This enables an extremely beneficial property of TELs; that is, the verifiability of transaction events in the TEL persists in spite of changes to Key States in the sealing KEL. In other words, the verifiability of transaction events persists in spite of changes in the Key State

Using seals, the delega-tor’s and delegate’s event streams are cross linked together

A nested set of delegation levels may be used to form a dele-gation chain or a delegation tree

In some critical interactions, however, the trade-off between convenience and security madeby reusing signing keys for multiple interaction events may not be acceptable. In this case, amore secure approach is to combine an interaction event with a rotation event by adding a pay-load data structure to the rotation event.

To elaborate, a successful live exploit must compromise the unexposed next set of private keysfrom the public-keys declared in the latest rotation

Figure 11.5. KERL for a Recovery Rotation Event.

The controller is responsible to promulgate a mutually consistent set of receipts, i.e. a suffi-cient agreement of size M ≥ M C .

Without a threshold a validator may choose to hold a controller ac-countable upon any evidence of duplicity which may make the service fragile in the presence ofany degree of such faulty behavior

Suppose instead that N = 3F + 1 , then a correctagreement is guaranteed as before but the agreement will have 2F + 1 nodes (quorum size) anddespite some F of those 2F + 1nodes becoming unresponsive, the remaining F + 1 honest andresponsive nodes will be able to propagate that correct safe agreement to the next round

But there is no guarantee that the nodes in agreement (quorum) will knowthey came to agreement in a subsequent round because as many as F of the nodes in agreementin a given round may subsequently become unresponsive in the next round

This may be called a multi-controller or collec-

An escrow cache of unverified out-of-order event provides an opportunity for malicious at-tackers to send forged event that may fill up the cache as a type of denial of service attack. Forthis reason escrow caches are typically FIFO (first-in-first-out) where older events are flushed tomake room for newer events.

Event escrow isan optional implementation specific configurable capability of controllers and witnesses imple-mentations

Each time the controller connects to awitness to send new events and collect the new event receipts, it also sends the receipts it has re-ceived so far from other witnesses

When network bandwidth is less constrained then a gossip proto-col might provide full dissemination with lower latency than a round robin protocol

When a rotation amends the witnesses it includes the new tally, the setof pruned (removed) witnesses and the set of newly grafted (added) witnesses. This is shownbelow.

For a given AID, Duplicity refers to the existence of two or more versions of inconsistent instances of a KEL.

a little bit about consensus algorithms

but I also have one: a verifiable data tree, not just a chain. So in my view, a verifiable data tree is the solution, not a shared blockchain

consensus network called KERI