MOVE_REPOWN — Group 20, Code 6
User sets a fresh AN on the destination; flips the coin INBOUND → AUTHORITATIVE. Completes the move. Retryable.
Design-stage — parameters are a first draft
Field sizes are drafted from raidax/ideas_for_suspect_raida_servers.txt (Addenda 5–7) and are not final or implementation-verified. The body is encrypted per the header ENC_CODE; see below.
Phase I — essential
This command is part of the Phase I minimum needed for a coin to move from root to suspect (and back) and be trusted by a workstation. Sets the new secret; the final, essential step of a move.
How it works
This is the step that finishes a move and makes the coin usable again on its new server. “POWN” is the long-standing RAIDA term for “prove ownership and set a new Authenticity Number” — in other words, change the coin's password. MOVE_REPOWN lets the user set a brand-new secret AN on the destination server for the coin that just arrived.
Why a fresh secret rather than copying the old one? Because the old secret was known to the previous server, and the whole point is that the new authority should hold a secret only the user knows. Setting a new AN here flips the coin from INBOUND to fully AUTHORITATIVE on the destination. This step is safely retryable: if the user's connection drops, the coin simply waits in INBOUND (owned but not yet usable) until they try again — it is never lost to a second owner.
Direction & encryption
- Direction: client → dest
- ENC_CODE: bootstrap (ticket-validated)
Request Body parameters
| Field | Bytes | Description |
|---|---|---|
| CH (challenge) | 16 | Standard challenge / replay protection (per header convention). |
| DN | 1 | Denomination of coin X. |
| SN | 4 | Serial number of coin X. |
| new_AN | 16 | Fresh Authenticity Number to install on the destination. |
| EOF | 2 | Terminator (0x3E3E). |
Response Body parameters
| Field | Bytes | Description |
|---|---|---|
| status | 1 | 1 = AN set, coin now AUTHORITATIVE on this server. |