Module Make.Vat_config

module Listen_address : sig ... end
type t
val create : public_address:Location.t -> secret_key:[< `PEM of string | `Ephemeral ] -> ?serve_tls:bool -> Listen_address.t -> t

create ~public_address ~secret_key listen_address is the configuration for a server vat that listens on address listen_address. secret_key may be one of:

  • `PEM data: the given PEM-encoded data is used as the key.
  • `Ephemeral: a new key is generated (if needed) and not saved anywhere. If serve_tls is false then the vat accepts unencrypted incoming connections. If true (the default), the vat performs a server TLS handshake, using secret_key to prove its identity to clients. The vat will suggest that others connect to it at public_address.

secret_key t returns the vat's secret yet, generating it if this is the first time it has been used.

val hashed_secret : t -> string

hashed_secret t is the SHA256 digest of the secret key file. This is useful as an input to Restorer.Id.derived.

val derived_id : t -> string -> Capnp_rpc_net.Restorer.Id.t

derived_id t name is a secret service ID derived from name and the vat's secret key (using Restorer.Id.derived). It won't change (unless the vat's key changes).

val sturdy_uri : t -> Capnp_rpc_net.Restorer.Id.t -> Uri.t

sturdy_uri t id is a sturdy URI for id at the vat that would be created by t.