# Register the state review authority public key

The state review authority acts as a trusted party to confirm the authenticity of the system state if the anti-rewind file (ARF) needs to be recovered. When rebuilding the ARF, the governance engine decrypts the signed manifest. The private key used to sign the manifest must map to the public key you specify for the state review authority.

For more information about the ARF, see [Anti-rewind file](/products/custody/v1.34/concepts/data-integrity#anti-rewind-file-arf).

You can register the state review authority public key during system setup. If you do not register the key as part of the `genesis` operation, you must do that as soon as possible afterwards with the steps in this section.

As an integral part of the security model of Ripple Custody, it is essential to restrict access to the ARF and put reasonable measures in place to prevent its loss.

For more information about recovery of the anti-rewind file, see [Recover the anti-rewind file](/products/custody/v1.34/system-management/disaster-recovery/recover-arf).

## View the system properties

You can check if the state review authority key is registered by querying the Ripple Custody system properties with the [List system properties](/products/custody/v1.34/api/reference/openapi/systemproperties/getsystemproperties) operation.

The response body is similar to the following:


```json
{
    "items": [
        {
            "data": {
                "id": "STATE_REVIEW_AUTHORITY",
                "value": {
                    "publicKey": {
                        "value": "MCowBQYDK2VwAyEApXE1AfYVmeDN/0cAcNidEJ4IJGDwpL2MyFEb04c1F0A=",
                        "type": "PublicKey"
                    }
                },
                "metadata": {
                    "description": null,
                    "revision": 1,
                    "createdAt": "2023-07-14T12:23:44.653Z",
                    "createdBy": {
                        "id": "f0ca2fb4-369f-4617-aaa3-6a2f3370e931",
                        "domainId": "5cd224fe-193e-8bce-c94c-c6c05245e2d1"
                    },
                    "lastModifiedAt": "2023-07-14T12:23:44.653Z",
                    "lastModifiedBy": {
                        "id": "f0ca2fb4-369f-4617-aaa3-6a2f3370e931",
                        "domainId": "5cd224fe-193e-8bce-c94c-c6c05245e2d1"
                    },
                    "customProperties": {}
                },
                "type": "StateReviewAuthoritySystemProperty",
                "access": "ReadWrite"
            },
            "signature": "<SIGNATURE>",
            "signingKey": "<SIGNINGKEY>"
        }
    ],
    "count": 1
}
```

This example focuses on the state review authority property, but the response also contains other system property information, such as the governance engine communication public key, collection public key, and API public key.

## Register the key

You must perform this operation in the root domain.

System change process
All new requests to change the system state follow the same process. To familiarize yourself with this process first, follow the [Request a change with an intent](/products/custody/v1.34/resources/tutorials/intent) tutorial.

### Prerequisites

Before you register the state review authority key, you need the following:

- The public key of the state review authority.
The private key corresponding to this key must be readily accessible during disaster recovery.
- A new intent ID, in a standard UUID format


### Register the key

To register the state review authority key, follow the steps in [Request a change with an intent](/products/custody/v1.34/resources/tutorials/intent), with a payload similar to the following example.

#### Payload example


```json
"payload": {
    "value": {
        "type": "StateReviewAuthorityProperty",
        "value": {
            "publicKey": {
                "type": "PublicKey",
                "value": "MFkw...HdVNyxTyl1plgAfh/Yg=="
            }
        }
    },
    "type": "v0_SetSystemProperty"
},
```

Fields of the `payload` block to note are as follows:

| Field | Description |
|  --- | --- |
| `type` | `v0_SetSystemProperty` |
| `value.value.publicKey` | Public key of the state review authority user responsible for the ARF |


The ARF is set up when the system property setup intent is successfully approved and executed.

## Rotate the key

To rotate the state review authority public key (for example, if a new user is selected for this role), repeat the steps in [Register the state review authority key](/products/custody/v1.34/system-management/disaster-recovery/register-key) with the addition of a `revision` field in the `payload` block:


```json
"payload": {
    "revision": 1,
    "value": {
        "type": "StateReviewAuthorityProperty",
        "value": {
            "publicKey": {
                "type": "PublicKey",
                "value": "MFkw...HdVNyxTyl1plgAfh/Yg=="
            }
        }
    },
    "type": "v0_SetSystemProperty"
},
```