gazagnaire.org / ocaml-scitt
Supply Chain Integrity, Transparency, and Trust (IETF SCITT)
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Fix dune test: tree list/to_concrete, scitt MST proofs, misc

- irmin/lib/tree.ml: list() now returns in-memory children even when
force_node fails; to_concrete() recursively loads backend entries
instead of dropping them silently (the placeholder None was eating
all backend-stored subtree content, so git-backed checkout → add
→ commit was losing records).
- irmin/lib/irmin: add Irmin.tree_hash and Irmin.prove — both backends
expose inclusion proofs via a new prove method on the S signature.
Git uses Private.Proof.Git.produce, Mst uses Private.Proof.Mst.produce;
prove returns the CBOR-encoded proof bytes + the value at the key.
- ocaml-scitt/lib/atp/scitt_atp.ml: the MST VDS was returning path = []
as a placeholder, so every receipt failed verification. Now produces
a real Irmin.prove-generated inclusion proof, wraps it in
[repo_key; proof_bytes] CBOR, and uses the tree-root CID (not the
commit hash) as the receipt root.
- ocaml-mbr/lib/mbr.ml: to_string used Bytes.create which is not
guaranteed to be zeroed; unused partition slots carried uninitialised
bytes and the roundtrip fuzz test broke. Use Bytes.make '\x00'.
- ocaml-tls/eio/tests/tls_eio.md: MDX could not resolve the virtual
crypto library from #require "crypto-rng.unix" alone; explicitly
require crypto.c first so the default implementation is loaded.
- irmin/test/dune: git.t was not wired into the cram stanza, so the
test was using whichever irmin binary happened to be on PATH instead
of the freshly built one.

Thomas Gazagnaire 0fbbaa69 7ce7af98

+29 -16
+29 -16
lib/atp/scitt_atp.ml
··· 106 106 | Ok rk -> ( 107 107 match value_to_dagcbor ~now ~key value with 108 108 | Error e -> err_encoding e 109 - | Ok dagcbor -> 109 + | Ok dagcbor -> ( 110 110 let tree = 111 111 match Irmin.checkout C.store ~branch:"main" with 112 112 | Some t -> t ··· 125 125 Irmin.set_head C.store ~branch:"main" h; 126 126 t.head <- Some h; 127 127 Hashtbl.add t.values key value; 128 - (* Proof: for now return a minimal proof with the commit root. 129 - Full MST inclusion proofs require backend access which will 130 - be exposed via Irmin.prove in a future version. *) 131 - let leaf_hash = 132 - match Hashtbl.find_opt t.values key with 133 - | Some v -> sha256 ("\x00" ^ v) 134 - | None -> sha256 "\x00" 128 + let leaf_hash = sha256 ("\x00" ^ value) in 129 + (* Produce an inclusion proof and encode as [repo_key, proof] 130 + CBOR array for the vdp receipt field. The tree root is the 131 + hash of the committed tree (distinct from the commit hash). *) 132 + let tree_root = 133 + match Irmin.tree_hash C.store h with 134 + | Some th -> th 135 + | None -> h 135 136 in 136 - Ok 137 - { 138 - Scitt.leaf_index = 0; 139 - tree_size = Hashtbl.length t.values; 140 - root = Irmin.Hash.to_hex h; 141 - path = []; 142 - leaf_hash; 143 - }) 137 + match Irmin.prove C.store ~tree_root ~key:rk with 138 + | Error e -> Error ("prove: " ^ e) 139 + | Ok (encoded_proof, _value) -> 140 + let vdp_cbor = 141 + Cbort.Cbor.array 142 + [ Cbort.Cbor.string rk; Cbort.Cbor.bytes encoded_proof ] 143 + in 144 + let vdp_bytes = Cbort.encode_string Cbort.any vdp_cbor in 145 + let root_raw = 146 + Atp.Cid.to_raw_bytes 147 + (Atp.Cid.of_string (Irmin.Hash.to_hex tree_root)) 148 + in 149 + Ok 150 + { 151 + Scitt.leaf_index = 0; 152 + tree_size = Hashtbl.length t.values; 153 + root = root_raw; 154 + path = [ vdp_bytes ]; 155 + leaf_hash; 156 + })) 144 157 145 158 let lookup t ~key = Hashtbl.find_opt t.values key 146 159