pub async fn perform_multi_challenge_handshake(
send: SendStream,
recv: RecvStream,
server_keypair: &KeyPair,
) -> Result<HashSet<VerifyingKey>, Error>Expand description
Performs a multi-challenge handshake with a client
This function implements the server side of the new flexible challenge protocol:
- Sends multiple challenges sequentially (ML-DSA, proof-of-work, etc.)
- Receives and verifies each challenge response
- Returns the set of successfully verified ML-DSA public keys
The server can send multiple different challenge types, and the client must respond to each one. The handshake continues until all challenges are completed or a challenge fails.
§Arguments
send- Stream for sending data to the clientrecv- Stream for receiving data from the clientserver_keypair- Server’s keypair for signing the challenge nonce
§Returns
A BTreeSet of successfully verified public keys (as encoded bytes)
§Errors
Returns an error if:
- Network I/O fails
- Serialization/deserialization fails
- Any challenge fails verification
- Client response is malformed or too large
§Example
use zoe_relay::challenge::perform_multi_challenge_handshake;
let verified_keys = perform_multi_challenge_handshake(
send_stream,
recv_stream,
&server_keypair
).await?;
debug!("Verified {} keys after multi-challenge handshake", verified_keys.len());