Status: accepted Date: 2026-02-14
Transit decryption must reliably select the correct transit key version and reject malformed ciphertext early.
Adopt transit ciphertext contract:
<version>:<base64-ciphertext>
- decrypt requires version prefix and base64 payload
- malformed input returns validation errors (
422) - callers must pass ciphertext exactly as returned by encrypt
- deterministic key version selection for decrypt
- stronger input validation with predictable errors
- simpler client behavior by treating encrypt output as opaque
- Transit API
- Troubleshooting
- ADR 0007: Path-Based API Versioning - API versioning context for ciphertext format stability