archy/core/archipelago
archipelago 27e6747c2a feat(security): pin the release-root trust anchor (Workstream B)
Pins RELEASE_ROOT_PUBKEY_HEX from the signing ceremony
(did🔑z6MkkidEnEpo6qHMCNSZoNKWtvQvxq3whnaME9wGgEFhq7ur). The
corresponding mnemonic is held offline by the publisher, never committed
or stored on any node/build host. Nodes built with this binary now verify
the app catalog's signature against this anchor instead of accepting any
signer; unsigned catalogs are still accepted during the migration window
per docs/workstream-b-signing-runbook.md.

Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com>
2026-07-01 16:59:48 -04:00
..
2026-06-18 01:00:24 -04:00