Summary
Follow-up from #4.
The current identity system has documented rotation/recovery policy, but runtime key rotation behavior should remain separate from the identity MVP.
Scope
- Define how an active agent identity rotates to a new key.
- Preserve old public key metadata long enough to verify historical ledger events.
- Ensure revoked or superseded keys cannot sign new events.
- Keep private key material local and gitignored.
Non-goals
- No remote key custody.
- No cloud worker private keys.
- No public blockchain.
- No automatic trust escalation.
Acceptance criteria
Summary
Follow-up from #4.
The current identity system has documented rotation/recovery policy, but runtime key rotation behavior should remain separate from the identity MVP.
Scope
Non-goals
Acceptance criteria