Skip to content

Harden sigil proof bundle normalization and ZK contracts #268

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
kojibai merged 4 commits into from
Jan 25, 2026
Merged

Harden sigil proof bundle normalization and ZK contracts #268

kojibai merged 4 commits into from
Jan 25, 2026

Conversation

@kojibai
Copy link
Owner

@kojibai kojibai commented Jan 25, 2026

Motivation

  • Ensure the Sigil proof bundle is unambiguous and resilient to incomplete or user-supplied payloads by adding strict normalization and contract enforcement for curves and public inputs while keeping all cryptographic outputs unchanged.
  • Make Poseidon statement encoding machine-readable and document the h2f mapping for canonical clarity without affecting existing hash/poseidon computation.
  • Unify the canon label to JCS and provide safe defaults and hints to avoid accidental metadata divergence.

Description

  • Added a single-source curve normalizer normalizeZkCurve(curve: unknown): "bn128" | "BLS12-381" | undefined and rewrote normalizeProofBundleZkCurves to normalize top-level, bundleRoot, and meta curves, append non-breaking mismatch warnings, and emit curveAliases for bn128 (no behavior change to cryptographic math).
  • Introduced ZK_STATEMENT_ENCODING documenting the Poseidon statement machine-readable encoding and a helper buildZkPublicInputs which builder code uses to set public inputs to [H, H] when a zkPoseidonHash exists; the code never alters actual zkPoseidonHash computation.
  • Enforced verification-side guards via assertZkCurveConsistency and assertZkPublicInputsContract and integrated these checks into the verification flow so missing curves with proof points and curve/meta mismatches fail with deterministic error strings ("missing zkProof.curve", "zk curve mismatch (meta vs proof)", "zk public inputs contract violated").
  • Normalized canon labels to exactly "JCS" (RFC 8785 reference comment) and added encoding and publicInputsContract defaults to zkStatement where applicable; introduced safe handling for whitespace-only / absent curve fields (treat as absent, do not clobber meta).
  • Updated consumers to use the new helpers and non-breaking metadata additions (files updated include verifier helpers and UI/embed/export flows) and added small non-breaking fields: zkMeta.curveAliases, zkStatement.encoding, and deterministic warnings text format.

Testing

  • Ran the unit pipeline node --test tests/sigil_bundle_pipeline.test.mjs which executes the sigil bundle pipeline and new unit tests, and all subtests passed successfully (no failures).
  • Added tests covering curve mismatch correction, whitespace-proof-curve safety, public inputs contract enforcement, and verification-side curve rules, and validated builders produce zkPublicInputs equal to [H, H] when zkPoseidonHash is present.
  • No cryptographic proof generation or verification behavior was altered; tests verify existing groth16 verification path remains successful.

Codex Task

@vercel
Copy link

vercel bot commented Jan 25, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Review Updated (UTC)
phi-network-5aii Ready Ready Preview, Comment Jan 25, 2026 9:23pm

Request Review

chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Jan 25, 2026
View reviewed changes
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: beec7edb32

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

@kojibai kojibai merged commit ec5f7cf into codex/implement-opengraph-image-rendering-for-verified-glyphs-zhhgfy Jan 25, 2026
1 of 2 checks passed
kojibai added a commit that referenced this pull request Jan 26, 2026
@kojibai
v42.0.0
d6d8081 
# Φ Network (PHI_NETWORK) — v42.0.0
**Release date:** 2026-01-25 (America/New_York)
**Baseline:** v41.2.0 (tag: `41.2.0`, commit: `f955135`) → HEAD :contentReference[oaicite:1]{index=1}

## Executive summary
v42.0.0 is a major capability release for the ΦNet Sovereign Gate focused on **shareable verification**, **receive-ownership**, and **offline-first integrity**. This release introduces a deterministic **VERIFIED OpenGraph (OG) card pipeline** (server-rendered + client fallback), adds a **receive ownership layer** (receive signature + owner ΦKey derivation + provenance handling), and hardens the verification bundle schema/hashing so **offline verification remains final and spoof-resistant**. :contentReference[oaicite:2]{index=2}

---

## Highlights
### 1) Deterministic VERIFIED OG cards + /og route (shareable verification)
- Added deterministic **VERIFIED OG card renderer**, **/og route**, SSR metadata, and a client download fallback. :contentReference[oaicite:3]{index=3}
- Hardened OG not-found handling + share text, and tightened OG metadata ordering for receive signatures. :contentReference[oaicite:4]{index=4}
- Added **verifiedAtPulse** to verified OG cards and added verification pulse into proof bundles so each verification is uniquely stamped. :contentReference[oaicite:5]{index=5}

### 2) Receive ownership layer (receiveSig + owner ΦKey derivation + provenance)
- Implemented a receive ownership layer including **receiveSig**, **owner ΦKey derivation**, and provenance handling. :contentReference[oaicite:6]{index=6}
- Fixed receive signature lookup issues and improved verification snapshot/KAS fallback behavior around receive flows. :contentReference[oaicite:7]{index=7}
- Allowed chained receives and surfaced owner ΦKey display. :contentReference[oaicite:8]{index=8}

### 3) Verifier artifact packaging (ZIP bundles) + segmented verification robustness
- Added **bundle ZIP downloads** for VerifierStamper receive + segment flows. :contentReference[oaicite:9]{index=9}
- Fixed segmented glyph verification and ensured archive-on-seal correctness; fixed sendLock typing when sealing segments. :contentReference[oaicite:10]{index=10}

### 4) Valuation integrity (minted snapshot + receipt binding) + receive USD chart correctness
- Minted valuation snapshot + bound it to receipts; fixed receive-signature bundle hash, and corrected USD chart behavior for receive glyphs. :contentReference[oaicite:11]{index=11}

### 5) SSR + offline-first performance (snapshot seeding/caching, preload/header, lazy-loading)
- SSR/offline: use `/` as shell, add SSR preloads/header, and lazy-load heavy browser libs. :contentReference[oaicite:12]{index=12}
- Added SSR snapshot seeding + caching and short-circuited SSR loaders when cached. :contentReference[oaicite:13]{index=13}
- Multiple Vercel SSR hardening iterations (render invocation, render fn signature, HTML fallback). :contentReference[oaicite:14]{index=14}

---

## Breaking changes / upgrade notes
- **Verification bundle schema** has been expanded/clarified with explicit binding fields (origin/receive mode, bundle hashes, receiveSig, receivePulse, ownerPhiKey, derivation, etc.). Consumers should treat the bundle as forward-compatible and prefer the explicit fields when present. :contentReference[oaicite:15]{index=15}
- Tooling note: repository package manager metadata was updated (`pnpm@10.28.1`) alongside related build metadata changes. :contentReference[oaicite:16]{index=16}

---

## Security & Integrity
- Hardened verification cache + receipts; tightened proof bundle contracts and normalized ZK curve metadata for consistency. :contentReference[oaicite:17]{index=17}
- Fixed verify bundle hash parity (including legacy proofs) and aligned ZK hash with payload hash. :contentReference[oaicite:18]{index=18}
- Persisted KAS author signatures in the sigil registry + hardened WebAuthn signing flows (PWA stability + cross-session recall). :contentReference[oaicite:19]{index=19}

---

## Performance & Reliability
- Improved SSR/offline shell behavior and lazy loading for heavier client libraries to reduce initial load and improve time-to-interactive without sacrificing offline operation. :contentReference[oaicite:20]{index=20}
- Fixed app loading issues on Vercel by correcting SSR invocation/signatures and HTML fallbacks. :contentReference[oaicite:21]{index=21}
- Mobile export hardening: fixed PNG export fidelity, ensured img onload is registered before src assignment, and clamped PNG export sizes for mobile constraints. :contentReference[oaicite:22]{index=22}

---

## Full “Today / last 24h” commit list (GitHub date buckets)
> Note: GitHub groups these as **Jan 25–26, 2026** (often UTC-skewed vs local time). :contentReference[oaicite:23]{index=23}

### Jan 26, 2026
- Merge PR #256 — Add deterministic VERIFIED OG card renderer, /og route, SSR meta, and client download fallback (`d646d44`) :contentReference[oaicite:24]{index=24}
- Merge PR #279 — Add bundle ZIP downloads for VerifierStamper receive and segment flows (`4cdfc14`) :contentReference[oaicite:25]{index=25}
- Add bundle zip downloads for verifier actions (`44b819e`) :contentReference[oaicite:26]{index=26}
- Merge PR #278 — Fix segmented glyph verification and archive on seal (`ba519b5`) :contentReference[oaicite:27]{index=27}
- update (`146ac52`) :contentReference[oaicite:28]{index=28}
- Fix sendLock type when sealing segments (`0027102`) :contentReference[oaicite:29]{index=29}
- Fix segmented glyph verification and archive on seal (`68edd9f`) :contentReference[oaicite:30]{index=30}
- Merge PR #273 — Mint valuation snapshot + bind to receipt; fix receive-signature bundle hash; USD chart for receive glyphs (`f7d225a`) :contentReference[oaicite:31]{index=31}
- Merge PR #276 — fix infinite receives and verification display (`2c73fde`) :contentReference[oaicite:32]{index=32}
- Merge PR #277 — fix unused variable warnings (`2a1994a`) :contentReference[oaicite:33]{index=33}
- update verifypage (`a66c624`) :contentReference[oaicite:34]{index=34}
- Use receive bundle hash from embedded proof (`eea658d`) :contentReference[oaicite:35]{index=35}
- Use receive bundle root and lock helper (`c94496f`) :contentReference[oaicite:36]{index=36}

### Jan 25, 2026
- Allow repeat receive claims per upload (`a5793b5`) :contentReference[oaicite:37]{index=37}
- Fix verify OG meta ordering for receive sig (`90b8572`) :contentReference[oaicite:38]{index=38}
- Allow chained receives and show owner PhiKey (`6872a65`) :contentReference[oaicite:39]{index=39}
- Merge PR #275 — Fix receive signature storage key mismatch (`fd528a3`) :contentReference[oaicite:40]{index=40}
- Fix receive signature lookup and USD chart scaling (`54b08ef`) :contentReference[oaicite:41]{index=41}
- Merge PR #274 — Fix TypeScript type errors on VerifyPage (`4d43a9f`) :contentReference[oaicite:42]{index=42}
- Tighten KAS author-sig fallback (`c66e34e`) :contentReference[oaicite:43]{index=43}
- Fix verification snapshot and KAS fallback (`8595b42`) :contentReference[oaicite:44]{index=44}
- Add receive-bound valuation and signature fixes (`fe54c2d`) :contentReference[oaicite:45]{index=45}
- Merge PR #272 — Add receive ownership layer: receiveSig, owner ΦKey derivation, and provenance handling (`4da37ea`) :contentReference[oaicite:46]{index=46}
- update verifypage fixed linter errors (`888515c`) :contentReference[oaicite:47]{index=47}
- Add receive ownership metadata and verification (`c6675aa`) :contentReference[oaicite:48]{index=48}
- Merge PR #270 — default cache version to verification_bundle_version (`d5c44d6`) :contentReference[oaicite:49]{index=49}
- Use verifier bundle version for cache fallback (`29fc43f`) :contentReference[oaicite:50]{index=50}
- Merge PR #268 — harden sigil proof bundle for invariants (`ec5f7cf`) :contentReference[oaicite:51]{index=51}
- Merge PR #269 — finalize verifier audit hardening (`8c8f218`) :contentReference[oaicite:52]{index=52}
- update verifier proof verifier stamper and verifypage for lint errrors (`fd80430`) :contentReference[oaicite:53]{index=53}
- Harden verification cache and receipts (`0ffd781`) :contentReference[oaicite:54]{index=54}
- Harden sigil proof bundle contracts (`beec7ed`) :contentReference[oaicite:55]{index=55}
- Merge PR #267 — fix proof bundle curve metadata consistency (`f4a8587`) :contentReference[oaicite:56]{index=56}
- Normalize zk curve metadata in proof bundles (`23ddb86`) :contentReference[oaicite:57]{index=57}
- Merge PR #266 — escape capsulehash in svg text (`04d9a92`) :contentReference[oaicite:58]{index=58}
- Merge PR #258 — fix corrupted PNG image on VerifyPage (`cabfee1`) :contentReference[oaicite:59]{index=59}
- Fix bundle hash parity and PNG filename (`674b964`) :contentReference[oaicite:60]{index=60}
- Fix bundle hash parity for legacy proofs (`9c96fcd`) :contentReference[oaicite:61]{index=61}
- Use phi.svg in verified card (`7db9cb2`) :contentReference[oaicite:62]{index=62}
- Fix VerifyPage pulse initialization (`ff4892f`) :contentReference[oaicite:63]{index=63}
- Fix verifier PNG download and unique URLs (`53b9812`) :contentReference[oaicite:64]{index=64}
- Fix PNG download handling (`21689a9`) :contentReference[oaicite:65]{index=65}
- Merge PR #257 — add verification timing marker to card (`0a908f0`) :contentReference[oaicite:66]{index=66}
- Fix verifiedAtPulse type in bundle seed (`47579f8`) :contentReference[oaicite:67]{index=67}
- Fix verification metadata order and OG description (`1c4ae9e`) :contentReference[oaicite:68]{index=68}
- Add verification pulse to proof bundles (`507e5a3`) :contentReference[oaicite:69]{index=69}
- Add verifiedAtPulse to verified OG cards (`bc30b46`) :contentReference[oaicite:70]{index=70}
- Add verified OG card rendering (`548f807`) :contentReference[oaicite:71]{index=71}
- create phi_og_verified_template (`2311fd6`) :contentReference[oaicite:72]{index=72}
- Preserve badge styles on button variants (`ea60d43`) + official seal popovers + copy refinements :contentReference[oaicite:73]{index=73}
- SSR fixes: render invocation/signature + loader declaration + caching short-circuit + HTML fallback :contentReference[oaicite:74]{index=74}

---

## Full changelog (since v41.2.0)
Baseline tag: `41.2.0` — “Bump app version to 41.2.0 and update sigil file naming” (`f955135`). :contentReference[oaicite:75]{index=75}

### v41.3.0 → v41.6.x (Jan 12–13)
- v41.3.0 Update build artifacts and SigilModal component (`e498c3f`) :contentReference[oaicite:76]{index=76}
- Bump app version to 41.5.0 and update Sigil file naming (`3c858ef`) :contentReference[oaicite:77]{index=77}
- v41.6.0 Update baseName format in SigilModal export (`e5fbe8a`) :contentReference[oaicite:78]{index=78}
- Store KAS auth in sigil registry (`fff9e79`) + Fix WebAuthn allowCredentials buffer (`464fd40`) :contentReference[oaicite:79]{index=79}
- Merge PR #226 — Persist KAS author signatures in sigil registry and harden WebAuthn signing (`87ff285`) :contentReference[oaicite:80]{index=80}
- Reload detection: Add reload detective and harden KaiVoh reload safety (`228a735`), PR #228 (`5d8c524`) :contentReference[oaicite:81]{index=81}

### v41.6.8 → v41.7.x (Jan 24)
- Merge PR #229 — implement SSR and optimize performance (`d96d955`) + SSR entrypoints/perf instrumentation (`ad71837`) :contentReference[oaicite:82]{index=82}
- Export + proof bundle: Enhance sigil export with proof bundle (`11e6433`), Match SigilPage export proof bundle to SealMoment (`aeb1339`), Align exported SVG hashing with verifier (`2602cdf`) :contentReference[oaicite:83]{index=83}
- Offline correctness: Ensure sigil page and exports work offline (`93ec687`), Keep JSZip bundled for offline exports (`7f1f2d0`) :contentReference[oaicite:84]{index=84}
- Mobile PNG stability: Clamp PNG export size for mobile (`c539f9c`), Fix fallback image loading (`6457adc`), Fix mobile PNG export fidelity (`56e6906`) :contentReference[oaicite:85]{index=85}

### v41.8.x → v41.9.x (Jan 25)
- SSR/offline hardening: PR #237 (`b56ad55`) + SSR snapshot cache/loader short-circuit (`2b36112`) + Vercel SSR invocation/signature fixes (`c17a987`, `8e55600`) :contentReference[oaicite:86]{index=86}
- Verify UX: live chart popover on verify price (`7c88c05`) + badge/seal popovers and copy updates :contentReference[oaicite:87]{index=87}
- Verified OG groundwork: create template (`2311fd6`), add verified OG rendering (`548f807`), add verification pulse fields (`507e5a3`, `bc30b46`) :contentReference[oaicite:88]{index=88}
- Hash parity hardening: multiple fixes for verify bundle hash parity + legacy proofs + PNG download correctness :contentReference[oaicite:89]{index=89}

### v41.9.9 → v42.0.0 (Jan 25–26)
- Receive ownership layer (PR #272) + receive valuation/signature correctness and chained-receive display improvements :contentReference[oaicite:90]{index=90}
- Valuation snapshot minting + receipt binding (PR #273) :contentReference[oaicite:91]{index=91}
- Segmented verification fixes (PR #278) + ZIP bundle downloads (PR #279) :contentReference[oaicite:92]{index=92}
- Deterministic VERIFIED OG cards end-to-end (PR #256) :contentReference[oaicite:93]{index=93}

---

## Credits
- Primary author: @kojibai :contentReference[oaicite:94]{index=94}
@Phinetwork Phinetwork mentioned this pull request Jan 26, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

codex

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kojibai