Skip to content

Validate screenshot evidence by decoding image bytes, not only file signatures #210

Description

@danielgwilson

Summary

mimetic verify should validate screenshot evidence by decoding image bytes, not only by checking file extension and magic-byte signatures.

Why

Signature checks catch obvious cases like text files saved as .png, but they can still accept truncated or corrupt image files that happen to start with a valid header. For visual QA and Observer evidence, a screenshot artifact should be loadable image evidence, not merely a file with plausible leading bytes.

Proposed acceptance criteria

  • Decode PNG evidence at minimum and reject corrupt/truncated images.
  • Require decoded dimensions greater than zero.
  • Add a reasonable pixel-count or byte-size guard so verification cannot be abused by enormous image payloads.
  • Add tests for:
    • valid small PNG evidence passes,
    • text saved as .png fails,
    • truncated PNG with valid header fails,
    • unsupported screenshot extension fails with a clear message.
  • Keep the validation generic and independent of any adopter/project-specific screenshots.

Notes

This is a follow-up hardening item. Signature validation is still useful as a fast first pass, but decode-level validation should be the stronger proof gate for screenshots that feed Observer and run verification.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions