Onboarding via broadcast lightweight certificate

[nymble]

1. validate signature via node id and remove transmission of sender public key
2. validate signature by using node number lookup into persona wallet
   a) if no key for node - alert user
   optional send new message 'get cert' to node
   nodes reply to 'get key' with cert
   also display as signed but no key
3. new message - signed cert that has public key and other 'persona info'
   a) on reception is entered into wallet if not existing and marked 'untrusted'
   b) could later add 'trust' (akin to SSH) for key/persona
   c) cert minimal contents are:
   - pub key
   - node id
   - optional friendly name
4. on display of received protected message indicate trust/not trust

[ahmedkadd]

Change the format of a signed message. Remove the public key from the signed message. First display that we received a signed message, but it fails. Either there is no key, or the signing is forged.

Hard code a certificate.

Have structure inside a signed message.

Have at least 2 types: persona and signed message.

We can use what we already have, but instead of displaying it immediately, parse it again.

Define a byte to define if it is a message or persona.

Write a mini Python function cert() with encode/decode. It comes out of the wallet. Has the nodeId and a friendly name from the wallet.

Take the protobuf message, sign that, then send those bytes.

Cert is a type of signed. Inside the signed, you can either have a message or a certificate.

Inside of the Black Lager message, it can be persona or text.

Use the NodeId, and use that to look up the public key. Put he nodeId inthe BlackLager message.

Comes in its opaque. Look at it. Right now its signed. Unsign it. Then run it through other processing.

Is it a plaintext to display or a certificate that I need to save.