Aavrit Integration

Aavrit is an optional external time authority system integrated into Avikal. It is relevant to TimeCapsule workflows when the user connects an Aavrit server and chooses Aavrit as the provider.

The product describes drand as the default public path and Aavrit as the RookDuel path for organizations that want a self-hostable commit and reveal based time authority.

Public Aavrit Server Mode

Public mode can be connected without a user login if the server allows public operation.

When public mode is available, users can connect the server and use it for supported TimeCapsule workflows without a private account session.

Private Aavrit Server Mode

Private mode requires login. Avikal stores session state locally and can verify the session with the configured server.

Private mode is intended for server-backed workflows where the Aavrit server requires authenticated access before it will participate in release operations.

Server Identity Verification

Avikal fetches the Aavrit public key and verifies signed reveal data. Diagnostics show the public-key identity so users can confirm which server key is active.

Visible diagnostics can include the key ID, signature algorithm, and public-key SHA-256 fingerprint. These details help distinguish one configured server identity from another.

Aavrit TimeCapsule Flow

When used for TimeCapsule archives, Aavrit commits release material before archive creation and later reveals unlock material after the release condition is met.

Avikal validates reveal details before using the released key material. This keeps the TimeCapsule flow tied to the configured provider and its server identity.

Relationship To drand

drand remains the default public TimeCapsule authority. Aavrit is optional and appears when an Aavrit server is connected.

Users should choose the provider that matches their operational needs: public drand release behavior or a configured Aavrit server path.