Participant Bind v1¶
Source schema: doc/schemas/participant-bind.v1.schema.json
Schema seed for a participant-scoped authorization artifact carried over an already established encrypted node-to-node session. This artifact remains above peer-handshake.v1 and is intended for later hosted-user or multi-participant flows.
Governing Basis¶
doc/project/40-proposals/007-pod-identity-and-tenancy-model.mddoc/project/40-proposals/014-node-transport-and-discovery-mvp.md
Project Lineage¶
Requirements¶
Stories¶
Fields¶
| Field | Required | Shape | Description |
|---|---|---|---|
schema/v |
yes |
const: 1 |
Schema version. |
bind/id |
yes |
string | Stable identifier of the bind artifact. |
bound-at |
yes |
string | Timestamp when the participant asserted this bind over the active channel. |
participant/id |
yes |
string | Participation-role identity that is being authorized over the already established node-to-node session. |
via/node-id |
yes |
string | Hosting or serving node through which the participant speaks. |
session/id |
yes |
string | Reference to the live encrypted node-to-node session or equivalent channel context. |
participant/key/alg |
yes |
enum: ed25519 |
Verification algorithm for the participant proof material. |
participant/key/public |
yes |
string | Public verification key backing the participant role in the bound context. |
proof/participant-signature |
yes |
ref: #/$defs/signature |
Participant-side proof over the bind payload. |
proof/node-attestation |
no |
ref: #/$defs/signature |
Optional future-facing node-side hosting attestation over the same bind context. |
policy_annotations |
no |
object | Optional local or federation policy annotations that do not change the core bind semantics. |
Definitions¶
| Definition | Shape | Description |
|---|---|---|
signature |
object | |
| ## Field Semantics |
schema/v¶
- Required:
yes - Shape: const:
1
Schema version.
bind/id¶
- Required:
yes - Shape: string
Stable identifier of the bind artifact.
bound-at¶
- Required:
yes - Shape: string
Timestamp when the participant asserted this bind over the active channel.
participant/id¶
- Required:
yes - Shape: string
Participation-role identity that is being authorized over the already established node-to-node session.
via/node-id¶
- Required:
yes - Shape: string
Hosting or serving node through which the participant speaks.
session/id¶
- Required:
yes - Shape: string
Reference to the live encrypted node-to-node session or equivalent channel context.
participant/key/alg¶
- Required:
yes - Shape: enum:
ed25519
Verification algorithm for the participant proof material.
participant/key/public¶
- Required:
yes - Shape: string
Public verification key backing the participant role in the bound context.
proof/participant-signature¶
- Required:
yes - Shape: ref:
#/$defs/signature
Participant-side proof over the bind payload.
proof/node-attestation¶
- Required:
no - Shape: ref:
#/$defs/signature
Optional future-facing node-side hosting attestation over the same bind context.
policy_annotations¶
- Required:
no - Shape: object
Optional local or federation policy annotations that do not change the core bind semantics.
Definition Semantics¶
$defs.signature¶
- Shape: object