[meta]
template_name = "nsp-founding"
description = "Network Service Provider founding schematic"
source_schematic = "guildhouse-nsp-base"
source_version = "1.0.0"

[trust_domain]
spiffe_trust_domain = "{{trust_domain}}"
attestation_tier = 3

[identity_authority]
provider = "keycloak"
url = "https://auth.guildhouse.dev"
realm = "guildhouse"
client_prefix = "{{guild_slug}}"
trust_level = "federated"
mfa_required = true
hardware_credential_required = true

[members]
founding_master_did = "{{registrant_did}}"
initial_roles = ["master"]

[infrastructure]
compute_attestation_tier = 3
wireguard_tunnel = true
vpp_dataplane = true

[ceremonies.code_change]
type = "single_approval"
eligible_roles = ["master", "journeyman"]
quorum = 1

[ceremonies.governance_change]
type = "multi_party"
eligible_roles = ["master"]
quorum = 2
founding_override = 1

[federation_peers]
mode = "mesh"
hub_trust_domain = "guildhouse.dev"

[attestation]
tier = 3
require_tpm = true
require_secure_boot = true