poztter.org

component · 0x0001

Master Zone.

All components · Survivorship · Delegation

The Master Zone is the root of all authority in a POZ record. Every other section lives or dies by what the Master Zone says about it. There is exactly one per record, and it carries a hash chain from genesis to the current revision.

what it holds

the hash chain

flowchart LR G["Serial 1 (genesis)
previous = 0
current = H(content_1)"] S2["Serial 2
previous = current₁
current = H(content_2)"] S3["Serial 3
previous = current₂
current = H(content_3)"] G --> S2 --> S3
fig 01 · each revision links to the previous via previous_master_hash. The genesis revision sets original_master_hash — a permanent ID — and links back to zero.

A verifier walking the chain confirms that each revision's serial number is exactly one greater than the prior, that each timestamp is strictly later, and that previous_master_hash matches the prior current_master_hash. A break in the chain is a security event.

draft, sign, apply

Master Zone revisions follow a three-phase workflow so that signatures can be collected asynchronously, from different keyholders, in any order:

sequenceDiagram autonumber participant U as Holder participant K1 as Key A participant K2 as Key B U->>U: Draft new content (serial++, signatures cleared) U->>K1: Sign signable content K1-->>U: signature₁ U->>K2: Sign signable content K2-->>U: signature₂ U->>U: Threshold met → compute current_master_hash → apply
fig 02 · the draft/sign/apply workflow — signatures gathered out-of-band before the zone is finalized.

The signable content excludes current_master_hash and the signature data — both are computed outputs that don't exist when signing starts. Once enough signatures are collected to satisfy any one survivorship group, the full hash content (everything except current_master_hash itself) is hashed and the zone is finalized.

FIELDS SCOPE original_master_hash hash · 32 B · set at genesis original_timestamp uint64 · 8 B current_master_hash hash · 32 B · computed last serial_number uint32 · 4 B · monotonic timestamp uint64 · 8 B · strictly increasing master_keys[ ] uint8 count + entries each: key_idx, group, value sub_zone_delegations[ ] uint8 count + entries each: zone_type, delegation_keys[ ] signatures[ ] added after signing each: key_idx, sig_type, sig_data previous_master_hash hash · 32 B · chain link SIGNABLE CONTENT what each signer signs ✓ original hash + ts ✓ serial + timestamp ✓ master_keys[ ] ✓ delegations[ ] ✓ previous_master_hash ✗ current_master_hash ✗ signatures[ ] (those are computed later) FULL HASH CONTENT hashed into current_master_hash all signable content + signatures[ ] (data) excluded only: current_master_hash itself → result becomes current_master_hash copper border = part of signable content · dashed red = computed after signing
fig 03 · the Master Zone has two hash scopes. Signers sign the stable parts; the computed hash includes the signatures and everything else they don't see when signing.

public Key Map (0x0000)

Keys live in a single Public Key Map, identified by SHA-3 hash and assigned a zero-based index. All other sections — including the Master Zone — refer to keys by index. This keeps the record compact and makes it easy to track which keys are used where.

constraints

see also