Mii crypto spec
Mobius Integrity Index (MII) — Cryptographic Spec v0.1¶
Goal: verifiable, replay-safe attestations that bind (service_state, metrics, time) to a signer.
Signature¶
- Algorithm: Ed25519 (libsodium/NaCl)
- Key material: 32-byte seed, 64-byte expanded secret key
Signing Payload¶
Canonical JSON (UTF-8, SHA-256 preimage):
{
"service_id": "ledger-api",
"instance": "ledger-api-01.us-east-1",
"mii": 0.9734,
"mii_window": {"from":"2025-11-08T06:00:00Z","to":"2025-11-08T07:00:00Z"},
"gi_components": {
"accuracy":0.991,"consistency":0.982,"fairness":0.965,"entropy":0.978
},
"nonce": "base64(16B)",
"prev_attestation_hash": "hex(SHA-256)",
"issued_at": "2025-11-08T07:05:00Z",
"expires_at":"2025-11-08T07:20:00Z",
"schema":"https://mobius/specs/attestation@v0.1"
}
Signature Process¶
- Canonicalize payload (stable key order, no whitespace).
- Hash with SHA-256; use hex digest as Ed25519 message.
signature = base64(Ed25519.sign(digest, secret_key))- Attach
kidreferencing rotating JWKS entry.
Key Distribution & Rotation¶
- JWKS hosted at
/.well-known/mobius/jwks.json - Key IDs rotate every 30 days (or on compromise).
- Historical keys kept for 90 days to verify delayed attestations.
Replay & Expiry Controls¶
- Nonce: base64-encoded 16-byte random value.
- Window:
mii_window.from/to(15-minute cadence). prev_attestation_hash: links attestations into a hash chain.expires_at: reject attestations older than 15 minutes.
Revocation¶
- Publish CRL at
/.well-known/mobius/attestations/crl.json. - Ledger marks revoked attestations and issues compensating entries.