# org.eu.net.pool.gpgkey

> Published by [pool.net.eu.org](https://lexicon.garden/identity/did:plc:6ad33vzuolwszi5lerty2ter)

✓ This is the authoritative definition for this NSID.

## Links

- [View on Lexicon Garden](https://lexicon.garden/lexicon/did:plc:6ad33vzuolwszi5lerty2ter/org.eu.net.pool.gpgkey)
- [Documentation](https://lexicon.garden/lexicon/did:plc:6ad33vzuolwszi5lerty2ter/org.eu.net.pool.gpgkey/docs)
- [Examples](https://lexicon.garden/lexicon/did:plc:6ad33vzuolwszi5lerty2ter/org.eu.net.pool.gpgkey/examples)

## Definitions

### `org.eu.net.pool.gpgkey`

**Type**: `record`

establishes a bidirectional many-to-many link between a DID and an associated GPG key. the rkey of this record must be the fingerprint of the GPG key, encoded in lowercase hexadecimal with no prefix, suffix, or delimiter.

**Key**: `any`

| Property | Type | Required | Description |
|----------|------|----------|-------------|
| `key` | `string` | Yes | base64-encoded GPG key as produced by `gpg --export $rkey \| base64 -w0`. the export must consist of exactly one key. |
| `ref` | `string` (at-uri) | Yes | at uri of this record with the owning DID replaced by handle.invalid. used to search keys by fingerprint. |
| `endorsement` | `string` | Yes | base64-encoded detached signature of the canonical at:// uri of this record, to prove the DID's ability to use the key. |

## Raw Schema

```json
{
  "id": "org.eu.net.pool.gpgkey",
  "defs": {
    "main": {
      "key": "any",
      "type": "record",
      "record": {
        "type": "object",
        "required": [
          "endorsement",
          "key",
          "ref"
        ],
        "properties": {
          "key": {
            "type": "string",
            "minlength": 1,
            "description": "base64-encoded GPG key as produced by `gpg --export $rkey | base64 -w0`. the export must consist of exactly one key."
          },
          "ref": {
            "type": "string",
            "format": "at-uri",
            "maxlength": 83,
            "minlength": 83,
            "description": "at uri of this record with the owning DID replaced by handle.invalid. used to search keys by fingerprint."
          },
          "endorsement": {
            "type": "string",
            "minlength": 1,
            "description": "base64-encoded detached signature of the canonical at:// uri of this record, to prove the DID's ability to use the key."
          }
        }
      },
      "description": "establishes a bidirectional many-to-many link between a DID and an associated GPG key. the rkey of this record must be the fingerprint of the GPG key, encoded in lowercase hexadecimal with no prefix, suffix, or delimiter."
    }
  },
  "$type": "com.atproto.lexicon.schema",
  "lexicon": 1
}
```