ConsistencyProof & VEST Integration

ELI5

A consistency proof is a notary stamp that links three sealed envelopes (user, document, timestamp commitments) to an external public ledger (VEST chain). Anyone can confirm the stamp is genuine without opening the envelopes — they just verify the stamp’s fingerprint matches the ledger entry.

Technical Deep Dive

ConsistencyProof in src/consistency_proof.rs is the cross-layer anchor between AEGIS and the VEST audit chain.

ConsistencyProof Fields

Total default size: 192 bytes.

is_valid() returns true when all four commitment fields are non-empty (proof_data is not checked).

Class Diagram

classDiagram
    class ConsistencyProof {
        +proof_id: String
        +user_commitment: Vec~u8~
        +doc_commitment: Vec~u8~
        +timestamp_commitment: Vec~u8~
        +vest_chain_ref: Vec~u8~
        +proof_data: Vec~u8~
        +timestamp_ms: u64
        +is_valid() bool
        +size_bytes() usize
        +with_commitments(u, d, t) Self
        +with_vest_ref(ref) Self
    }
    class ConsistencyProofManager {
        -proofs: HashMap~String, ConsistencyProof~
        +create_proof(id) Result~ConsistencyProof~
        +get_proof(id) Option~ConsistencyProof~
        +verify_proof(proof) bool
        +verify_batch(ids) (usize, usize)
        +link_to_vest(id, vest_ref) Result~()~
        +proof_count() usize
    }
    ConsistencyProofManager --> ConsistencyProof : manages

VEST Link Sequence

sequenceDiagram
    participant Caller
    participant Manager as ConsistencyProofManager
    Caller->>Manager: create_proof("cp1")
    Manager-->>Caller: ConsistencyProof (all zeroed)
    Caller->>Manager: link_to_vest("cp1", vest_ref_bytes)
    Manager->>Manager: proof.vest_chain_ref = vest_ref_bytes
    Manager-->>Caller: Ok(())
    Caller->>Manager: verify_proof(proof)
    Manager->>Manager: XOR check: a^b^t == v || ...+1 == v
    Manager-->>Caller: bool

XOR Consistency Check

verify_proof checks:

a = user_commitment[0]
b = doc_commitment[0]
t = timestamp_commitment[0]
v = vest_chain_ref[0]
(a ^ b ^ t) == v || (a ^ b ^ t).wrapping_add(1) == v

For a default proof with all fields vec![0u8; 32], 0 ^ 0 ^ 0 = 0 == 0 → passes trivially. This is a placeholder for a proper Merkle inclusion proof.

verify_batch

Returns (verified: usize, total: usize). Proofs not found in the map count towards total but not verified. This makes a missing proof ID indistinguishable from a failed proof in the count.

Key Terms

• ConsistencyProof → Five-field struct linking user/doc/time commitments to VEST; defined in src/consistency_proof.rs
• vest_chain_ref → 32-byte reference into the VEST external audit chain
• link_to_vest → Mutates an existing proof’s vest_chain_ref in the HashMap
• verify_batch → Verifies a slice of proof IDs; returns (verified, total) counts
• VEST → External audit chain referenced from AEGIS (not implemented in this repo — inferred from proto definitions)

Q&A

Q: with_commitments and with_vest_ref are builder methods — can they be called after the proof is stored in the manager? A: No. They consume self and return a new value; they work only during construction. After insertion, use link_to_vest to update vest_chain_ref in-place.

Q: verify_batch receives proof IDs as &[&str] — what happens for an ID that was never created? A: self.proofs.get(*id) returns None, the inner if let Some(proof) block is skipped, and total increments without verified incrementing. A missing id silently counts as a verification failure.

Q: stats() on ConsistencyProofManager calls verify_proof for every stored proof — is this O(n)? A: Yes. self.proofs.values().filter(|p| self.verify_proof(p)).count() iterates the entire map. For large proof sets this is a linear scan on every stats call.

Examples

Create, link, and verify:

let mut manager = ConsistencyProofManager::new();
manager.create_proof("cp1").unwrap();

// Simulate VEST chain reference
let vest_ref = vec![0u8; 32]; // matches XOR check with zeroed commitments
manager.link_to_vest("cp1", vest_ref).unwrap();

let proof = manager.get_proof("cp1").unwrap();
assert!(manager.verify_proof(&proof));

let (verified, total) = manager.verify_batch(&["cp1"]);
assert_eq!(total, 1);
assert_eq!(verified, 1);