unstable only.Expand description
OCS (Object Checkpoint State) proof verification.
The Object Checkpoint State is the Blake2b256 Merkle tree built by each
checkpoint over the set of object references it modified, with leaves
arranged in ascending ObjectID order (see
crate::merkle for the underlying tree primitive). The tree’s root
is committed to by the containing CheckpointSummary via the
CheckpointCommitment::CheckpointArtifacts variant of its
checkpoint_commitments.
This module defines the proof envelopes that an SDK consumer verifies against a trusted checkpoint summary:
OcsInclusionProofproves that a specificObjectReferenceappears in the tree.OcsNonInclusionProofproves that no leaf with a given object id appears in the tree (the OCS is keyed by object id, so this is the natural notion of “the checkpoint did not modify this object”).OcsProoftags one of the two.
Verification only checks the data-relation half of the proof: it
reconstructs the CheckpointArtifactsDigest from the proof’s tree_root
and asserts it matches the digest committed to by the summary’s
CheckpointArtifacts commitment. Authenticating the checkpoint summary
itself (verifying its BLS aggregate signature against the epoch’s
validator committee) is a separate step performed by the caller, e.g.
via sui-crypto’s ValidatorCommitteeSignatureVerifier.
Structs§
- OcsInclusion
Proof - An OCS inclusion proof.
- OcsNon
Inclusion Proof - An OCS non-inclusion proof.
Enums§
- OcsProof
- An OCS proof — either an inclusion proof or a non-inclusion proof.
- Proof
Error - An error returned by OCS proof verification.