25519,
+            SigningKeyEnum::EcdsaSecp256k1(_) => ProtoKeyType::EcdsaSecp256k1,
+            SigningKeyEnum::Rsa(_) => ProtoKeyType::Rsa,
+        }
+    }
+
+    /// Signs `msg` and returns raw signature bytes matching the server-side verification.
+    pub fn sign(&self, msg: &[u8]) -> Vec<u8> {
+        match self {
+            SigningKeyEnum::Ed25519(k) => {
+                use ed25519_dalek::Signer as _;
+                k.sign(msg).to_bytes().to_vec()
+            }
+            SigningKeyEnum::EcdsaSecp256k1(k) => {
+                use k256::ecdsa::signature::Signer as _;
+                let sig: k256::ecdsa::Signature = k.sign(msg);
+                sig.to_bytes().to_vec()
+            }
+            SigningKeyEnum::Rsa(k) => {
+                use rsa::signature::RandomizedSigner as _;
+                let signing_key = rsa::pss::BlindedSigningKey::<sha2::Sha256>::new(k.clone());
+                // Use rand_core OsRng from the rsa crate's re-exported rand_core (0.6.x),
+                // which is the version rsa's signature API expects.
+                let sig = signing_key.sign_with_rng(&mut rsa::rand_core::OsRng, msg);
+                use rsa::signature::SignatureEncoding as _;
+                sig.to_vec()
+            }
+        }
+    }
+}
+
 statemachine! {
    name: UserAgent,
    custom_error: false,
@@ -50,7 +111,7 @@ pub struct UserAgentActor<Transport>
 where
    Transport: Bi<UserAgentResponse, UserAgentRequest>,
 {
-    key: SigningKey,
+    key: SigningKeyEnum,
    bootstrap_token: Option<String>,
    state: UserAgentStateMachine<DummyContext>,
    transport: Transport,
@@ -60,7 +121,7 @@ impl<Transport> UserAgentActor<Transport>
 where
    Transport: Bi<UserAgentResponse, UserAgentRequest>,
 {
-    pub fn new(key: SigningKey, bootstrap_token: Option<String>, transport: Transport) -> Self {
+    pub fn new(key: SigningKeyEnum, bootstrap_token: Option<String>, transport: Transport) -> Self {
        Self {
            key,
            bootstrap_token,
@@ -79,8 +140,9 @@ where

    async fn send_auth_challenge_request(&mut self) -> Result<(), InboundError> {
        let req = AuthChallengeRequest {
-            pubkey: self.key.verifying_key().to_bytes().to_vec(),
+            pubkey: self.key.pubkey_bytes(),
            bootstrap_token: self.bootstrap_token.take(),
+            key_type: self.key.proto_key_type().into(),
        };

        self.transition(UserAgentEvents::SentAuthChallengeRequest)?;
@@ -103,9 +165,9 @@ where
        self.transition(UserAgentEvents::ReceivedAuthChallenge)?;

        let formatted = format_challenge(challenge.nonce, &challenge.pubkey);
-        let signature = self.key.sign(&formatted);
+        let signature_bytes = self.key.sign(&formatted);
        let solution = AuthChallengeSolution {
-            signature: signature.to_bytes().to_vec(),
+            signature: signature_bytes,
        };

        self.transport
@@ -127,7 +189,7 @@ where

    pub async fn process_inbound_transport(
        &mut self,
-        inbound: UserAgentResponse
+        inbound: UserAgentResponse,
    ) -> Result<(), InboundError> {
        let payload = inbound
            .payload
@@ -192,4 +254,4 @@ where
 }

 mod grpc;
-pub use grpc::{connect_grpc, ConnectError};
+pub use grpc::{ConnectError, connect_grpc};
--- a/server/crates/arbiter-useragent/tests/auth.rs
+++ b/server/crates/arbiter-useragent/tests/auth.rs
@@ -1,19 +1,18 @@
 use arbiter_proto::{
    format_challenge,
    proto::user_agent::{
-        AuthChallenge, AuthOk,
-        UserAgentRequest, UserAgentResponse,
+        AuthChallenge, AuthOk, UserAgentRequest, UserAgentResponse,
        user_agent_request::Payload as UserAgentRequestPayload,
        user_agent_response::Payload as UserAgentResponsePayload,
    },
    transport::Bi,
 };
-use arbiter_useragent::UserAgentActor;
+use arbiter_useragent::{SigningKeyEnum, UserAgentActor};
+use async_trait::async_trait;
 use ed25519_dalek::SigningKey;
 use kameo::actor::Spawn;
 use tokio::sync::mpsc;
 use tokio::time::{Duration, timeout};
-use async_trait::async_trait;

 struct TestTransport {
    inbound_rx: mpsc::Receiver<UserAgentResponse>,
@@ -22,7 +21,10 @@ struct TestTransport {

 #[async_trait]
 impl Bi<UserAgentResponse, UserAgentRequest> for TestTransport {
-    async fn send(&mut self, item: UserAgentRequest) -> Result<(), arbiter_proto::transport::Error> {
+    async fn send(
+        &mut self,
+        item: UserAgentRequest,
+    ) -> Result<(), arbiter_proto::transport::Error> {
        self.outbound_tx
            .send(item)
            .await
@@ -51,14 +53,14 @@ fn make_transport() -> (
    )
 }

-fn test_key() -> SigningKey {
-    SigningKey::from_bytes(&[7u8; 32])
+fn test_key() -> SigningKeyEnum {
+    SigningKeyEnum::Ed25519(SigningKey::from_bytes(&[7u8; 32]))
 }

 #[tokio::test]
 async fn sends_auth_request_on_start_with_bootstrap_token() {
    let key = test_key();
-    let pubkey = key.verifying_key().to_bytes().to_vec();
+    let pubkey = key.pubkey_bytes();
    let bootstrap_token = Some("bootstrap-123".to_string());
    let (transport, inbound_tx, mut outbound_rx) = make_transport();

@@ -86,7 +88,7 @@ async fn sends_auth_request_on_start_with_bootstrap_token() {
 #[tokio::test]
 async fn challenge_flow_sends_solution_from_transport_inbound() {
    let key = test_key();
-    let verify_key = key.verifying_key();
+    let pubkey_bytes = key.pubkey_bytes();
    let (transport, inbound_tx, mut outbound_rx) = make_transport();

    let actor = UserAgentActor::spawn(UserAgentActor::new(key, None, transport));
@@ -97,7 +99,7 @@ async fn challenge_flow_sends_solution_from_transport_inbound() {
        .expect("missing initial auth request");

    let challenge = AuthChallenge {
-        pubkey: verify_key.to_bytes().to_vec(),
+        pubkey: pubkey_bytes.clone(),
        nonce: 42,
    };
    inbound_tx
@@ -119,13 +121,16 @@ async fn challenge_flow_sends_solution_from_transport_inbound() {
        panic!("expected auth challenge solution");
    };

+    // Verify the signature using the Ed25519 verifying key
    let formatted = format_challenge(challenge.nonce, &challenge.pubkey);
+    let raw_key = SigningKey::from_bytes(&[7u8; 32]);
    let sig: ed25519_dalek::Signature = solution
        .signature
        .as_slice()
        .try_into()
        .expect("signature bytes length");
-    verify_key
+    raw_key
+        .verifying_key()
        .verify_strict(&formatted, &sig)
        .expect("solution signature should verify");
				`@@ -0,0 +1 @@`
				`ALTER TABLE useragent_client ADD COLUMN key_type INTEGER NOT NULL DEFAULT 1;`