test(evidence): signer-key-resolution authority-loop reference verifier#90
Merged
Conversation
End-to-end validation that a key RESOLVED FROM THE PUBLISHED JWKS authenticates the envelopes the signer actually produces (the v0.2 layer shipped in cycles-protocol#113 getEvidenceJwks + cycles-server#194; design #103 / aeoess#43). - JwksAuthorityVerifier (test util): a runnable, spec-faithful reference for the consumer/APS side. Given an envelope + a resolved JWK Set it reports exactly one of the five dispositions, reusing the PRODUCTION CyclesEvidenceCanonicalizer (re-derive evidence_id + signing bytes) + EnvelopeSigner (Ed25519 verify), with the normative raw-hex resolution, the window gate (cycles_nbf_ms <= issued_at_ms AND (cycles_exp_ms absent/null OR issued_at_ms < cycles_exp_ms)), and deterministic single-match selection. - JwksAuthorityLoopTest: runs it over the 13 golden fixtures (already byte- validated against the APS verifier) + a new cycles-jwks.json publishing their signer. All 13 → authentic; plus binding_only (no JWKS; valid-but-unpinned and pinned), signer_resolution_failed (set unreachable/unparseable), signer_authority_failed (out-of-window / absent key / mismatched pin), and signature_invalid (tampered signature; tampered payload → evidence_id mismatch). This is the live authority loop a deployment runs (emit/sign → publish JWKS → resolve window-covering key → verify), as durable regression coverage; the cycles-jwks.json fixture doubles as the concrete key set APS can resolve against. codex review: two Mediums addressed — (1) integral-numeric validation for the window members + a 32-byte x check (no asLong() coercion to 0); (2) clarified binding_only covers valid-but-unpinned per spec (kept behavior; fixed the doc; added null-pin / mismatched-pin / malformed-nbf tests). 22 tests; test-only (verifier in src/test; no production/wire/spec change).
…90 review) The 3 codex-hardening tests added after the initial entry (null-pin, mismatched-pin, non-integral-window) bumped 19→22; the AUDIT entry still said 19. Synced the count and the failure-mode descriptions (binding_only valid-but-unpinned; authority_failed mismatched-pin / non-integral window) + noted the codex fixes.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
The signer-key-resolution authority loop, validated end-to-end on REAL artifacts — and a runnable reference for the consumer (APS) side. Test-only.
This closes the "in the meantime" integration-testing gap while APS builds their
did:cyclesresolver: it proves a key resolved from the published JWKS authenticates the envelopes the signer actually produces (the v0.2 layer:getEvidenceJwksshipped in runcycles/cycles-protocol#113 + runcycles/cycles-server#194; design on #103 / aeoess#43).Changes (test-only)
JwksAuthorityVerifier(test util) — given an envelope + a resolved JWK Set, reports exactly one of the five dispositions, reusing the productionCyclesEvidenceCanonicalizer(re-deriveevidence_id+ signing bytes) andEnvelopeSigner(Ed25519 verify). Implements the normative raw-hex resolution, the window gate, and deterministic single-match selection. It is a spec-faithful reference the APS resolver can be checked against.JwksAuthorityLoopTest— runs it over the 13 golden fixtures (already byte-validated against the APS verifier) + a newcycles-jwks.jsonpublishing their signer. All 13 →authentic; plus all four failure modes:binding_only(no JWKS — valid-but-unpinned and pinned),signer_resolution_failed(set unreachable/unparseable),signer_authority_failed(out-of-window / absent key / mismatched pin / malformed window value),signature_invalid(tampered signature; tampered payload →evidence_idmismatch).cycles-jwks.jsonfixture — doubles as the concrete key set APS can point their resolver at.This is the live authority loop a deployment runs (emit/sign → publish JWKS → resolve window-covering key → verify), as durable regression coverage rather than a one-time smoke.
Review
codex-reviewed; two Mediums addressed:
cycles_nbf_ms/cycles_exp_ms) +issued_at_msmust be integral numbers (noasLong()coercion of"not-a-number"/{}to0slipping past the window gate), andxmust decode to exactly 32 bytes.binding_onlysemantics — kept the behavior (per the v0.2 spec,binding_onlysubsumes "valid-but-unpinned"; thesigner_pin_matchedcompanion records the pin separately), fixed the misleading javadoc, and added null-pin / mismatched-pin / malformed-window tests.22 tests, all green. Test-only — verifier lives in
src/test; no production/wire/spec change, no jacoco-main impact.Refs: #113, runcycles/cycles-protocol#113, runcycles/cycles-protocol#103, aeoess#43.