dev docs: The key store version file should specify a minimum supported version.

Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 15:43:54 +01:00 · 2023-05-16 15:43:54 +01:00 · 80ec4d01ae
parent 601f307fdd
commit 80ec4d01ae
1 changed files with 10 additions and 2 deletions
--- a/doc/dev/notes/key-management.md
+++ b/doc/dev/notes/key-management.md
@ -625,8 +625,16 @@ As Arti evolves, it is likely we will eventually need to make changes to the
 structure of its key store (for example, to support new key specifiers, or to
 change something about the existing ones). This means we'll need to be able to
 distinguish between the different supported key store versions. To achieve this,
-the root of the Arti key store will have a `.VERSION` file that contains the
-version of the key store. Initially, we're only going to support version `1`.
+the root of the Arti key store will have a `.VERSION` file that contains 2
+version numbers (the format of the `.VERSION` file is TBD):
+  * `version`: the version of the key store
+  * `min_version`: the minimum `ArtiKeyStore` version required to
+    read/manipulate the store
+
+The `ArtiKeyStore` won't be constructed if the `.VERSION` file of the configured
+store is malformed, or if `ArtiKeyStore::VERSION` is less than its
+`min_version`. This should likely be treated as a fatal error (i.e. Arti should
+refuse to start if the keystore exists but is inaccessible or malformed).

 #### Key passphrases