Report Key Compromise

curl --request POST \
  --url https://api.truthlocks.com/v1/issuers/keys/{kid}/compromise \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "reason": "<string>"
}
'

{
  "kid": "ed-key-1",
  "status": "compromised",
  "compromised_at": "2026-02-18T19:00:00Z",
  "affected_attestations": 42
}

POST

issuers

keys

{kid}

compromise

Report Key Compromise

curl --request POST \
  --url https://api.truthlocks.com/v1/issuers/keys/{kid}/compromise \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "reason": "<string>"
}
'

{
  "kid": "ed-key-1",
  "status": "compromised",
  "compromised_at": "2026-02-18T19:00:00Z",
  "affected_attestations": 42
}

Reports a signing key as compromised. This immediately disables the key and marks all attestations signed by this key as requiring re-verification. This action is irreversible.

Parameters

kid

string

required

The key identifier of the compromised key

reason

string

required

Reason for reporting the key as compromised

Responses

{
  "kid": "ed-key-1",
  "status": "compromised",
  "compromised_at": "2026-02-18T19:00:00Z",
  "affected_attestations": 42
}

Authorizations

X-API-Key

string

header

required

API key for machine-to-machine authentication

Path Parameters

kid

string

required

Body

application/json

reason

string

Response

200 - application/json

Key marked as compromised

kid

string

status

string

affected_attestations

integer

Rotate Key List API Keys

Attestations

Verification

Verification Packs

Issuers

API Keys

Governance

Identity & Access

Audit & Logs

Consumer (B2C)

System

Report Key Compromise

Parameters

Responses

Authorizations

Path Parameters

Body

Response

Attestations

Verification

Verification Packs

Issuers

API Keys

Governance

Identity & Access

Audit & Logs

Consumer (B2C)

System

​Parameters

​Responses

Authorizations

Path Parameters

Body

Response

Parameters

Responses