Release
0.7 — A2A Auth Layer
Objective
Revoke A2A token → all downstream A2A calls fail.
Problem
- A2A revocation doesn't cascade
- Downstream calls succeed after upstream revoked
Fix
POST /authority/revoke handles A2A tokens- Mark revoked in graph
- Invalidate all downstream tokens
- Immediate effect
Files
internal/api/authority_handlers.gointernal/storage/delegation.gointernal/storage/tokens.go
Acceptance Criteria
Release
0.7 — A2A Auth Layer
Objective
Revoke A2A token → all downstream A2A calls fail.
Problem
Fix
POST /authority/revokehandles A2A tokensFiles
internal/api/authority_handlers.gointernal/storage/delegation.gointernal/storage/tokens.goAcceptance Criteria
shark.authority.revokeA2A(id)