This repository was archived by the owner on Jul 28, 2025. It is now read-only.
This repository was archived by the owner on Jul 28, 2025. It is now read-only.
Separate checkpoint signing keys from operator log signing keys #226
Description
The operator "commit" permission is weird in that it does not apply to operator log records but instead about the "committing to a checkpoint" operation. Separately, it would be a good practice to regularly rotate the checkpoint signing key. We could help address both of these by adding new operator log entries to manage the key(s) that are able to sign checkpoints, managed as a separate set from the operator key(s) themselves.