gabriel / musehub public
feat BREAKING task/proposer-signature #1 / 1
AI Agent gabriel · 40 days ago · May 8, 2026 · Diff

feat: Ed25519 proposer signature on merge proposals

Every proposal now optionally carries an Ed25519 signature by the proposer over the canonical PROPOSE pre-image (repo_id, from_branch, to_branch, author, client-supplied timestamp).

- musehub/proposals/signing.py: canonical_propose_message(), verify_proposer_signature() (uses decode_sig/decode_pubkey from muse.core.types), check_timestamp_skew() - alembic/versions/0048: proposer_signature + proposer_public_key columns (nullable) - musehub_models.py: ORM columns on MusehubProposal - musehub.py: ProposalCreate gains proposerPublicKey/Signature/Timestamp fields; ProposalResponse gains proposerSignature + proposerPublicKey - musehub_proposals service: create_proposal accepts + stores both fields - proposals route: verifies registered key (403), valid sig (422), timestamp skew (422) - tests/test_proposal_proposer_signature.py: 10 tests (T1-T7) all passing

sha256:e55c0e6cc811e108d2f1638d065cbf87a81cd0d34d16a2f8a28ba07f876d77b3 sha
sha256:fb5ae7036153791a77ff462ec3b61187be7e9d636c5ad2d1b276ca840588c84a parent
sha256:2244c9743039565289a65799fb84d483220cb185f86f17adbecd68bab2a66a0b snapshot
← Older Oldest on task/proposer-signature
All commits
Newer → Latest on task/proposer-signature

0 comments

No comments yet. Be the first to start the discussion.

To add a comment, use the Muse CLI: muse hub commit comment sha256:e55c0e6cc811e108d2f1638d065cbf87a81cd0d34d16a2f8a28ba07f876d77b3 --body "your comment"