Summary
Mechanism to revoke compromised keys and rotate identity.
Current state
No revocation mechanism. Compromised identity key remains valid forever.
Requirements
/revoke command to broadcast key revocation- Revocation message signed by old key
- Contacts automatically distrust revoked keys
/rotate to generate new identity and notify contacts- Handle offline contacts (store-forward revocation)
User flow
# Device compromised, user generates new identity on clean device
/revoke --reason 'Device seized'
All contacts notified. Old key is now invalid.
# Or proactive rotation
/rotate
New identity generated. Contacts will be notified.
Risk mitigated
- Compromised key continues to be trusted by contacts
- Attacker impersonates user with stolen key
Priority
HIGH for crypto hardening
Implementation notes
- Revocation should work even from new device (prove control of old key)
- Store revocation list locally
- Challenge: verifying revocation over untrusted channel
- Consider: allow contacts to manually revoke (they met in person, know key is bad)
Summary
Mechanism to revoke compromised keys and rotate identity.
Current state
No revocation mechanism. Compromised identity key remains valid forever.
Requirements
/revokecommand to broadcast key revocation/rotateto generate new identity and notify contactsUser flow
Risk mitigated
Priority
HIGH for crypto hardening
Implementation notes