Skip to content

chore: rotate release signing key#39

Merged
mickvandijke merged 1 commit intomainfrom
chore/rotate-release-signing-key
Mar 24, 2026
Merged

chore: rotate release signing key#39
mickvandijke merged 1 commit intomainfrom
chore/rotate-release-signing-key

Conversation

@jacderida
Copy link
Copy Markdown
Collaborator

@jacderida jacderida commented Mar 23, 2026
edited
Loading

Summary

  • The previous ML-DSA-65 signing key was lost during the saorsa-node to ant-node migration
  • Generated a new ML-DSA-65 keypair and updated both the binary public key (sign/release-signing-key.pub) and the embedded key constant in src/upgrade/signature.rs

Required follow-up

  • Store the new secret key securely (hex file at /tmp/ant-node-keygen/release-signing-key.secret.hex)
  • Update the ANT_NODE_SIGNING_KEY GitHub Actions secret with the hex-encoded secret key
  • Add the new crates.io owner and set the CRATES_IO_TOKEN secret

Test plan

  • Project builds successfully with the new embedded key
  • Verify release workflow signs artifacts correctly with the new key

🤖 Generated with Claude Code

@jacderida @claude
chore: rotate release signing key
cc34270 
The previous ML-DSA-65 signing key was lost during the saorsa-node to
ant-node migration. Generate a new keypair and update both the binary
public key file and the embedded key constant in signature.rs.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Copilot AI review requested due to automatic review settings March 23, 2026 23:07
Copilot AI reviewed Mar 23, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Rotates the ML-DSA-65 release signing public key used by ant-node to verify signed upgrade/release artifacts, updating both the embedded verifier key and the checked-in public key file.

Changes:

  • Updated the embedded ML-DSA-65 public key constant in src/upgrade/signature.rs.
  • Replaced the repository’s public key file at sign/release-signing-key.pub to match the new keypair.

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated 2 comments.

File Description
src/upgrade/signature.rs Updates the embedded release signing public key used for signature verification during upgrades.
sign/release-signing-key.pub Updates the checked-in public key bytes intended for external/manual verification.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread src/upgrade/signature.rs
Comment on lines 35 to +41
/// Embedded release signing public key (ML-DSA-65).
///
/// This key is used to verify signatures on released binaries.
/// The corresponding private key is held by authorized release signers.
/// Generated: 2025-12-04 19:28:34 UTC
/// Generated: 2026-03-23 22:49:45 UTC
const RELEASE_SIGNING_KEY: &[u8] = &[
0xad, 0x56, 0x91, 0xe0, 0xab, 0x4a, 0xf6, 0x3a, 0x36, 0x0a, 0xc1, 0xcb, 0x5b, 0xd1, 0x16, 0x2a,
0xd8, 0xf6, 0xe7, 0x7c, 0xec, 0xb9, 0xd3, 0x23, 0xc6, 0x11, 0x86, 0x32, 0xb7, 0xc6, 0x2b, 0x8e,
0x12, 0xc5, 0xbb, 0x45, 0xe1, 0xc0, 0xd8, 0x6c, 0x02, 0x68, 0x2d, 0x77, 0xb2, 0x73, 0xa4, 0x77,
0x88, 0xac, 0xa2, 0x19, 0x39, 0xe7, 0x56, 0xea, 0x80, 0x8e, 0xbd, 0xd9, 0xa0, 0x69, 0xdd, 0x2e,
0x23, 0x3b, 0x72, 0xbe, 0x83, 0x45, 0xab, 0x1a, 0x04, 0x5d, 0x3b, 0x00, 0x02, 0xb9, 0xc9, 0xd1,
0xbf, 0x1e, 0x88, 0x44, 0xd7, 0x4a, 0x16, 0xd6, 0xc9, 0x8d, 0xb8, 0xb2, 0xdf, 0x07, 0x20, 0x30,
0x05, 0x7d, 0xc2, 0xff, 0x97, 0x4d, 0xc4, 0x42, 0xe5, 0xb9, 0xeb, 0xbc, 0x19, 0x1e, 0x8c, 0x6f,
0x06, 0x9b, 0x69, 0x47, 0x90, 0x1d, 0x91, 0x0f, 0x16, 0x62, 0x16, 0x7f, 0xeb, 0xac, 0x2b, 0xc0,
0xe5, 0x29, 0xc8, 0x1b, 0xb3, 0x59, 0x39, 0x43, 0xd7, 0xd2, 0xfd, 0xbd, 0x56, 0x94, 0x9d, 0x97,
0xec, 0xd1, 0xc9, 0x65, 0xbd, 0x36, 0x19, 0x5b, 0x2d, 0x17, 0x48, 0x84, 0xa0, 0xcf, 0x22, 0xf8,
0x3d, 0x70, 0x4a, 0xe6, 0x03, 0xfe, 0x65, 0xf7, 0xad, 0xdd, 0xfe, 0x6b, 0x1c, 0x27, 0xf3, 0x8b,
0x07, 0xf6, 0x81, 0x39, 0x84, 0xf3, 0x0f, 0x72, 0x31, 0x80, 0xf8, 0xe5, 0xc9, 0xf6, 0x90, 0x4a,
0x76, 0x2c, 0x04, 0xf9, 0xb2, 0x7c, 0x08, 0xbb, 0xdd, 0x35, 0x3e, 0xbc, 0x81, 0x0e, 0x1e, 0x71,
0xa3, 0x08, 0xf2, 0x74, 0xa2, 0x2b, 0xf2, 0x20, 0x4e, 0x3c, 0x41, 0xef, 0xea, 0x30, 0x45, 0x70,
0x35, 0x52, 0xbc, 0x89, 0x1a, 0xcf, 0x3d, 0x94, 0xf0, 0x62, 0xe8, 0xe3, 0x22, 0x28, 0x2e, 0xab,
0xc9, 0x22, 0x2f, 0xcd, 0x3e, 0xd3, 0x73, 0x9c, 0x25, 0x1c, 0xba, 0x38, 0xbe, 0x6b, 0x7a, 0x86,
0x82, 0xb9, 0x0f, 0x54, 0x5d, 0xa2, 0x0b, 0x4f, 0xd1, 0xce, 0xff, 0xe6, 0xc1, 0xaa, 0x26, 0x75,
0x06, 0xea, 0x3b, 0xc8, 0xf1, 0x03, 0x51, 0xc3, 0xd0, 0x03, 0x09, 0xb2, 0x0e, 0x20, 0xac, 0x33,
0x3d, 0x79, 0xd2, 0xf2, 0x51, 0x7f, 0x45, 0x23, 0x1e, 0x30, 0x64, 0x8c, 0x8c, 0x70, 0x61, 0xc6,
0x7d, 0xa7, 0xc0, 0x22, 0x83, 0x04, 0x03, 0xb3, 0x0e, 0x1b, 0x7f, 0xc2, 0xf0, 0xfb, 0xfc, 0x83,
0x14, 0x04, 0x66, 0xbe, 0xaa, 0x77, 0x8e, 0x88, 0x41, 0xd5, 0xa1, 0x57, 0xe0, 0xc6, 0x6e, 0x96,
0xbf, 0xe3, 0x27, 0x87, 0xc8, 0x03, 0xd8, 0xd4, 0x90, 0xc2, 0x89, 0x1c, 0x14, 0xb2, 0x92, 0x6b,
0xdf, 0xf0, 0x49, 0xff, 0x8a, 0xbe, 0xbc, 0x76, 0xf4, 0x62, 0x37, 0xa6, 0xf6, 0x91, 0x41, 0x28,
0x02, 0x68, 0xa8, 0xec, 0x17, 0xe7, 0xc9, 0xad, 0x40, 0xae, 0x11, 0xd6, 0x0a, 0x84, 0x6b, 0xe7,
0x0b, 0xae, 0xc8, 0x26, 0x58, 0x88, 0xb1, 0xf9, 0x9c, 0x8d, 0xdb, 0x16, 0x67, 0x60, 0x61, 0x84,
0xcc, 0x9b, 0xbb, 0x57, 0xd3, 0x20, 0xdb, 0x4e, 0x75, 0x22, 0x80, 0xda, 0xc3, 0x2b, 0xf3, 0x34,
0xcb, 0x7e, 0x1f, 0x06, 0x91, 0x36, 0xa4, 0xa5, 0x12, 0xfb, 0xcc, 0x81, 0xb0, 0xb3, 0x83, 0x8e,
0xe8, 0xf4, 0x1c, 0xfb, 0x9c, 0xb4, 0xea, 0x49, 0x49, 0x6b, 0xa8, 0x95, 0x7f, 0xb0, 0xac, 0xdf,
0x27, 0x0d, 0x0d, 0xab, 0xc3, 0xa1, 0x0f, 0x10, 0x1b, 0x1a, 0x0e, 0xbd, 0x2b, 0xbc, 0x1c, 0x9e,
0x8a, 0x9d, 0x88, 0xd4, 0xe9, 0x23, 0x3a, 0xd7, 0xe2, 0xad, 0x30, 0x35, 0x08, 0xae, 0x89, 0x8a,
0xca, 0xc2, 0x9d, 0xa9, 0xd0, 0x29, 0x4f, 0x50, 0xae, 0xe1, 0x75, 0xca, 0xc0, 0xaa, 0xed, 0x28,
0xfa, 0xa2, 0xab, 0x7c, 0x9e, 0xa7, 0x40, 0xce, 0xd8, 0xf7, 0xaa, 0xf7, 0x55, 0xb1, 0xcc, 0xd3,
0x83, 0xb5, 0x84, 0xd9, 0xcd, 0xef, 0xa5, 0x31, 0x78, 0x7a, 0xbc, 0x98, 0x02, 0xfb, 0xa7, 0x03,
0x0f, 0xac, 0x25, 0x81, 0x8f, 0xee, 0x4c, 0x85, 0xc6, 0x07, 0x68, 0xe0, 0x0d, 0x61, 0xdd, 0x59,
0xce, 0xbf, 0xce, 0xdb, 0x1d, 0x5c, 0x4b, 0xd3, 0x07, 0xeb, 0x39, 0x93, 0xe4, 0xc3, 0x56, 0xdb,
0x7a, 0xc7, 0x93, 0x18, 0xd6, 0x2b, 0xbf, 0xd4, 0xab, 0xe0, 0x42, 0x53, 0xc5, 0xf7, 0x26, 0xcd,
0xb6, 0x18, 0x14, 0x04, 0x5f, 0xa9, 0x74, 0xf6, 0x28, 0xfe, 0x45, 0x57, 0xa8, 0x96, 0x1f, 0x58,
0x10, 0x6e, 0x7c, 0x99, 0x69, 0xa9, 0xe9, 0x0e, 0x7e, 0x66, 0x89, 0xe5, 0x8f, 0xd9, 0xfa, 0xb2,
0x6b, 0x4c, 0xd7, 0xf0, 0x30, 0x22, 0x08, 0x46, 0x53, 0x5e, 0x7f, 0x88, 0x11, 0x7e, 0x4c, 0x97,
0xb8, 0x47, 0x0c, 0x58, 0xba, 0x62, 0xbc, 0x29, 0xf9, 0x06, 0x7b, 0xe0, 0xb9, 0x10, 0x87, 0x4e,
0x42, 0x89, 0x88, 0xe5, 0x5b, 0x5e, 0xe6, 0xdc, 0x86, 0xc9, 0x90, 0x6d, 0x06, 0xe5, 0x4d, 0x1e,
0x4b, 0x03, 0x90, 0xc7, 0x50, 0xf9, 0xa5, 0x85, 0x4b, 0x64, 0x6c, 0xcc, 0x1d, 0xc0, 0xf8, 0x67,
0xe4, 0xf1, 0x22, 0x4b, 0x52, 0x90, 0xe0, 0x64, 0x9d, 0xa1, 0xa0, 0x6b, 0xbf, 0xcc, 0x35, 0x3f,
0x1f, 0x5a, 0x0a, 0xd7, 0xb0, 0x25, 0x8f, 0xf8, 0xe1, 0xc2, 0xb9, 0xdb, 0x86, 0xc8, 0xc1, 0x6b,
0xca, 0x76, 0xc2, 0x6a, 0xad, 0xf6, 0x11, 0x58, 0xac, 0x89, 0xb2, 0x12, 0xd7, 0xa9, 0xaf, 0x99,
0x1d, 0xf4, 0xcb, 0x7e, 0xc7, 0x39, 0xaa, 0x2f, 0x35, 0x23, 0x0b, 0xc0, 0x63, 0xe2, 0xd0, 0x86,
0x8c, 0x2e, 0x2f, 0x86, 0x67, 0x21, 0x19, 0xf6, 0x51, 0x30, 0xa4, 0xd5, 0xc4, 0xfd, 0x85, 0xf7,
0x35, 0xaa, 0xd8, 0x5a, 0x1f, 0x16, 0x04, 0x76, 0xf7, 0xa9, 0x10, 0x46, 0x48, 0x56, 0xf7, 0xd2,
0xdc, 0x68, 0x18, 0x90, 0x2e, 0x82, 0x3b, 0x46, 0x27, 0xb3, 0xc6, 0xf2, 0xa0, 0xf6, 0x99, 0x70,
0x31, 0x37, 0x6a, 0x98, 0x3d, 0x09, 0xd0, 0xd4, 0x9f, 0xf2, 0x96, 0x6c, 0xad, 0x19, 0xf6, 0x65,
0x01, 0x8d, 0x06, 0x6d, 0xbb, 0xa4, 0x61, 0x29, 0x27, 0xe9, 0x8e, 0xad, 0x49, 0x2e, 0xee, 0x7c,
0xcd, 0xfe, 0xb2, 0x0e, 0xff, 0x66, 0x22, 0xf1, 0x21, 0xa8, 0xff, 0x21, 0x60, 0x13, 0x1b, 0x47,
0xc6, 0x5d, 0xe0, 0x76, 0x56, 0x71, 0x1e, 0x11, 0x58, 0x76, 0x22, 0x71, 0x91, 0x93, 0x74, 0x0f,
0x21, 0x35, 0x84, 0x24, 0x78, 0xa3, 0xa7, 0xe8, 0x82, 0x82, 0x6c, 0x2c, 0xa6, 0x80, 0x8d, 0xaf,
0x46, 0x42, 0x6d, 0xe6, 0x14, 0x96, 0x7a, 0xfc, 0xbc, 0x98, 0x89, 0x9b, 0x95, 0x71, 0x2e, 0x7a,
0xc3, 0x00, 0x21, 0x5b, 0x7e, 0x64, 0x62, 0x43, 0xcb, 0x4e, 0x79, 0x0a, 0xa8, 0x6f, 0x11, 0x78,
0xf9, 0xc0, 0x11, 0x6e, 0xc2, 0x4d, 0x95, 0x6b, 0x54, 0xab, 0x44, 0x1c, 0xb6, 0x60, 0x6d, 0x25,
0x00, 0xfa, 0x37, 0x16, 0xa6, 0x5c, 0x2f, 0x16, 0xf5, 0x36, 0x89, 0xc1, 0xe2, 0x8d, 0x38, 0xe3,
0xd3, 0x21, 0x57, 0x41, 0xd4, 0x12, 0x32, 0xfe, 0x3b, 0x90, 0x0f, 0x91, 0x2d, 0xe4, 0xaf, 0x57,
0xed, 0x31, 0x95, 0xf9, 0xab, 0x33, 0xac, 0xc4, 0xfb, 0xfc, 0xfa, 0xd1, 0x3e, 0xf5, 0x1e, 0x87,
0x0d, 0x30, 0x9a, 0x95, 0x57, 0xc6, 0x95, 0x09, 0x6a, 0xc1, 0xb9, 0xe1, 0x07, 0xee, 0x9d, 0x1b,
0x90, 0xf9, 0x90, 0xb6, 0xa8, 0x45, 0x66, 0xfc, 0x22, 0x86, 0xd7, 0x59, 0xeb, 0xd5, 0x6f, 0xe1,
0x61, 0x10, 0x7f, 0x51, 0x5b, 0xd0, 0x0c, 0xca, 0x2c, 0xd3, 0x45, 0xd8, 0xa8, 0x1a, 0x77, 0x6b,
0x8e, 0xe1, 0xb3, 0xf0, 0x02, 0x5c, 0xaa, 0x3e, 0x88, 0x12, 0xa9, 0xb0, 0xb0, 0x51, 0xbe, 0xc3,
0x74, 0xe0, 0x2c, 0xdc, 0x00, 0x97, 0x54, 0x7c, 0x3c, 0x4f, 0xd4, 0x46, 0x4d, 0xc6, 0xad, 0x70,
0xf5, 0x02, 0xae, 0xca, 0xc0, 0xd4, 0x0a, 0x81, 0x17, 0x84, 0x7d, 0x25, 0x76, 0x5d, 0xcb, 0xab,
0xbe, 0x37, 0x51, 0x52, 0xc1, 0x12, 0xbb, 0x1f, 0x41, 0x61, 0x87, 0x46, 0xab, 0x1e, 0xc8, 0x7b,
0xf9, 0xa7, 0x36, 0x35, 0x68, 0x34, 0xb6, 0xa3, 0x13, 0xc8, 0x05, 0xe9, 0x6f, 0x2f, 0xb5, 0xac,
0xf2, 0xde, 0xba, 0xee, 0xaa, 0xfa, 0xda, 0x9c, 0xe6, 0x2c, 0xa4, 0x6e, 0x8a, 0x9b, 0x29, 0x58,
0xd9, 0x68, 0x34, 0x12, 0x28, 0x6b, 0x82, 0xde, 0x13, 0x99, 0xa3, 0x63, 0x81, 0xf7, 0x82, 0xdb,
0xe4, 0x49, 0x24, 0xc7, 0x0c, 0xdb, 0xa5, 0xfb, 0xdb, 0x31, 0xbe, 0x3f, 0x66, 0xe7, 0x6c, 0x74,
0x38, 0x21, 0x96, 0x25, 0x47, 0xec, 0x84, 0x30, 0x75, 0x13, 0xbf, 0xf6, 0x57, 0xa1, 0xeb, 0xd4,
0x83, 0x36, 0x88, 0x8f, 0x83, 0x58, 0x56, 0xbe, 0x5a, 0x07, 0x6a, 0x1b, 0x59, 0x26, 0x45, 0x79,
0xff, 0x75, 0x66, 0x6e, 0xd8, 0x31, 0x1a, 0x8d, 0x37, 0x38, 0xfa, 0x40, 0x7f, 0x80, 0x14, 0x6e,
0x43, 0xc7, 0xa7, 0x8c, 0xf9, 0x9c, 0xd6, 0x98, 0x84, 0xe7, 0x81, 0xe8, 0xd0, 0xf5, 0xba, 0x8c,
0x2a, 0x8f, 0x29, 0xc8, 0x42, 0xba, 0xa0, 0xc2, 0x74, 0x1a, 0x76, 0x3c, 0xf5, 0x5d, 0xb1, 0x73,
0x84, 0x53, 0x3c, 0x6e, 0xa5, 0x31, 0xcd, 0x6d, 0x66, 0x2c, 0x02, 0x96, 0x0a, 0x95, 0x19, 0xeb,
0x8c, 0x6e, 0xb4, 0xd1, 0x23, 0xa5, 0x69, 0x5b, 0xcd, 0x27, 0x76, 0xcc, 0xb8, 0xb9, 0x60, 0xdf,
0x82, 0xca, 0xd8, 0x5b, 0xf8, 0x4e, 0x71, 0x07, 0xaf, 0xf8, 0x20, 0x0e, 0x33, 0xe8, 0x8a, 0x81,
0x21, 0x87, 0x46, 0x61, 0xb8, 0x39, 0xb8, 0x3f, 0x10, 0x83, 0x17, 0x19, 0x7b, 0xb3, 0x45, 0xfc,
0xc5, 0xb9, 0x40, 0xa7, 0xc7, 0x12, 0x3d, 0x87, 0xd9, 0x0c, 0xe8, 0xfe, 0xb3, 0x9a, 0x8e, 0x97,
0x14, 0xca, 0x66, 0x9e, 0xc1, 0x4d, 0x5a, 0x94, 0x27, 0x8c, 0x18, 0x5a, 0xcf, 0xd4, 0x08, 0xe3,
0x17, 0xbb, 0xb2, 0x72, 0xce, 0xf2, 0x79, 0x94, 0xa9, 0x74, 0x8e, 0x10, 0x20, 0xdc, 0x9f, 0xa9,
0x4f, 0x7c, 0x07, 0x72, 0xcf, 0xa3, 0x97, 0x49, 0xef, 0xf5, 0xbe, 0x56, 0x7c, 0x8a, 0xe1, 0x9e,
0xe7, 0x05, 0x85, 0xbe, 0xa5, 0xa8, 0x50, 0x2c, 0xbd, 0xd2, 0xc1, 0x5f, 0x2a, 0x57, 0x28, 0xd1,
0x64, 0x44, 0xde, 0xfe, 0x29, 0x69, 0xd9, 0x91, 0x79, 0x43, 0x67, 0x8c, 0x23, 0x96, 0xc5, 0x77,
0x55, 0x32, 0xc1, 0x74, 0xf5, 0x13, 0x81, 0xfd, 0xd6, 0x8a, 0x52, 0x14, 0xd0, 0x31, 0x16, 0x78,
0xce, 0x86, 0xdb, 0x1e, 0x20, 0xbf, 0x0f, 0xcf, 0x1d, 0x5b, 0xcf, 0x70, 0x67, 0x99, 0x69, 0x36,
0xaf, 0xe7, 0x87, 0x62, 0xee, 0xf7, 0xe1, 0xee, 0x8e, 0xb9, 0xd7, 0x8c, 0xc2, 0x4d, 0x96, 0xa6,
0x1c, 0x0e, 0xcd, 0xf5, 0xf8, 0x95, 0xbe, 0xa3, 0xb4, 0x24, 0x70, 0x31, 0xdd, 0xc1, 0x69, 0x7b,
0x36, 0xe3, 0x77, 0x56, 0xc2, 0xfb, 0xaa, 0xb8, 0xbf, 0xbc, 0x5a, 0x84, 0x1e, 0x48, 0xb4, 0xbd,
0x10, 0xf5, 0x3c, 0x0e, 0x8f, 0x8f, 0x29, 0x0b, 0xd3, 0x7b, 0x9b, 0x5f, 0x48, 0xd2, 0x70, 0xbd,
0xd8, 0xa4, 0xe6, 0x01, 0x6e, 0xf7, 0x2f, 0x6c, 0xac, 0xa4, 0xe5, 0x6c, 0x45, 0xa4, 0x1e, 0x71,
0x58, 0x3c, 0xb5, 0x6f, 0x22, 0x41, 0x10, 0x45, 0x33, 0x4a, 0x0c, 0xf1, 0xb7, 0x5a, 0x73, 0xb0,
0x20, 0xd4, 0x95, 0x81, 0xb7, 0x1c, 0xa1, 0x70, 0x40, 0xd4, 0xeb, 0x22, 0x6d, 0x4f, 0xca, 0xfe,
0x75, 0xbb, 0xf1, 0xa5, 0xff, 0x38, 0x06, 0x26, 0x06, 0xdf, 0x11, 0x07, 0xc8, 0xe1, 0x71, 0x71,
0x53, 0xdc, 0xaf, 0x44, 0xad, 0x6c, 0x1b, 0xa1, 0x41, 0xe3, 0xc0, 0xcf, 0x9b, 0xbf, 0x91, 0x55,
0x0c, 0x16, 0x24, 0xe4, 0x64, 0x30, 0x98, 0x0b, 0x2e, 0xb6, 0x52, 0xfe, 0x35, 0xc3, 0x54, 0x91,
0x56, 0x65, 0xf4, 0x69, 0xc3, 0x3a, 0x40, 0xcf, 0x67, 0xfb, 0x04, 0xba, 0x48, 0x51, 0xe9, 0xf4,
0xb8, 0xf9, 0x33, 0x95, 0x19, 0xe5, 0x6a, 0x53, 0x39, 0xdf, 0x18, 0xa9, 0x25, 0x2a, 0x9c, 0xcd,
0xdb, 0x1a, 0x2b, 0x83, 0xf4, 0xea, 0x6f, 0xb3, 0x84, 0x4d, 0x50, 0x5f, 0xd0, 0xf1, 0xbc, 0x8b,
0xcc, 0x8d, 0x8e, 0x16, 0x01, 0x3b, 0xfc, 0x4d, 0x62, 0xbb, 0xc7, 0x78, 0xfc, 0x22, 0x3e, 0x01,
0xf3, 0xfd, 0xb8, 0xb3, 0x39, 0x38, 0xed, 0x45, 0x03, 0x1b, 0xb0, 0x92, 0xe8, 0x84, 0xe8, 0x9a,
0xd7, 0x51, 0xdc, 0x5b, 0xd3, 0x3c, 0xfd, 0xe8, 0x01, 0x6c, 0xc5, 0x2c, 0x56, 0x70, 0x04, 0x42,
0x1a, 0xcf, 0x25, 0xc3, 0x13, 0x71, 0x8c, 0x12, 0x77, 0xea, 0xd8, 0x45, 0xcb, 0x4a, 0x2a, 0x82,
0xd7, 0x50, 0x84, 0x7d, 0x9f, 0xc9, 0x33, 0x3a, 0x0e, 0x72, 0x56, 0xa0, 0xec, 0xc1, 0x41, 0x66,
0xf6, 0x78, 0x52, 0x9d, 0x64, 0x22, 0xe8, 0xf4, 0x63, 0x4a, 0xf4, 0x64, 0x6a, 0xa5, 0xfe, 0x6f,
0x4d, 0x8f, 0xb2, 0x75, 0xf8, 0x68, 0xa8, 0xc4, 0x76, 0x73, 0x3c, 0x75, 0xf9, 0x88, 0xae, 0x39,
0x6f, 0x96, 0xbe, 0x01, 0x37, 0x3c, 0xef, 0xfd, 0xf2, 0x5f, 0x98, 0x95, 0x20, 0xbd, 0x41, 0x05,
0x75, 0x34, 0x80, 0x4f, 0x81, 0x02, 0xf1, 0x27, 0x4e, 0x1a, 0x24, 0xc7, 0xa8, 0xcd, 0xf0, 0xd6,
0xa1, 0x4e, 0xda, 0x59, 0x7e, 0xbd, 0xdf, 0x9c, 0xf5, 0xc5, 0xfa, 0x22, 0x2a, 0x2e, 0xcb, 0x4c,
0xa2, 0xbf, 0x2a, 0x66, 0x17, 0x0b, 0x82, 0x10, 0x86, 0x0a, 0x2f, 0xef, 0x82, 0xd9, 0x3c, 0xce,
0xe5, 0xde, 0xe9, 0xd9, 0x03, 0x0f, 0xce, 0x35, 0x24, 0xd7, 0x82, 0x75, 0x08, 0xb6, 0xad, 0x2c,
0x44, 0x3e, 0xcb, 0xe4, 0x28, 0xc7, 0x39, 0x58, 0xc0, 0xe4, 0xa8, 0x65, 0x5b, 0xfd, 0xf7, 0xa2,
0x91, 0xbc, 0x79, 0xb7, 0x99, 0x88, 0x0b, 0x1e, 0x70, 0x21, 0x22, 0x8e, 0x34, 0xc1, 0x6c, 0x40,
0x69, 0x01, 0x35, 0xc1, 0xf1, 0x95, 0x36, 0x19, 0xd4, 0xb4, 0x00, 0x7d, 0x68, 0xa1, 0x02, 0x6c,
0xa1, 0xe0, 0x61, 0x17, 0x6d, 0x0a, 0xdf, 0x2b, 0x03, 0x07, 0xc7, 0x21, 0x77, 0xcf, 0x45, 0x22,
0x7b, 0xb3, 0x26, 0xc2, 0xb8, 0x1a, 0x38, 0x79, 0xd7, 0xba, 0x8d, 0x9d, 0x33, 0x51, 0xcd, 0x74,
0xd2, 0x1a, 0x6f, 0x32, 0x52, 0xa4, 0xd3, 0xe9, 0xa9, 0xe2, 0x7f, 0xdf, 0x58, 0x2a, 0x73, 0x07,
0x2c, 0xee, 0x3e, 0x68, 0x8a, 0x27, 0xb2, 0xa3, 0x51, 0x4e, 0xf2, 0x73, 0xa4, 0xd1, 0x8f, 0xef,
0x62, 0x60, 0x92, 0x7c, 0x73, 0x2b, 0x58, 0x4e, 0xbe, 0xfd, 0x73, 0x1f, 0x0e, 0xed, 0x46, 0x50,
0x39, 0x4a, 0x66, 0x64, 0xd8, 0x11, 0x2d, 0x7b, 0x9d, 0xaf, 0xb8, 0x84, 0x20, 0x6d, 0x4e, 0xfb,
0xe0, 0x66, 0x11, 0x4c, 0xa2, 0x1c, 0x2d, 0x04, 0x2c, 0x21, 0x89, 0xd9, 0x34, 0x3f, 0xe4, 0xa4,
Copy link

Copilot AI Mar 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There’s no automated check ensuring this embedded key stays byte-for-byte in sync with the repo’s public key file (sign/release-signing-key.pub). Since both are part of the release verification story, consider adding a unit test that reads sign/release-signing-key.pub and asserts it equals RELEASE_SIGNING_KEY (and/or checking its length == PUBLIC_KEY_SIZE) to prevent accidental drift in future rotations.

Copilot uses AI. Check for mistakes.
Comment thread src/upgrade/signature.rs
Comment on lines 37 to 40
/// This key is used to verify signatures on released binaries.
/// The corresponding private key is held by authorized release signers.
/// Generated: 2025-12-04 19:28:34 UTC
/// Generated: 2026-03-23 22:49:45 UTC
const RELEASE_SIGNING_KEY: &[u8] = &[
Copy link

Copilot AI Mar 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rotating the embedded release key means signatures produced with the previous private key will no longer verify. If you still need to support verifying/auto-upgrading from artifacts signed with the prior key (e.g., rollback to an older release, or validating already-published releases), consider keeping the previous public key(s) and attempting verification against a key set rather than a single key.

Copilot uses AI. Check for mistakes.
@mickvandijke mickvandijke merged commit 6d64368 into main Mar 24, 2026
14 checks passed
@mickvandijke mickvandijke deleted the chore/rotate-release-signing-key branch March 24, 2026 09:45
mickvandijke added a commit that referenced this pull request Apr 1, 2026
@mickvandijke @claude
test: add comprehensive Section 18 test coverage (36 new tests)
c661b64 
Add unit and e2e tests covering the remaining Section 18 scenarios:

Unit tests (32 new):
- Quorum: #4 fail→abandoned, #16 timeout→inconclusive, #27 single-round
  dual-evidence, #28 dynamic threshold undersized, #33 batched per-key,
  #34 partial response unresolved, #42 quorum-derived paid-list auth
- Admission: #5 unauthorized peer, #7 out-of-range rejected
- Config: #18 invalid config rejected, #26 dynamic paid threshold
- Scheduling: #8 dedup safety, #8 replica/paid collapse
- Neighbor sync: #35 round-robin cooldown skip, #36 cycle completion,
  #38 snapshot stability mid-join, #39 unreachable removal + slot fill,
  #40 cooldown peer removed, #41 cycle termination guarantee,
  consecutive rounds, cycle preserves sync times
- Pruning: #50 hysteresis prevents premature delete, #51 timestamp reset
  on heal, #52 paid/record timestamps independent, #23 entry removal
- Audit: #19/#53 partial failure mixed responsibility, #54 all pass,
  #55 empty failure discard, #56 repair opportunity filter,
  response count validation, digest uses full record bytes
- Types: #13 bootstrap drain, repair opportunity edge cases,
  terminal state variants
- Bootstrap claims: #46 first-seen recorded, #49 cleared on normal

E2e tests (4 new):
- #2 fresh offer with empty PoP rejected
- #5/#37 neighbor sync request returns response
- #11 audit challenge multi-key (present + absent)
- Fetch not-found for non-existent key

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
mickvandijke added a commit that referenced this pull request Apr 1, 2026
@mickvandijke @claude
test: add comprehensive Section 18 test coverage (36 new tests)
4b0a271 
Add unit and e2e tests covering the remaining Section 18 scenarios:

Unit tests (32 new):
- Quorum: #4 fail→abandoned, #16 timeout→inconclusive, #27 single-round
  dual-evidence, #28 dynamic threshold undersized, #33 batched per-key,
  #34 partial response unresolved, #42 quorum-derived paid-list auth
- Admission: #5 unauthorized peer, #7 out-of-range rejected
- Config: #18 invalid config rejected, #26 dynamic paid threshold
- Scheduling: #8 dedup safety, #8 replica/paid collapse
- Neighbor sync: #35 round-robin cooldown skip, #36 cycle completion,
  #38 snapshot stability mid-join, #39 unreachable removal + slot fill,
  #40 cooldown peer removed, #41 cycle termination guarantee,
  consecutive rounds, cycle preserves sync times
- Pruning: #50 hysteresis prevents premature delete, #51 timestamp reset
  on heal, #52 paid/record timestamps independent, #23 entry removal
- Audit: #19/#53 partial failure mixed responsibility, #54 all pass,
  #55 empty failure discard, #56 repair opportunity filter,
  response count validation, digest uses full record bytes
- Types: #13 bootstrap drain, repair opportunity edge cases,
  terminal state variants
- Bootstrap claims: #46 first-seen recorded, #49 cleared on normal

E2e tests (4 new):
- #2 fresh offer with empty PoP rejected
- #5/#37 neighbor sync request returns response
- #11 audit challenge multi-key (present + absent)
- Fetch not-found for non-existent key

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@mickvandijke mickvandijke mickvandijke approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jacderida @mickvandijke