Summary
mimetic verify should validate screenshot evidence by decoding image bytes, not only by checking file extension and magic-byte signatures.
Why
Signature checks catch obvious cases like text files saved as .png, but they can still accept truncated or corrupt image files that happen to start with a valid header. For visual QA and Observer evidence, a screenshot artifact should be loadable image evidence, not merely a file with plausible leading bytes.
Proposed acceptance criteria
- Decode PNG evidence at minimum and reject corrupt/truncated images.
- Require decoded dimensions greater than zero.
- Add a reasonable pixel-count or byte-size guard so verification cannot be abused by enormous image payloads.
- Add tests for:
- valid small PNG evidence passes,
- text saved as
.png fails,
- truncated PNG with valid header fails,
- unsupported screenshot extension fails with a clear message.
- Keep the validation generic and independent of any adopter/project-specific screenshots.
Notes
This is a follow-up hardening item. Signature validation is still useful as a fast first pass, but decode-level validation should be the stronger proof gate for screenshots that feed Observer and run verification.
Summary
mimetic verifyshould validate screenshot evidence by decoding image bytes, not only by checking file extension and magic-byte signatures.Why
Signature checks catch obvious cases like text files saved as
.png, but they can still accept truncated or corrupt image files that happen to start with a valid header. For visual QA and Observer evidence, a screenshot artifact should be loadable image evidence, not merely a file with plausible leading bytes.Proposed acceptance criteria
.pngfails,Notes
This is a follow-up hardening item. Signature validation is still useful as a fast first pass, but decode-level validation should be the stronger proof gate for screenshots that feed Observer and run verification.