Loading vLEI.wiki
Fetching knowledge base...
Fetching knowledge base...
This comprehensive explanation has been generated from 13 GitHub source documents. All source documents are searchable here.
Last updated: October 7, 2025
This content is meant to be consumed by AI agents via MCP. Click here to get the MCP configuration.
Note: In rare cases it may contain LLM hallucinations.
For authoritative documentation, please consult the official GLEIF vLEI trainings and the ToIP Glossary.
A stale event is an outdated or irrelevant key event in a KERI Key Event Log (KEL) that involves an expired or rotated-out encryption key, representing a potential security risk if processed as authoritative.
A stale event is a key event in KERI's Key Event Log (KEL) that has become outdated or irrelevant due to subsequent establishment events that have rotated the authoritative key set. Specifically, a stale event involves a stale key—an expired or superseded encryption key that should no longer be used for securing data or authorizing operations.
Stale events represent a critical security consideration in KERI's key management infrastructure. When a controller performs a key rotation, the previous keys become stale, and any events signed with those keys after the rotation are considered stale events. These events may compromise security if mistakenly processed as authoritative, as they could represent:
In KERI's architecture, the concept of stale events is fundamental to maintaining the integrity of the key state and preventing unauthorized control over AIDs (Autonomic Identifiers).
Implementations must validate that events are signed with keys that were authoritative at the time of event creation. This requires:
KERI's asynchronous nature means events may arrive out of order. Implementations must:
Witnesses and watchers play critical roles in stale event detection:
KERI's pre-rotation mechanism creates a clear temporal boundary between valid and stale events. When a rotation occurs:
This temporal ordering is enforced through KERI's append-only KEL structure, where each establishment event cryptographically commits to the previous state through backward chaining (digest of prior event) and forward chaining (digest of next pre-rotated keys).
Stale events pose security risks in several scenarios:
Live vs. Dead Attacks: KERI distinguishes between live attacks (compromising current keys) and dead attacks (using stale keys). Stale events are the manifestation of dead attacks—attempts to use compromised keys that have already been rotated out. KERI's pre-rotation mechanism provides protection against dead attacks by ensuring that even if old keys are compromised, they cannot authorize new events.
Duplicity Detection: Witnesses and watchers must identify stale events to detect duplicity. If a controller attempts to create conflicting event histories using stale keys, the first-seen policy and witness consensus mechanisms will reject these stale events as invalid.
Event Validation: Validators must verify that events are signed with keys that were authoritative at the time of signing. This requires maintaining accurate key state history and rejecting events signed with stale keys.
In the ACDC (Authentic Chained Data Container) credential framework built on KERI, stale events have implications for credential validity: