Skip to content

Releases: ark-forge/proof-spec

v2.1.0 — Canonical JSON chain hash (security fix)

10 Mar 17:04
@desiorac desiorac
v2.1.0
b04838f

Choose a tag to compare

View all tags
v2.1.0 — Canonical JSON chain hash (security fix) Latest
Latest

What changed

This release documents the new canonical JSON chain hash algorithm, fixing a preimage ambiguity vulnerability present in the legacy string concatenation formula.

Security fix — preimage ambiguity in chain hash

The legacy formula concatenated variable-length fields without separators:

SHA256(request_hash + response_hash + transaction_id + timestamp + ...)

Two different inputs could produce the same concatenated string (e.g. "ab"+"cd" = "a"+"bcd"), creating a theoretical collision path.

The new formula uses canonical JSON serialization:

SHA256(canonical_json({
  "buyer_fingerprint": ...,
  "request_hash": ...,
  "response_hash": ...,
  "seller": ...,
  "timestamp": ...,
  "transaction_id": ...,
  # optional: "upstream_timestamp", "receipt_content_hash"
}))

Field boundaries are explicit — no ambiguity possible.

Proof spec_version mapping

spec_version Algorithm Status
"1.1" String concatenation Legacy — still verifiable
"2.0" String concatenation + receipt Legacy — still verifiable
"1.2" Canonical JSON Current
"2.1" Canonical JSON + receipt Current

Changes

  • SPEC.md: Section 2 documents current algorithm (canonical JSON) + legacy backward compat; Section 5 updated with Python verifier for current algorithm
  • test-vectors.json: 2 new vectors (canonical_json_v1_2, canonical_json_v2_1_upstream_and_receipt) — 9 total
  • check_consistency.py: routes by algorithm field per vector

Backward compatibility

All existing proofs (spec_version "1.1", "2.0") remain fully verifiable using the legacy path documented in Section 2. No migration required for existing proofs.

Assets 2
Loading

v2.0.0 — Receipt content hash in chain hash

28 Feb 21:53
@desiorac desiorac
v2.0.0
1303137

Choose a tag to compare

View all tags
v2.0.0 — Receipt content hash in chain hash

What's new

Spec v2.0.0 — extends the chain hash formula with an optional receipt_content_hash field for external payment receipt verification.

Changes

  • Chain hash formula: appends receipt_content_hash (SHA-256 of raw receipt bytes) when present
  • spec_version: "2.0" when receipt is bound, "1.1" otherwise
  • Full backward compatibility: v1.1 proofs verify identically
  • 7 test vectors (added with_receipt and free_tier_with_receipt)
  • check_consistency.py updated for v2.0 vectors

Chain hash v2.0

SHA256(request_hash + response_hash + payment_id + timestamp + buyer + seller + upstream_timestamp + receipt_content_hash)

Links

Loading