Key Revocations
Certificate Revocation List (CRL) for compromised Ed25519 keys
How Revocation Works
When an Ed25519 key is compromised, it gets added to the CRL (a signed JSON document). Every seal verification checks the CRL before trusting signatures. Revoked seals show a red REVOKED badge instead of TRUSTED. Use the CLI to revoke:
notis revoke <64-char-hex-key> "reason"No keys have been revoked. That's a good thing.