npm - @ar.io/proof - Versions diffs - 0.1.0 → 0.1.1 - Mend

@ar.io/proof 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/README.md +104 -52
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -1,54 +1,106 @@
 # @ar.io/proof
-> TypeScript kernel of the ar.io verification stack — verify a Verifiable Event
-> Envelope with no ar.io service in the trust path.
-The verification primitives for the envelope family specified in
-`ar-io-agent/docs/envelope-spec.md` (ario.agent/v1 profile per `artifact.md`):
-- **RFC 8785 (JCS)** canonicalization (`jcs`)
-- **SHA-256** (`sha256Hex`) via WebCrypto
-- **Ed25519** signature verification (`ed25519Verify`, via `@noble/ed25519` with
-  the SHA-512 hook wired to WebCrypto)
-- **`verifyEnvelope(env, expectedContentHash?)`** — the three load-bearing checks
-  (spec-version registry, `payload_hash` recompute, Ed25519 over the signed
-  scope) plus the optional content-hash bind
-- **`contentHashes(env)`** — which payload hash(es) an envelope commits to, by
-  event type (the reverse-provenance join keys)
-- **RFC 9162 binary Merkle tree** (`leafHash`, `nodeHash`, `merkleRoot`,
-  `auditPath`, `verifyInclusion`, `EMPTY_TREE_ROOT_HEX`) — §2.1 domain
-  separation, largest-power-of-two split (not the Bitcoin duplicate-leaf
-  variant), conformance-gated against the corpus's 7 Merkle vectors; parity
-  with the Python kernel's `ario_proof.merkle`
-This is the TypeScript sibling of the Python [`ar-io-proof`](https://github.com/ar-io/ar-io-proof)
-kernel and the Go reference (`ar-io-agent/pkg/proof`). All three are independent
-implementations of the same algorithm, each conformance-gated **byte-for-byte**
-against the shared `test-vectors-v1.0` corpus — that mutual gate is the
-product's core claim: verification needs no ar.io code in the trust path.
-## Signed scope
-The primary signature covers `JCS(envelope minus signature minus co_signatures)`
-(envelope-spec §2, §7.1). The `co_signatures` carve-out lets a countersignature
-be added without invalidating the primary signature; the field is reserved and
-default-absent, and its absence is never a failure.
-## Spec-version acceptance
-Fail-closed registry (`specVersionSupported`): exactly the accepted majors —
-`ario.agent/v1` and additive minors within it (`ario.agent/v1.<minor>`),
-matching the Go reference's semantics. Unknown majors and other profiles are
-rejected. The mlflow profile (`ario.mlflow/v1`) is a deliberate later one-entry
-addition, **not** implemented here — mlflow-dialect behaviors (e.g. the
-underscore-key strip) must not leak into the agent profile.
-## Workspace status
-Lives as an npm workspace inside `ar-io-proof-checker` (v1.2 wave decision —
-no separate repo yet); the checker consumes it as its verifier. **Not yet
-published to npm.** Before any publish: confirm the real npm scope (`@ar.io/`
-vs `@ar-io/`), flip `exports` to the built `dist/` output (`npm run build`
-emits ESM + type declarations), and get the coordinator's green light.
-MIT — verification must be open. See `LICENSE`.
+Verify [ar.io verification-stack](https://github.com/ar-io) provenance records — **with no ar.io code or service in the trust path**.
+This is the TypeScript verification kernel for the *Verifiable Event Envelope* family: the signed JSON records that tools like the [`ariod` verification agent](https://github.com/ar-io/ar-io-agent) and the [MLflow plugin](https://github.com/ar-io/ar-io-mlflow) anchor permanently to Arweave. Given an envelope (fetched from any Arweave gateway), this package answers: *is it authentic, and does it commit to the bytes I'm holding?*
+- **RFC 8785 (JCS)** canonicalization
+- **SHA-256** payload binding (WebCrypto)
+- **Ed25519** signature verification ([`@noble/ed25519`](https://github.com/paulmillr/noble-ed25519))
+- **RFC 9162** binary Merkle inclusion proofs (checkpoint leaves)
+- Zero config, two small dependencies, ESM, browser + Node ≥ 20
+## Install
+```bash
+npm install @ar.io/proof
+```
+## Verify an envelope
+Fetch the raw transaction from any Arweave gateway and verify it client-side:
+```ts
+import { verifyEnvelope } from "@ar.io/proof";
+const env = await (await fetch("https://arweave.net/raw/<tx_id>")).json();
+const result = await verifyEnvelope(env);
+result.ok;            // spec_version + payload_hash + Ed25519 all passed
+result.signatureOk;   // Ed25519 over the signed scope, against env.public_key
+result.payloadHashOk; // SHA-256(JCS(payload)) === env.payload_hash
+result.errors;        // [] when ok — machine-readable reasons otherwise
+```
+`verifyEnvelope` never throws on hostile input — a malformed envelope (or a lying gateway) yields `ok: false` with reasons, not an exception.
+## Bind an envelope to bytes you hold (reverse provenance)
+The check that defeats a lying gateway: Arweave *tags* are unsigned search hints, so after finding a candidate envelope, confirm it actually commits to your artifact's hash:
+```ts
+import { sha256Hex, verifyEnvelope, contentHashes } from "@ar.io/proof";
+const myHash = await sha256Hex(fileBytes); // 64-char lowercase hex
+const result = await verifyEnvelope(env, myHash);
+result.contentHashOk; // true ⇔ the envelope commits to exactly these bytes
+result.contentRole;   // how it commits: e.g. the registered baseline,
+                      // an observed (tampered) hash, …
+contentHashes(env);   // all content hashes an envelope commits to, by event type
+```
+## Verify a Merkle inclusion proof
+Agents close daily checkpoints over per-cycle leaves (RFC 9162, §2.1 domain separation — not the Bitcoin duplicate-leaf variant). Verify a leaf's inclusion against an anchored root:
+```ts
+import { leafHash, verifyInclusion, hexToBytes } from "@ar.io/proof";
+const ok = await verifyInclusion(
+  await leafHash(leafBytes), // Uint8Array leaf hash
+  leafIndex,                 // 0-based position
+  totalLeaves,
+  auditPath.map(hexToBytes), // sibling hashes, leaf → root
+  hexToBytes(expectedRootHex),
+);
+```
+## API
+| Export | What it does |
+|---|---|
+| `verifyEnvelope(env, expectedContentHash?)` | The three load-bearing checks (spec-version registry, payload-hash recompute, Ed25519 over the signed scope) + optional content bind. Returns `VerificationResult`. |
+| `contentHashes(env)` | The content hash(es) an envelope commits to, by event type — the reverse-provenance join keys. |
+| `specVersionSupported(v)` | Fail-closed accept-check: `ario.agent/v1` and additive minors (`ario.agent/v1.<n>`). Unknown majors/profiles are rejected. |
+| `jcs(value)` | RFC 8785 canonical JSON bytes. |
+| `sha256Hex(bytes)` / `sha256Bytes(bytes)` | SHA-256 via WebCrypto. |
+| `ed25519Verify(sig, msg, pubKey)` | Raw Ed25519 verification. |
+| `leafHash` / `nodeHash` / `merkleRoot` / `auditPath` / `verifyInclusion` / `EMPTY_TREE_ROOT_HEX` | RFC 9162 binary Merkle tree primitives. |
+| `utf8` / `bytesToHex` / `hexToBytes` | Encoding helpers. |
+| `Envelope` / `VerificationResult` / `ContentRole` / `Subject` | Types. |
+### Signed scope
+The primary signature covers `JCS(envelope minus signature minus co_signatures)` ([envelope-spec](https://github.com/ar-io/ar-io-proof/blob/main/specs/envelope-spec.md) §2/§7.1). The reserved `co_signatures` carve-out lets countersignatures be added later without invalidating the primary signature.
+## Why you can trust it (without trusting us)
+Three **independent implementations** of this kernel exist — this package, the Python [`ar-io-proof`](https://pypi.org/project/ar-io-proof/) (PyPI), and the Go reference ([`ar-io-agent/pkg/proof`](https://github.com/ar-io/ar-io-agent/tree/main/pkg/proof), MIT-carved) — and every one is conformance-gated **byte-for-byte** in CI against the shared, frozen [`test-vectors-v1.0` corpus](https://github.com/ar-io/ar-io-proof/tree/main/test-vectors) (per-file SHA-256 pins). The [proof-checker web app](https://github.com/ar-io/ar-io-proof-checker) additionally runs this kernel and a WASM build of the Go reference against each other live, asserting identical verdicts across the corpus plus adversarial negatives.
+That mutual gate is the point: anyone can verify ar.io provenance records with **no ar.io code in the trust path** — write your own verifier against the [public specs](https://github.com/ar-io/ar-io-proof/tree/main/specs) and the corpus will tell you if it's conformant.
+## What this package deliberately does NOT do
+- **Single-envelope scope.** Chain walking (`previous_hash`), checkpoint reconciliation, and gateway/transport logic are consumer-layer concerns composed above the kernel.
+- **Provenance is history, not endorsement.** A verified envelope proves *these bytes have this signed, anchored history* — never "safe," "approved," or "currently in production."
+- **Key identity is out-of-band.** The kernel proves the signature matches `env.public_key`; binding that key to a real-world identity is yours to establish.
+## Requirements
+ESM-only. Needs WebCrypto (`globalThis.crypto.subtle`): any modern browser, Node.js ≥ 20 (≥ 19 works), Deno, Bun, workers.
+## License
+MIT — verification must be open.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@ar.io/proof",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "description": "TypeScript kernel of the ar.io verification stack: RFC 8785 (JCS) canonicalization, SHA-256, and Ed25519 verification for Verifiable Event Envelopes (ario.agent/v1 profile). Conformance-gated byte-for-byte against the test-vectors-v1.0 corpus.",
   "license": "MIT",
   "type": "module",