arbiter

Author	SHA1	Message	Date
CleverWild	aff87c13ca	refactor(proposal): replace string kind dispatch with ProposalKindTag enum (strum)	2026-06-14 15:02:25 +02:00
CleverWild	9f9b6820c2	feat(vault): add recovery passphrase handling for bootstrap and unseal processes Some checks failed ci/woodpecker/pr/server-audit Pipeline was successful Details ci/woodpecker/pr/server-lint Pipeline failed Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-test Pipeline was successful Details	2026-06-13 23:09:49 +02:00
CleverWild	6017ef29ca	fix(crypto): handle 1-of-N Shamir split when ordinary_count=1	2026-06-13 23:08:53 +02:00
CleverWild	eb16da3a20	feat(server): recovery operators with sleeping/wakeup mechanism (§3.5/§3.6) Some checks failed ci/woodpecker/pr/server-lint Pipeline failed Details ci/woodpecker/pr/server-audit Pipeline was successful Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-test Pipeline was successful Details	2026-06-13 22:31:10 +02:00
CleverWild	2fda0484fc	feat(server): key-rotation proposals require full quorum (§3.3) Some checks failed ci/woodpecker/pr/server-audit Pipeline was successful Details ci/woodpecker/pr/server-lint Pipeline failed Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-test Pipeline was successful Details	2026-06-13 22:20:48 +02:00
CleverWild	f8c621b20e	feat(server): two-operator vault requires at least one recovery share Some checks failed ci/woodpecker/pr/server-audit Pipeline was successful Details ci/woodpecker/pr/server-lint Pipeline failed Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-test Pipeline was successful Details	2026-06-13 22:13:07 +02:00
CleverWild	3b090cd3ce	refactor(server): typed pubkey len via u32::try_from in ReplaceOperator Some checks failed ci/woodpecker/pr/server-lint Pipeline failed Details ci/woodpecker/pr/server-audit Pipeline was successful Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-test Pipeline was successful Details	2026-06-13 21:53:46 +02:00
CleverWild	99e2b841e9	feat(server): ProposalKind::ApproveOneOffTransaction	2026-06-13 21:32:23 +02:00
CleverWild	b2b159b16f	feat(server): ProposalKind::ApprovePersistentGrant	2026-06-13 21:27:41 +02:00
CleverWild	ab767fe158	feat(server): ProposalKind::UpdateShamirParameters	2026-06-13 21:20:06 +02:00
CleverWild	f080a8615f	feat(server): ProposalKind::ReplaceOperator	2026-06-13 16:46:04 +02:00
CleverWild	514a4cb2d1	feat(server): ProposalKind ::GrantWalletAccess and ::ApproveServerUpdate Some checks failed ci/woodpecker/pr/server-lint Pipeline failed Details ci/woodpecker/pr/server-audit Pipeline was successful Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-test Pipeline was successful Details	2026-06-13 15:51:22 +02:00
CleverWild	0b331d90bf	test(server): governance integration tests Some checks failed ci/woodpecker/pr/server-lint Pipeline failed Details ci/woodpecker/pr/server-audit Pipeline was successful Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-test Pipeline was successful Details	2026-06-13 15:23:10 +02:00
CleverWild	f981ddeb79	feat(server::grpc): wire governance RPCs through operator session	2026-06-13 15:23:10 +02:00
CleverWild	8517b981f2	feat(server): introduce ProposalManager actor with quorum voting logic	2026-06-13 15:11:00 +02:00
CleverWild	af13465c03	feat(crypto): expose governance signing context and make shamir_threshold pub const	2026-06-13 15:11:00 +02:00
CleverWild	d7950beb09	feat(db): add proposal and proposal_vote tables	2026-06-13 15:11:00 +02:00
CleverWild	6f270ef0c4	housekepping: add fixme for start_bootstrap's operator_id Some checks failed ci/woodpecker/pr/server-audit Pipeline was successful Details ci/woodpecker/pr/server-lint Pipeline failed Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-test Pipeline was successful Details	2026-06-12 22:01:17 +02:00
CleverWild	0098c3c08a	refactor(server::crypto): use fixed-size [u8; 32] and KeyCell throughout seal key API Some checks failed ci/woodpecker/pr/server-lint Pipeline failed Details ci/woodpecker/pr/server-audit Pipeline was successful Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-test Pipeline was successful Details	2026-06-12 21:15:07 +02:00
CleverWild	a3b98ca024	fix(server::tests): tighten unseal test seal_key params to &[u8; 32]	2026-06-12 21:11:48 +02:00
CleverWild	0d364d1951	feat(server::grpc): wire Shamir committee bootstrap and unseal proto messages Some checks failed ci/woodpecker/pr/server-audit Pipeline was successful Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-lint Pipeline failed Details ci/woodpecker/pr/server-test Pipeline failed Details Adds DeclareCommittee and ContributePassphrase variants to bootstrap.proto, ContributePassphrase to unseal.proto, and AwaitingContributions result codes to both. Implements corresponding inbound converters and outbound reply mappings. VaultGate handlers delegate to VaultCoordinator.	2026-06-12 19:43:17 +02:00
CleverWild	6f65c907a3	feat(server): introduce VaultCoordinator for multi-operator Shamir bootstrap/unseal VaultCoordinator collects operator passphrases, splits the seal key into Shamir shares on bootstrap (encrypting each share with the operator's passphrase via Argon2 + XChaCha20-Poly1305), and reconstructs the seal key from threshold shares on unseal. Adds vsss-rs 5.4.0 and rand_core 0.6 dependencies.	2026-06-12 19:43:09 +02:00
CleverWild	9764b0d5ce	refactor(server::actors::vault): clean up Bootstrap/TryUnseal, remove Bootstrapping state Bootstrap and TryUnseal now accept a SafeCell<Vec<u8>> seal key directly. The Bootstrapping intermediate state is removed — multi-operator coordination is the responsibility of VaultCoordinator, which calls Bootstrap atomically once all shares are collected.	2026-06-12 19:43:02 +02:00
CleverWild	50fe18d6ce	feat(server::crypto): add Shamir secret sharing utilities Wraps vsss_rs Gf256::split_array / combine_array into thin split_key / combine_shares helpers. Also widens derive_key salt parameter from &[u8;16] to &[u8] to accommodate the 32-byte share salts.	2026-06-12 19:42:56 +02:00
CleverWild	3e5f0cb3df	feat(server::db): add share_salt column to operator table Each operator row now stores a 32-byte random salt used to derive the per-operator share encryption key from their passphrase (Argon2 KDF).	2026-06-12 19:42:49 +02:00
CleverWild	34850137df	feat(server::actors::evm): implement operator_delete_grant Sets revoked_at on the evm_basic_grant row; returns NotFound if the grant does not exist. Wires the handler in OperatorSession replacing the todo!().	2026-06-12 19:42:43 +02:00
CleverWild	d1b96c8409	fix(server::peers::operator::auth): make ChallengeContext pub for smlang state machine smlang generates a public state enum whose variants contain ChallengeContext, requiring the type itself to be fully public. Also tightens the wildcard arm in client auth to an exhaustive match.	2026-06-12 19:42:37 +02:00
Skipper	9dbb18ae82	WIP: some things Some checks failed ci/woodpecker/pr/server-audit Pipeline was successful Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-lint Pipeline failed Details ci/woodpecker/pr/server-test Pipeline failed Details	2026-05-20 21:04:16 +02:00
Skipper	a773255935	refactor(server::db): introduced newtype wrappers for entity id's in database	2026-05-04 19:35:27 +02:00
Skipper	3f801abdff	housekeeping(server): deps upgrade + diesel migration to AsyncFnOnce Some checks failed ci/woodpecker/pr/server-audit Pipeline was successful Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-lint Pipeline failed Details ci/woodpecker/pr/server-test Pipeline was successful Details ci/woodpecker/push/server-lint Pipeline failed Details ci/woodpecker/push/server-audit Pipeline was successful Details ci/woodpecker/push/server-vet Pipeline failed Details ci/woodpecker/push/server-test Pipeline was successful Details	2026-05-01 11:22:40 +02:00
Skipper	1f9b253433	housekeeping(server): removed unused deps	2026-04-19 13:46:49 +02:00
Skipper	a1c3ffd2d1	refactor: rename to to better reflect meaning Some checks failed ci/woodpecker/push/server-audit Pipeline was successful Details ci/woodpecker/push/server-vet Pipeline failed Details ci/woodpecker/push/server-lint Pipeline failed Details ci/woodpecker/push/server-test Pipeline was successful Details	2026-04-19 13:41:50 +02:00
Skipper	9ab074170b	merge: feat-lints into main Some checks failed ci/woodpecker/pr/server-audit Pipeline was successful Details ci/woodpecker/pr/server-lint Pipeline failed Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-test Pipeline was successful Details ci/woodpecker/push/server-audit Pipeline was successful Details ci/woodpecker/push/server-lint Pipeline failed Details ci/woodpecker/push/server-vet Pipeline failed Details ci/woodpecker/push/server-test Pipeline was successful Details ci/woodpecker/push/useragent-analyze Pipeline failed Details	2026-04-18 15:04:33 +02:00
Skipper	38cf1b98b9	housekeeping(server): clippy warns fix Some checks failed ci/woodpecker/pr/server-audit Pipeline was successful Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-lint Pipeline was successful Details ci/woodpecker/pr/server-test Pipeline was successful Details ci/woodpecker/pr/useragent-analyze Pipeline failed Details	2026-04-18 13:53:11 +02:00
Skipper	9cf87b2058	merge: refactor-integrity-check into main Some checks failed ci/woodpecker/pr/server-audit Pipeline was successful Details ci/woodpecker/pr/server-lint Pipeline failed Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-test Pipeline was successful Details ci/woodpecker/pr/useragent-analyze Pipeline failed Details	2026-04-18 13:46:28 +02:00
Skipper	929d50b589	housekeeping(server): clean too-broad visibility markers and organize imports Some checks failed ci/woodpecker/pr/server-audit Pipeline was successful Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-lint Pipeline failed Details ci/woodpecker/pr/server-test Pipeline failed Details ci/woodpecker/pr/useragent-analyze Pipeline failed Details	2026-04-18 13:30:09 +02:00
Skipper	70acfc99b5	merge: refactor-integrity-check into main	2026-04-18 13:19:13 +02:00
Skipper	4a8e51ef32	docs: updated to new auth challenge format and removed stale TOCTOU race condition note Some checks failed ci/woodpecker/pr/server-lint Pipeline failed Details ci/woodpecker/pr/server-audit Pipeline failed Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-test Pipeline was successful Details ci/woodpecker/pr/useragent-analyze Pipeline failed Details	2026-04-17 18:25:55 +02:00
Skipper	790026e93b	fix(server::tests): api surface of auth challenge changed	2026-04-17 17:58:22 +02:00
Skipper	0e09afda5d	refactor(server::{useragent::auth, client::auth}): use random based + timestamp nonce instead of monotonic counter in database	2026-04-17 17:44:42 +02:00
Skipper	51e6571d80	refactor(server): now keeps track of useragents, instead of	2026-04-17 00:00:43 +02:00
Skipper	3b828d5874	refactor(server::grpc::vault_gate): standard approach using / traits	2026-04-16 22:15:18 +02:00
Skipper	a6f94e3115	fix(server): sending fixed vault state when on stage	2026-04-16 19:36:41 +02:00
hdbg	f49e995c2f	WIP: `kameo::messages` wiring for transport generalization Some checks failed ci/woodpecker/pr/server-test Pipeline failed Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-audit Pipeline failed Details ci/woodpecker/pr/server-lint Pipeline failed Details ci/woodpecker/pr/useragent-analyze Pipeline failed Details	2026-04-16 17:18:46 +02:00
Skipper	e88df432fb	housekeeping(server): dependencies upgrade Some checks failed ci/woodpecker/pr/server-lint Pipeline was successful Details ci/woodpecker/pr/server-audit Pipeline was successful Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-test Pipeline failed Details	2026-04-14 19:10:07 +02:00
hdbg	87ee0fe87b	feat(user-agent): add VaultGate for sealed vault authentication	2026-04-12 11:53:05 +02:00
CleverWild	f6a0c32b9d	feat: rustc and clippy linting Some checks failed ci/woodpecker/pr/server-audit Pipeline was successful Details ci/woodpecker/pr/server-vet Pipeline failed Details ci/woodpecker/pr/server-lint Pipeline failed Details ci/woodpecker/pr/server-test Pipeline was successful Details	2026-04-10 00:42:43 +02:00
hdbg	205227a3df	fix(server::integrity): `vault` now differentias between expected/unexpected states for commands more granularly	2026-04-08 18:21:48 +02:00
hdbg	6b8da567dd	fix(server::user_agent): useragents now self-sign themselves on bootstrap	2026-04-08 17:40:45 +02:00
hdbg	1585f90cae	refactor(server): reorganized client/user_agent actors into separate module `peers` and added event `MessageBus`	2026-04-08 12:34:16 +02:00

1 2 3 4

185 Commits