afauth status prints a local snapshot of the agent’s identity and readiness — the did:key, where the key lives, the trust-attestor binding (and whether it’s live), and a summary of known accounts. Where afauth whoami prints the bare did:key for scripts, status answers the operational question: who am I, where’s my key, and am I linked to a trust attestor?
key.json, trust.json, accounts.json) and makes no network calls, so the link state is a local judgment — it flags expired and orphaned bindings, but cannot confirm a server-side revocation at the attestor.
Output
status prints a hint to run afauth init and exits.
Link states
| State | Meaning |
|---|---|
not linked | No binding on file — attested_only services will reject signup. Run afauth trust link. |
live | Binding is valid and matches the active key. |
expiring | Binding is idle and within 48h of lapsing — mint once (e.g. afauth call) to refresh it, or re-link. |
expired | Binding lapsed after ~90 days unused — re-link. |
orphaned | Binding is for a different key (e.g. after a key rotation that left trust.json behind) — re-link. |
Flags
| Flag | Default | Description |
|---|---|---|
--key | $AFAUTH_HOME/key.json or ~/.afauth/key.json | Key file to inspect. |
--json | false | Emit a stable machine-readable object instead of the human view. |
See also
afauth whoami— the baredid:key, for scripts.afauth trust— link to a human and mint attestations.afauth accounts— inspect accounts this agent has created.