Skip to content

Identity

Sovereign Identity

Identities in Mosaic are self-created and self-administered. This requires each end user and server to securely manage their secret key material. Convenient methods for doing so are outside of the scope of Mosaic.

An identity is defined to be the entity with knowledge of the secret half of an EdDSA keypair.

This identifying keypair is considered their master keypair.

An entity (user or server) is referenced by the public half of their master keypair.

Server Identities

In Mosaic, servers have identities similar to how users have identities.

Master keys and Subkeys

Users MAY have subsidiary public keys, known as subkeys, signing keys or device keys (these terms being mostly functionally interchangeable).

The purpose of subkeys is primarily to facilitate online usage in less secure environments without risking exposure of the master key secret, where compromise and revocation do not invalidate the master key identity that the user is known by.

Subkeys also support alternative algorithms, such as X25519 public keys for receiving encrypted information, or secp256k1 keys for backwards compatibility with nostr.

Users publish their subkeys in a key schedule record, defined within the core application.

A limited number of low-frequency operations in Mosaic require a signature from the master key. These include (presently):

NOTE: Nothing in the Mosaic spec requires that subkeys are deterministically derived from the master secret key. How subkeys are generated is out of scope.

Rollover and Revocation

Subkeys can be rolled over (marked "out of use") or revoked. Revocation can apply from a particular timestamp, or it can cover all records signed with the keypair.

See Key Schedule for more details.

The use of a key schedule record by servers is not yet specified and yet to be worked out. For the moment, servers should use their master key directly.

Currently master keys cannot be revoked, and loss of a master key is catastrophic.