@freedomofpress/cometbft 0.1.2 → 0.1.3

package/dist/tests/webcat.test.js

@@ -1,36 +1,68 @@
 import { describe, expect, it } from "vitest";
 import { importCommit } from "../commit";
-import { Uint8ArrayToBase64 } from "../encoding";
+import { Uint8ArrayToBase64, Uint8ArrayToHex } from "../encoding";
 import { verifyCommit } from "../lightclient";
 import { importValidators } from "../validators";
 import blockFixture from "./fixtures/webcat.json";
 function clone(x) {
     return JSON.parse(JSON.stringify(x));
 }
+function flipLastHexNibble(hex) {
+    const last = hex.at(-1);
+    if (!last)
+        throw new Error("Cannot mutate an empty hex string");
+    const replacement = last.toLowerCase() === "0" ? "1" : "0";
+    return `${hex.slice(0, -1)}${replacement}`;
+}
 describe("lightclient.verifyCommit", () => {
-    it("rejects this fixture when header hash does not match commit block_id.hash", async () => {
+    it("verifies a valid commit against the validator set", async () => {
         const validators = blockFixture.validator_set;
         const commit = blockFixture;
         const { proto: vset, cryptoIndex } = await importValidators(validators);
         const sh = importCommit(commit);
-        await expect(verifyCommit(sh, vset, cryptoIndex)).rejects.toThrow(/header hash does not match commit blockid hash/i);
+        const out = await verifyCommit(sh, vset, cryptoIndex);
+        expect(out.quorum).toBe(true);
+        expect(out.ok).toBe(true);
+        expect(out.signedPower > 0n).toBe(true);
+        expect(out.signedPower <= out.totalPower).toBe(true);
+        expect(out.headerTime).toBeDefined();
+        expect(out.appHash instanceof Uint8Array).toBe(true);
+        expect(out.blockIdHash instanceof Uint8Array).toBe(true);
+        expect(out.unknownValidators.length).toBe(0);
+        expect(out.invalidSignatures.length).toBe(0);
+        expect(out.countedSignatures).toBeGreaterThan(0);
     });
-    it("throws when commit block_id.hash does not match header hash", async () => {
+    it("flags invalid signatures", async () => {
         const validators = blockFixture.validator_set;
         const commit = clone(blockFixture);
+        // Flip one byte of the BlockID hash to keep the signature well-formed but
+        // cryptographically invalid for the mutated sign-bytes.
         commit.signed_header.commit.block_id.hash =
             "3A1D00CC2A092465E85EA2C24986BEE0105285039DC1873BB6B0CA7F610EC89D";
         const { proto: vset, cryptoIndex } = await importValidators(validators);
         const sh = importCommit(commit);
-        await expect(verifyCommit(sh, vset, cryptoIndex)).rejects.toThrow(/header hash does not match commit blockid hash/i);
+        const out = await verifyCommit(sh, vset, cryptoIndex);
+        expect(out.quorum).toBe(false);
+        expect(out.ok).toBe(false);
+        expect(out.signedPower).toBe(0n);
+        expect(out.invalidSignatures).toHaveLength(vset.validators.length);
+        expect(out.invalidSignatures).toContain(Uint8ArrayToHex(vset.validators[0].address).toUpperCase());
+        expect(out.countedSignatures).toBe(vset.validators.length);
     });
-    it("still rejects on header/commit hash mismatch even when a signature is corrupted", async () => {
+    it("flags invalid signatures", async () => {
         const validators = blockFixture.validator_set;
         const commit = clone(blockFixture);
         commit.signed_header.commit.signatures[0].signature = Uint8ArrayToBase64(new Uint8Array(64));
         const { proto: vset, cryptoIndex } = await importValidators(validators);
         const sh = importCommit(commit);
-        await expect(verifyCommit(sh, vset, cryptoIndex)).rejects.toThrow(/header hash does not match commit blockid hash/i);
+        const out = await verifyCommit(sh, vset, cryptoIndex);
+        expect(out.quorum).toBe(false);
+        expect(out.ok).toBe(false);
+        expect(out.signedPower).toBe(2n);
+        expect(out.invalidSignatures).toEqual([
+            Uint8ArrayToHex(vset.validators[0].address).toUpperCase(),
+        ]);
+        expect(out.countedSignatures).toBe(vset.validators.length);
     });
     it("rejects malformed signature bytes", async () => {
         const validators = blockFixture.validator_set;
@@ -39,14 +71,87 @@ describe("lightclient.verifyCommit", () => {
         commit.signed_header.commit.signatures[0].signature = "AA==";
         await expect(async () => importCommit(commit)).rejects.toThrow(/signature must be 64 bytes/);
     });
-    it("still rejects on header/commit hash mismatch even when validator is unknown", async () => {
+    it("reports unknown validators", async () => {
         const validators = blockFixture.validator_set;
         const commit = clone(blockFixture);
         commit.signed_header.commit.signatures[0].validator_address =
             "0000000000000000000000000000000000000000";
         const { proto: vset, cryptoIndex } = await importValidators(validators);
         const sh = importCommit(commit);
-        await expect(verifyCommit(sh, vset, cryptoIndex)).rejects.toThrow(/header hash does not match commit blockid hash/i);
+        const out = await verifyCommit(sh, vset, cryptoIndex);
+        expect(out.quorum).toBe(false);
+        expect(out.ok).toBe(false);
+        expect(out.signedPower).toBe(2n);
+        expect(out.invalidSignatures).toEqual([]);
+        expect(out.unknownValidators).toEqual([
+            "0000000000000000000000000000000000000000",
+        ]);
+        expect(out.countedSignatures).toBe(vset.validators.length - 1);
+    });
+    it("detects tampering of every header field by checking the header merkle root against commit.block_id.hash", async () => {
+        const validators = blockFixture.validator_set;
+        const { proto: vset, cryptoIndex } = await importValidators(validators);
+        const mutators = {
+            "header.version.block": (commit) => {
+                commit.signed_header.header.version.block = String(BigInt(commit.signed_header.header.version.block) + 1n);
+            },
+            "header.version.app": (commit) => {
+                commit.signed_header.header.version.app = String(BigInt(commit.signed_header.header.version.app) + 1n);
+            },
+            "header.chain_id": (commit) => {
+                commit.signed_header.header.chain_id = `${commit.signed_header.header.chain_id}-tampered`;
+            },
+            "header.height": (commit) => {
+                commit.signed_header.header.height = String(BigInt(commit.signed_header.header.height) + 1n);
+                commit.signed_header.commit.height = commit.signed_header.header.height;
+            },
+            "header.time": (commit) => {
+                commit.signed_header.header.time = "2026-03-08T03:00:52.980342152Z";
+            },
+            "header.last_block_id.hash": (commit) => {
+                commit.signed_header.header.last_block_id.hash = flipLastHexNibble(commit.signed_header.header.last_block_id.hash);
+            },
+            "header.last_block_id.parts.total": (commit) => {
+                commit.signed_header.header.last_block_id.parts.total += 1;
+            },
+            "header.last_block_id.parts.hash": (commit) => {
+                commit.signed_header.header.last_block_id.parts.hash =
+                    flipLastHexNibble(commit.signed_header.header.last_block_id.parts.hash);
+            },
+            "header.last_commit_hash": (commit) => {
+                commit.signed_header.header.last_commit_hash = flipLastHexNibble(commit.signed_header.header.last_commit_hash);
+            },
+            "header.data_hash": (commit) => {
+                commit.signed_header.header.data_hash = flipLastHexNibble(commit.signed_header.header.data_hash);
+            },
+            "header.validators_hash": (commit) => {
+                commit.signed_header.header.validators_hash = flipLastHexNibble(commit.signed_header.header.validators_hash);
+            },
+            "header.next_validators_hash": (commit) => {
+                commit.signed_header.header.next_validators_hash = flipLastHexNibble(commit.signed_header.header.next_validators_hash);
+            },
+            "header.consensus_hash": (commit) => {
+                commit.signed_header.header.consensus_hash = flipLastHexNibble(commit.signed_header.header.consensus_hash);
+            },
+            "header.app_hash": (commit) => {
+                commit.signed_header.header.app_hash = flipLastHexNibble(commit.signed_header.header.app_hash);
+            },
+            "header.last_results_hash": (commit) => {
+                commit.signed_header.header.last_results_hash = flipLastHexNibble(commit.signed_header.header.last_results_hash);
+            },
+            "header.evidence_hash": (commit) => {
+                commit.signed_header.header.evidence_hash = flipLastHexNibble(commit.signed_header.header.evidence_hash);
+            },
+            "header.proposer_address": (commit) => {
+                commit.signed_header.header.proposer_address = flipLastHexNibble(commit.signed_header.header.proposer_address);
+            },
+        };
+        for (const [field, mutate] of Object.entries(mutators)) {
+            const tampered = clone(blockFixture);
+            mutate(tampered);
+            const out = await verifyCommit(importCommit(tampered), vset, cryptoIndex);
+            expect(out.ok, `${field} tampering should be detected`).toBe(false);
+        }
     });
 });
 //# sourceMappingURL=webcat.test.js.map

package/dist/tests/webcat.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"webcat.test.js","sourceRoot":"","sources":["../../src/tests/webcat.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAE9C,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,YAAY,MAAM,wBAAwB,CAAC;AAElD,SAAS,KAAK,CAAI,CAAI;IACpB,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;AACvC,CAAC;AAED,QAAQ,CAAC,0BAA0B,EAAE,GAAG,EAAE;IACxC,EAAE,CAAC,2EAA2E,EAAE,KAAK,IAAI,EAAE;QACzF,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,MAAM,GAAG,YAAqC,CAAC;QAErD,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;QACxE,MAAM,EAAE,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QAEhC,MAAM,MAAM,CAAC,YAAY,CAAC,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAC/D,iDAAiD,CAClD,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6DAA6D,EAAE,KAAK,IAAI,EAAE;QAC3E,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAA0B,CAAC;QAE5D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI;YACvC,kEAAkE,CAAC;QAErE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;QACxE,MAAM,EAAE,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QAEhC,MAAM,MAAM,CAAC,YAAY,CAAC,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAC/D,iDAAiD,CAClD,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iFAAiF,EAAE,KAAK,IAAI,EAAE;QAC/F,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAA0B,CAAC;QAE5D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,GAAG,kBAAkB,CACtE,IAAI,UAAU,CAAC,EAAE,CAAC,CACnB,CAAC;QAEF,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;QACxE,MAAM,EAAE,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QAEhC,MAAM,MAAM,CAAC,YAAY,CAAC,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAC/D,iDAAiD,CAClD,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,KAAK,IAAI,EAAE;QACjD,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAA0B,CAAC;QAE5D,wDAAwD;QACxD,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,GAAG,MAAM,CAAC;QAE7D,MAAM,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAC5D,4BAA4B,CAC7B,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6EAA6E,EAAE,KAAK,IAAI,EAAE;QAC3F,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAA0B,CAAC;QAE5D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,iBAAiB;YACzD,0CAA0C,CAAC;QAE7C,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;QACxE,MAAM,EAAE,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QAEhC,MAAM,MAAM,CAAC,YAAY,CAAC,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAC/D,iDAAiD,CAClD,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"webcat.test.js","sourceRoot":"","sources":["../../src/tests/webcat.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAE9C,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACzC,OAAO,EAAE,kBAAkB,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,YAAY,MAAM,wBAAwB,CAAC;AAElD,SAAS,KAAK,CAAI,CAAI;IACpB,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;AACvC,CAAC;AAED,SAAS,iBAAiB,CAAC,GAAW;IACpC,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;IACxB,IAAI,CAAC,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IAEhE,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;IAC3D,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,WAAW,EAAE,CAAC;AAC7C,CAAC;AAED,QAAQ,CAAC,0BAA0B,EAAE,GAAG,EAAE;IACxC,EAAE,CAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;QACjE,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,MAAM,GAAG,YAAqC,CAAC;QAErD,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;QACxE,MAAM,EAAE,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QAEhC,MAAM,GAAG,GAAG,MAAM,YAAY,CAAC,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;QAEtD,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9B,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1B,MAAM,CAAC,GAAG,CAAC,WAAW,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,CAAC,WAAW,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACrD,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,CAAC,GAAG,CAAC,OAAO,YAAY,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACrD,MAAM,CAAC,GAAG,CAAC,WAAW,YAAY,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzD,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC7C,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC7C,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IACnD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0BAA0B,EAAE,KAAK,IAAI,EAAE;QACxC,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAA0B,CAAC;QAE5D,0EAA0E;QAC1E,wDAAwD;QACxD,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI;YACvC,kEAAkE,CAAC;QAErE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;QACxE,MAAM,EAAE,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QAEhC,MAAM,GAAG,GAAG,MAAM,YAAY,CAAC,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;QAEtD,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC/B,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC3B,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjC,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QACnE,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,SAAS,CACrC,eAAe,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAC1D,CAAC;QACF,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAC7D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0BAA0B,EAAE,KAAK,IAAI,EAAE;QACxC,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAA0B,CAAC;QAE5D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,GAAG,kBAAkB,CACtE,IAAI,UAAU,CAAC,EAAE,CAAC,CACnB,CAAC;QAEF,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;QACxE,MAAM,EAAE,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QAEhC,MAAM,GAAG,GAAG,MAAM,YAAY,CAAC,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;QAEtD,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC/B,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC3B,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjC,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC;YACpC,eAAe,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE;SAC1D,CAAC,CAAC;QACH,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAC7D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,KAAK,IAAI,EAAE;QACjD,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAA0B,CAAC;QAE5D,wDAAwD;QACxD,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,GAAG,MAAM,CAAC;QAE7D,MAAM,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAC5D,4BAA4B,CAC7B,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4BAA4B,EAAE,KAAK,IAAI,EAAE;QAC1C,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAA0B,CAAC;QAE5D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,iBAAiB;YACzD,0CAA0C,CAAC;QAE7C,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;QACxE,MAAM,EAAE,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QAEhC,MAAM,GAAG,GAAG,MAAM,YAAY,CAAC,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;QAEtD,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC/B,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC3B,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjC,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAC1C,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC;YACpC,0CAA0C;SAC3C,CAAC,CAAC;QACH,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yGAAyG,EAAE,KAAK,IAAI,EAAE;QACvH,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;QAExE,MAAM,QAAQ,GAA0C;YACtD,sBAAsB,EAAE,CAAC,MAAM,EAAE,EAAE;gBACjC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,GAAG,MAAM,CAChD,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,CACvD,CAAC;YACJ,CAAC;YACD,oBAAoB,EAAE,CAAC,MAAM,EAAE,EAAE;gBAC/B,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,GAAG,MAAM,CAC9C,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,CACrD,CAAC;YACJ,CAAC;YACD,iBAAiB,EAAE,CAAC,MAAM,EAAE,EAAE;gBAC5B,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,GAAG,GAAG,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,WAAW,CAAC;YAC5F,CAAC;YACD,eAAe,EAAE,CAAC,MAAM,EAAE,EAAE;gBAC1B,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,MAAM,GAAG,MAAM,CACzC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAChD,CAAC;gBACF,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,MAAM,CAAC;YAC1E,CAAC;YACD,aAAa,EAAE,CAAC,MAAM,EAAE,EAAE;gBACxB,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,GAAG,gCAAgC,CAAC;YACtE,CAAC;YACD,2BAA2B,EAAE,CAAC,MAAM,EAAE,EAAE;gBACtC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,GAAG,iBAAiB,CAChE,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAC/C,CAAC;YACJ,CAAC;YACD,kCAAkC,EAAE,CAAC,MAAM,EAAE,EAAE;gBAC7C,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC;YAC7D,CAAC;YACD,iCAAiC,EAAE,CAAC,MAAM,EAAE,EAAE;gBAC5C,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,IAAI;oBAClD,iBAAiB,CACf,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,IAAI,CACrD,CAAC;YACN,CAAC;YACD,yBAAyB,EAAE,CAAC,MAAM,EAAE,EAAE;gBACpC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,gBAAgB,GAAG,iBAAiB,CAC9D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,gBAAgB,CAC7C,CAAC;YACJ,CAAC;YACD,kBAAkB,EAAE,CAAC,MAAM,EAAE,EAAE;gBAC7B,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,SAAS,GAAG,iBAAiB,CACvD,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,SAAS,CACtC,CAAC;YACJ,CAAC;YACD,wBAAwB,EAAE,CAAC,MAAM,EAAE,EAAE;gBACnC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,eAAe,GAAG,iBAAiB,CAC7D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,eAAe,CAC5C,CAAC;YACJ,CAAC;YACD,6BAA6B,EAAE,CAAC,MAAM,EAAE,EAAE;gBACxC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,oBAAoB,GAAG,iBAAiB,CAClE,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,oBAAoB,CACjD,CAAC;YACJ,CAAC;YACD,uBAAuB,EAAE,CAAC,MAAM,EAAE,EAAE;gBAClC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,cAAc,GAAG,iBAAiB,CAC5D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,cAAc,CAC3C,CAAC;YACJ,CAAC;YACD,iBAAiB,EAAE,CAAC,MAAM,EAAE,EAAE;gBAC5B,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,GAAG,iBAAiB,CACtD,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,CACrC,CAAC;YACJ,CAAC;YACD,0BAA0B,EAAE,CAAC,MAAM,EAAE,EAAE;gBACrC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,iBAAiB,GAAG,iBAAiB,CAC/D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,iBAAiB,CAC9C,CAAC;YACJ,CAAC;YACD,sBAAsB,EAAE,CAAC,MAAM,EAAE,EAAE;gBACjC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,aAAa,GAAG,iBAAiB,CAC3D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,aAAa,CAC1C,CAAC;YACJ,CAAC;YACD,yBAAyB,EAAE,CAAC,MAAM,EAAE,EAAE;gBACpC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,gBAAgB,GAAG,iBAAiB,CAC9D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,gBAAgB,CAC7C,CAAC;YACJ,CAAC;SACF,CAAC;QAEF,KAAK,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YACvD,MAAM,QAAQ,GAAG,KAAK,CAAC,YAAY,CAAC,CAAC;YACrC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAEjB,MAAM,GAAG,GAAG,MAAM,YAAY,CAC5B,YAAY,CAAC,QAAiC,CAAC,EAC/C,IAAI,EACJ,WAAW,CACZ,CAAC;YAEF,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,KAAK,+BAA+B,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACtE,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/package.json

@@ -1,7 +1,8 @@
 {
   "name": "@freedomofpress/cometbft",
-  "version": "0.1.2",
+  "version": "0.1.3",
   "description": "A CometBFT light client for the browser.",
+  "type": "module",
   "repository": {
     "type": "git",
     "url": "https://github.com/freedomofpress/cometbft-ts"

package/src/lightclient.ts

@@ -5,182 +5,18 @@ import {
   CanonicalPartSetHeader,
   CanonicalVote,
 } from "./proto/cometbft/types/v1/canonical";
-import { SignedHeader, SignedMsgType } from "./proto/cometbft/types/v1/types";
+import {
+  BlockID,
+  SignedHeader,
+  SignedMsgType,
+} from "./proto/cometbft/types/v1/types";
 import {
   Validator as ProtoValidator,
   ValidatorSet as ProtoValidatorSet,
 } from "./proto/cometbft/types/v1/validator";
+import { Consensus } from "./proto/cometbft/version/v1/types";
 import { Timestamp as PbTimestamp } from "./proto/google/protobuf/timestamp";
 
-const LEAF_PREFIX = new Uint8Array([0]);
-const INNER_PREFIX = new Uint8Array([1]);
-
-function concatBytes(...parts: Uint8Array[]): Uint8Array {
-  const totalLen = parts.reduce((acc, p) => acc + p.length, 0);
-  const out = new Uint8Array(totalLen);
-  let offset = 0;
-  for (const p of parts) {
-    out.set(p, offset);
-    offset += p.length;
-  }
-  return out;
-}
-
-async function sha256(input: Uint8Array): Promise<Uint8Array> {
-  const digest = await crypto.subtle.digest("SHA-256", new Uint8Array(input));
-  return new Uint8Array(digest);
-}
-
-function encodeVarint(value: bigint): Uint8Array {
-  if (value < 0n) throw new Error("encodeVarint expects a non-negative bigint");
-  const bytes: number[] = [];
-  let v = value;
-  while (v >= 0x80n) {
-    bytes.push(Number((v & 0x7fn) | 0x80n));
-    v >>= 7n;
-  }
-  bytes.push(Number(v));
-  return new Uint8Array(bytes);
-}
-
-function encodeFieldTag(fieldNumber: number, wireType: number): Uint8Array {
-  return encodeVarint(BigInt((fieldNumber << 3) | wireType));
-}
-
-function encodeProtoBytes(fieldNumber: number, value: Uint8Array): Uint8Array {
-  return concatBytes(
-    encodeFieldTag(fieldNumber, 2),
-    encodeVarint(BigInt(value.length)),
-    value,
-  );
-}
-
-function encodeProtoUint64(fieldNumber: number, value: bigint): Uint8Array {
-  return concatBytes(encodeFieldTag(fieldNumber, 0), encodeVarint(value));
-}
-
-function encodeProtoInt64(fieldNumber: number, value: bigint): Uint8Array {
-  const v = value < 0n ? (1n << 64n) + value : value;
-  return concatBytes(encodeFieldTag(fieldNumber, 0), encodeVarint(v));
-}
-
-function cdcEncodeString(value: string): Uint8Array | undefined {
-  if (value.length === 0) return undefined;
-  return encodeProtoBytes(1, new TextEncoder().encode(value));
-}
-
-function cdcEncodeInt64(value: bigint): Uint8Array {
-  return encodeProtoInt64(1, value);
-}
-
-function cdcEncodeBytes(value: Uint8Array): Uint8Array | undefined {
-  if (value.length === 0) return undefined;
-  return encodeProtoBytes(1, value);
-}
-
-function encodeTimestamp(ts: PbTimestamp): Uint8Array {
-  const seconds = encodeProtoInt64(1, ts.seconds ?? 0n);
-  const nanos = ts.nanos
-    ? concatBytes(encodeFieldTag(2, 0), encodeVarint(BigInt(ts.nanos)))
-    : new Uint8Array(0);
-  return concatBytes(seconds, nanos);
-}
-
-function encodePartSetHeader(total: number, hash: Uint8Array): Uint8Array {
-  return concatBytes(
-    encodeProtoUint64(1, BigInt(total)),
-    encodeProtoBytes(2, hash),
-  );
-}
-
-function encodeBlockId(
-  hash: Uint8Array,
-  partSetTotal: number,
-  partSetHash: Uint8Array,
-): Uint8Array {
-  const psh = encodePartSetHeader(partSetTotal, partSetHash);
-  return concatBytes(encodeProtoBytes(1, hash), encodeProtoBytes(2, psh));
-}
-
-async function merkleLeafHash(leaf: Uint8Array): Promise<Uint8Array> {
-  return sha256(concatBytes(LEAF_PREFIX, leaf));
-}
-
-async function merkleInnerHash(
-  left: Uint8Array,
-  right: Uint8Array,
-): Promise<Uint8Array> {
-  return sha256(concatBytes(INNER_PREFIX, left, right));
-}
-
-function merkleSplitPoint(length: number): number {
-  if (length < 1) throw new Error("Trying to split a tree with size < 1");
-  const bitLen = Math.floor(Math.log2(length)) + 1;
-  let k = 1 << (bitLen - 1);
-  if (k === length) k >>= 1;
-  return k;
-}
-
-async function merkleHashFromByteSlices(
-  items: Uint8Array[],
-): Promise<Uint8Array> {
-  if (items.length === 0) return sha256(new Uint8Array(0));
-  if (items.length === 1) return merkleLeafHash(items[0]);
-
-  const k = merkleSplitPoint(items.length);
-  const left = await merkleHashFromByteSlices(items.slice(0, k));
-  const right = await merkleHashFromByteSlices(items.slice(k));
-  return merkleInnerHash(left, right);
-}
-
-async function computeHeaderHash(
-  header: SignedHeader["header"],
-): Promise<Uint8Array> {
-  if (!header) throw new Error("SignedHeader missing header");
-  if (!header.lastBlockId || !header.lastBlockId.partSetHeader) {
-    throw new Error("Header lastBlockId is missing");
-  }
-  if (!header.time) throw new Error("Header time is missing");
-
-  const version = concatBytes(
-    encodeProtoUint64(1, header.version?.block ?? 0n),
-    encodeProtoUint64(2, header.version?.app ?? 0n),
-  );
-
-  const lastBlockId = encodeBlockId(
-    header.lastBlockId.hash,
-    header.lastBlockId.partSetHeader.total,
-    header.lastBlockId.partSetHeader.hash,
-  );
-
-  const fields: Uint8Array[] = [
-    version,
-    cdcEncodeString(header.chainId),
-    cdcEncodeInt64(header.height),
-    encodeTimestamp(header.time),
-    lastBlockId,
-    cdcEncodeBytes(header.lastCommitHash),
-    cdcEncodeBytes(header.dataHash),
-    cdcEncodeBytes(header.validatorsHash),
-    cdcEncodeBytes(header.nextValidatorsHash),
-    cdcEncodeBytes(header.consensusHash),
-    cdcEncodeBytes(header.appHash),
-    cdcEncodeBytes(header.lastResultsHash),
-    cdcEncodeBytes(header.evidenceHash),
-    cdcEncodeBytes(header.proposerAddress),
-  ].filter((x): x is Uint8Array => Boolean(x));
-
-  return merkleHashFromByteSlices(fields);
-}
-
-function bytesEqual(a: Uint8Array, b: Uint8Array): boolean {
-  if (a.length !== b.length) return false;
-  for (let i = 0; i < a.length; i++) {
-    if (a[i] !== b[i]) return false;
-  }
-  return true;
-}
-
 export type CryptoIndex = Map<string, CryptoKey>;
 
 export interface VerifyOutcome {
@@ -246,6 +82,143 @@ function hasTwoThirds(signed: bigint, total: bigint): boolean {
   return signed * 3n > total * 2n;
 }
 
+function concatBytes(...parts: Uint8Array[]): Uint8Array {
+  const length = parts.reduce((acc, p) => acc + p.length, 0);
+  const out = new Uint8Array(length);
+  let offset = 0;
+  for (const p of parts) {
+    out.set(p, offset);
+    offset += p.length;
+  }
+  return out;
+}
+
+function encodeUvarintBigint(value: bigint): Uint8Array {
+  if (value < 0n) throw new Error("uvarint cannot encode negative values");
+
+  const bytes: number[] = [];
+  let v = value;
+  while (v >= 0x80n) {
+    bytes.push(Number((v & 0x7fn) | 0x80n));
+    v >>= 7n;
+  }
+  bytes.push(Number(v));
+  return new Uint8Array(bytes);
+}
+
+function encodeLengthPrefixed(value: Uint8Array): Uint8Array {
+  return concatBytes(encodeUvarintBigint(BigInt(value.length)), value);
+}
+
+function encodeString(value: string): Uint8Array {
+  if (value.length === 0) return new Uint8Array();
+  return concatBytes(
+    new Uint8Array([0x0a]),
+    encodeLengthPrefixed(new TextEncoder().encode(value)),
+  );
+}
+
+function encodeBytes(value: Uint8Array): Uint8Array {
+  if (value.length === 0) return new Uint8Array();
+  return concatBytes(new Uint8Array([0x0a]), encodeLengthPrefixed(value));
+}
+
+function encodeInt64Value(value: bigint): Uint8Array {
+  if (value === 0n) return new Uint8Array();
+  return concatBytes(new Uint8Array([0x08]), encodeUvarintBigint(value));
+}
+
+function encodeTimestamp(timestamp?: PbTimestamp): Uint8Array {
+  if (!timestamp) return new Uint8Array();
+  return PbTimestamp.encode(timestamp).finish();
+}
+
+function encodeVersionForHeaderHash(
+  version: NonNullable<SignedHeader["header"]>["version"],
+): Uint8Array {
+  if (!version) return new Uint8Array();
+  return Consensus.encode(version).finish();
+}
+
+function encodeBlockIdForHeaderHash(
+  blockId: NonNullable<SignedHeader["header"]>["lastBlockId"],
+): Uint8Array {
+  if (!blockId) return new Uint8Array();
+  return BlockID.encode(blockId).finish();
+}
+
+async function sha256(data: Uint8Array): Promise<Uint8Array> {
+  return new Uint8Array(
+    await crypto.subtle.digest("SHA-256", new Uint8Array(data)),
+  );
+}
+
+async function hashLeaf(leaf: Uint8Array): Promise<Uint8Array> {
+  return sha256(concatBytes(new Uint8Array([0]), leaf));
+}
+
+async function hashInner(
+  left: Uint8Array,
+  right: Uint8Array,
+): Promise<Uint8Array> {
+  return sha256(concatBytes(new Uint8Array([1]), left, right));
+}
+
+function getSplitPoint(size: number): number {
+  if (size < 1) throw new Error("Cannot split an empty merkle tree");
+  const p = 2 ** Math.floor(Math.log2(size));
+  return p < size ? p : p / 2;
+}
+
+async function simpleMerkleHashFromByteSlices(
+  chunks: Uint8Array[],
+): Promise<Uint8Array> {
+  if (chunks.length === 0) throw new Error("Cannot hash an empty merkle tree");
+  if (chunks.length === 1) return hashLeaf(chunks[0]);
+
+  const split = getSplitPoint(chunks.length);
+  const left = await simpleMerkleHashFromByteSlices(chunks.slice(0, split));
+  const right = await simpleMerkleHashFromByteSlices(chunks.slice(split));
+  return hashInner(left, right);
+}
+
+function bytesEqual(a: Uint8Array, b: Uint8Array): boolean {
+  if (a.length !== b.length) return false;
+  for (let i = 0; i < a.length; i++) {
+    if (a[i] !== b[i]) return false;
+  }
+  return true;
+}
+
+async function hashHeaderForBlockId(
+  header: NonNullable<SignedHeader["header"]>,
+): Promise<Uint8Array> {
+  if (!header.lastBlockId) {
+    throw new Error(
+      "Header missing lastBlockId required for hash verification",
+    );
+  }
+
+  const fields: Uint8Array[] = [
+    encodeVersionForHeaderHash(header.version),
+    encodeString(header.chainId),
+    encodeInt64Value(header.height),
+    encodeTimestamp(header.time),
+    encodeBlockIdForHeaderHash(header.lastBlockId),
+    encodeBytes(header.lastCommitHash),
+    encodeBytes(header.dataHash),
+    encodeBytes(header.validatorsHash),
+    encodeBytes(header.nextValidatorsHash),
+    encodeBytes(header.consensusHash),
+    encodeBytes(header.appHash),
+    encodeBytes(header.lastResultsHash),
+    encodeBytes(header.evidenceHash),
+    encodeBytes(header.proposerAddress),
+  ];
+
+  return simpleMerkleHashFromByteSlices(fields);
+}
+
 export async function verifyCommit(
   sh: SignedHeader,
   vset: ProtoValidatorSet,
@@ -301,13 +274,11 @@ export async function verifyCommit(
   const blockIdHash: Uint8Array = bid.hash;
   const partsHash: Uint8Array = bid.partSetHeader.hash;
   const partsTotal: number = bid.partSetHeader.total;
-
-  const expectedBlockHash = await computeHeaderHash(header);
-  if (!bytesEqual(expectedBlockHash, blockIdHash)) {
-    throw new Error(
-      "Header hash does not match commit BlockID hash (header fields were tampered or inconsistent)",
-    );
-  }
+  const expectedBlockIdHash = await hashHeaderForBlockId(header);
+  const headerMatchesCommitBlockId = bytesEqual(
+    expectedBlockIdHash,
+    blockIdHash,
+  );
 
   let signedPower = 0n;
   const unknown: string[] = [];
@@ -374,9 +345,10 @@ export async function verifyCommit(
   }
 
   const quorum = hasTwoThirds(signedPower, totalPower);
+  const ok = quorum && headerMatchesCommitBlockId;
 
   return {
-    ok: quorum,
+    ok,
     quorum,
     signedPower,
     totalPower,

package/src/tests/fixtures/header-merkle-webcat-02.json

@@ -0,0 +1,101 @@
+{
+  "signed_header": {
+    "header": {
+      "version": {
+        "block": "11",
+        "app": "0"
+      },
+      "chain_id": "webcat-test-02",
+      "height": "18720",
+      "time": "2026-03-08T03:00:52.980342151Z",
+      "last_block_id": {
+        "hash": "8271A9B3A0689FF0CB095E39175403A74BC374ABBE23184B20D902199FDC0BA7",
+        "parts": {
+          "total": 1,
+          "hash": "AEB84D5BAB13692BCBD9603B9A94AA310203648DF16A755EA2BA9A2A1D667BCB"
+        }
+      },
+      "last_commit_hash": "9E3394940C1C94504E0465CCED1CE7047639BDF5506E34EA07FE729C5E4EA5FC",
+      "data_hash": "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855",
+      "validators_hash": "166D75D14EE1555615C57D2F013454152214BDB143D458C00A02B2AC0F2AC128",
+      "next_validators_hash": "166D75D14EE1555615C57D2F013454152214BDB143D458C00A02B2AC0F2AC128",
+      "consensus_hash": "048091BC7DDC283F77BFBF91D73C44DA58C3DF8A9CBC867405D8B7F3DAADA22F",
+      "app_hash": "6068FFC66BC857FE76B4E8A779176ABBA6CBFC3F119F961915AF01C293EDC9D3",
+      "last_results_hash": "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855",
+      "evidence_hash": "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855",
+      "proposer_address": "B734AC6CC1F14AAC8315FE8DBB07402ED4E45D72"
+    },
+    "commit": {
+      "height": "18720",
+      "round": 0,
+      "block_id": {
+        "hash": "1E1B52E922F1E20D8113D38A70675BFB0CF83609C00CD6CE637FC79B0C73A890",
+        "parts": {
+          "total": 1,
+          "hash": "CC7EAC61FA5FB28ADC4F26BEB76CD54CDB66C2A952E81CBEE33B55D0ED1B0A78"
+        }
+      },
+      "signatures": [
+        {
+          "block_id_flag": 2,
+          "validator_address": "48926DF1CC10DBBFAA78953F9BE38E59020DE01D",
+          "timestamp": "2026-03-08T03:01:53.984641899Z",
+          "signature": "V1swep5n+4AX155lTrNXSyS7k0L5Wnx2E8zrBGqWEDHf8pW5tFO1ron1xHqfMmJh9BSK3FaOWnIVToqcrvCiBg=="
+        },
+        {
+          "block_id_flag": 2,
+          "validator_address": "A39CFEBE6E8CA10B6101C46884A6EB8E62D04417",
+          "timestamp": "2026-03-08T03:01:54.033082245Z",
+          "signature": "VLIvwTw5aC15Oq8AkmiXudyIFKIo3VBOgU1eIQN+JxgsNtJwr8tuZsaGf6ds7BY6kQ8E93pxDm1CUk2pYrrZDQ=="
+        },
+        {
+          "block_id_flag": 2,
+          "validator_address": "B734AC6CC1F14AAC8315FE8DBB07402ED4E45D72",
+          "timestamp": "2026-03-08T03:01:54.025260639Z",
+          "signature": "ODjl80UkQB7uBQmf0TUCbgg+p8Mvv9ihvmbyYou3YWB7nqcwp5tzz8MiFkoPo8zfiLL+83AqKeYm7S3y3kPxDQ=="
+        }
+      ]
+    }
+  },
+  "validator_set": {
+    "validators": [
+      {
+        "address": "48926DF1CC10DBBFAA78953F9BE38E59020DE01D",
+        "pub_key": {
+          "type": "tendermint/PubKeyEd25519",
+          "value": "zEK+pyAEhhCaoHYhhT+rrorJoc9kZbfY+JkbMtF8u5Y="
+        },
+        "power": "1",
+        "name": null
+      },
+      {
+        "address": "A39CFEBE6E8CA10B6101C46884A6EB8E62D04417",
+        "pub_key": {
+          "type": "tendermint/PubKeyEd25519",
+          "value": "8dZUej72UriKCPIDvk01c6yLaAB2ssYIli3fT3jKwSM="
+        },
+        "power": "1",
+        "name": null
+      },
+      {
+        "address": "B734AC6CC1F14AAC8315FE8DBB07402ED4E45D72",
+        "pub_key": {
+          "type": "tendermint/PubKeyEd25519",
+          "value": "WBK6Af3uKtC+VTv8x48f2TPoNnsebSXSBTIsJku/nQw="
+        },
+        "power": "1",
+        "name": null
+      }
+    ],
+    "proposer": {
+      "address": "B734AC6CC1F14AAC8315FE8DBB07402ED4E45D72",
+      "pub_key": {
+        "type": "tendermint/PubKeyEd25519",
+        "value": "WBK6Af3uKtC+VTv8x48f2TPoNnsebSXSBTIsJku/nQw="
+      },
+      "power": "1",
+      "name": null
+    },
+    "total_voting_power": "3"
+  }
+}