mcias/proto/mcias/v1/admin.proto

// AdminService: health check and public-key retrieval.
// These RPCs are public — no authentication is required.
syntax = "proto3";

package mcias.v1;

option go_package = "git.wntrmute.dev/kyle/mcias/gen/mcias/v1;mciasv1";

// HealthRequest carries no parameters.
message HealthRequest {}

// HealthResponse confirms the server is operational.
message HealthResponse {
  string status = 1;  // "ok"
}

// GetPublicKeyRequest carries no parameters.
message GetPublicKeyRequest {}

// GetPublicKeyResponse returns the Ed25519 public key in JWK format fields.
// The "x" field is the base64url-encoded 32-byte public key.
message GetPublicKeyResponse {
  string kty = 1;  // "OKP"
  string crv = 2;  // "Ed25519"
  string use = 3;  // "sig"
  string alg = 4;  // "EdDSA"
  string x   = 5;  // base64url-encoded public key bytes
}

// AdminService exposes health and key-material endpoints.
// All RPCs bypass the auth interceptor.
service AdminService {
  // Health returns OK when the server is operational.
  rpc Health(HealthRequest) returns (HealthResponse);

  // GetPublicKey returns the Ed25519 public key used to verify JWTs.
  rpc GetPublicKey(GetPublicKeyRequest) returns (GetPublicKeyResponse);
}