Asfaload Concepts
This document introduces concepts and terminology as used by the Asfaload project.
Individual signature
The signature generated by a user controlling an Asfaload keypair.
Multisig system
A system defining the combination of individual signatures from pre-defined groups of signers, each group specifying a threshold of participants as a completeness criteria.
Aggregate signature
A group of individual signature in the Asfaload Multisig system. An aggregate signature is pending until its completeness criteria is met, at which time it transition to complete. This completeness criteria is dependent on the group and the operation the aggregate signature is applied to.
Signers file
The signers file is a json document that defines multiple role-based groups of
signers, such as artifact_signers, admin_keys, revocators, master_keys.
Only the artifact_signers group is mandatory: to enable easy setup in simple
environments, there are groups fallbacks if not all of these are defined. Each
group has a specific purpose: artifact_signers applies to normal operations
(e.g. release signing), while others apply to specific operations.
Groups
Artifact signers
List the public keys of the signers authorised and expected to sign an artifact, for example a Github Release.
Admin keys
Lists the public keys of signers authorised to update the signers file.
Revocators
List public keys of signers authorised to revoke an aggregate signature. The aggregate signature can be pending, in which case it cannot be completed anymore, or complete, in which case it is rendered obsolete.
Master keys
These keys cannot be present in another group, and they are meant to be used in emergency operations when admin keys are not usable. We encourage to keep these keys offline.