vaultsovereign/test
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
53b9d363b4e70709d562daf93bd94f8e14b12027
test/VaultMesh_Catalog_v1/pages/page5-proof-system.md
Vault Sovereign 1583890199 Initial commit - combined iTerm2 scripts 
Contains:
- 1m-brag
- tem
- VaultMesh_Catalog_v1
- VAULTMESH-ETERNAL-PATTERN

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-28 03:58:39 +00:00

72 lines
3.4 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
Page Title: Cryptographic Proof System (VaultMesh Proof Spine)
Summary: VaultMesh uses a Merkle-tree-based proof system with receipts, roots, and cross-ledger anchoring. Each serious action (deploy, anchor, oracle decision, incident handling) emits a receipt. DevOps pipelines produce PROOF.json and ROOT.txt artifacts and anchor them to external ledgers, turning infrastructure history into a verifiable "civilization ledger".
Key Findings:
- All significant actions generate cryptographic receipts in append-only logs.
- Merkle trees allow efficient inclusion proofs for large sets of receipts.
- Anchors can be written to local files, Bitcoin (OTS), Ethereum, or mesh peers.
- The release pipeline for vm-spawn automatically computes Merkle roots and anchors proof artifacts.
- Braid-style interoperability allows importing and emitting foreign ledger roots.
Components:
- Proof Generator (`proof_generate`) creates signed receipts.
- Merkle Batcher (`proof_batch`) aggregates receipts into Merkle trees.
- Anchor System (`proof_anchor_*`) writes roots to durable anchors.
- Verification Engine (`proof_verify`) validates inclusion and integrity.
- Braid Protocol (`proof_braid_*`) cross-ledger interoperability.
Proof Lifecycle:
1. Action occurs (e.g., Guardian anchor, deployment, oracle decision).
2. `proof_generate` creates a signed receipt with a Blake3 hash of the canonical JSON.
3. Receipts accumulate until a batch threshold is reached.
4. `proof_batch` constructs a Merkle tree and computes the root.
5. `proof_anchor_*` writes the root to local files, timestamps, or blockchains.
6. `proof_verify` allows any future verifier to confirm receipt integrity against a given root.
Anchoring Strategies:
| Type | Method | Durability |
|-------|---------------------------------|---------------------|
| local | Files in `data/anchors/` | Node-local |
| ots | OpenTimestamps → Bitcoin | Public blockchain |
| eth | Calldata/contract → Ethereum | Public blockchain |
| mesh | Cross-attest via other nodes | Federated durability|
Braid Protocol:
- `braid_import` import foreign ledger roots from other chains/nodes.
- `braid_emit` expose local roots for others to import.
- `braid_status` track imported vs. local roots and regression.
- Ensures root sequences are strictly advancing (no rollback without detection).
Receipt Schema (Conceptual):
```json
{
"proof_id": "uuid",
"action": "guardian_anchor",
"timestamp": "ISO8601",
"data_hash": "blake3_hex",
"signature": "ed25519_sig",
"witnesses": ["node_id"],
"chain_prev": "prev_proof_id"
}
```
Security Notes:
- Blake3 hashing for speed and modern security.
- Ed25519 signatures for authenticity and non-repudiation.
- Merkle trees make inclusion proofs O(log n).
- Multiple anchoring paths provide defense in depth against ledger loss.
DevOps Integration:
- vm-spawn release pipeline:
- Computes Merkle root over build artifacts.
- Requests RFC 3161 timestamp.
- Anchors hash on Ethereum and Bitcoin.
- Emits PROOF.json and ROOT.txt alongside release assets.
- Guardian CLI (vm_cli.py guardian) provides human-readable views over roots and scrolls.
Dependencies:
- Blake3 library.
- Ed25519 signing library and key management.
- Optional OTS/BTC/ETH client libraries or APIs.
- OffSec MCP / VaultMesh services exposing proof tools.
Reference in New Issue View Git Blame Copy Permalink