Skip to main content

verify_subtree_proof

Function verify_subtree_proof 

Source
pub fn verify_subtree_proof(
    proof: &SubtreeProof,
    nonce: &[u8; 32],
    commitment: &StorageCommitment,
) -> StructureVerdict
Expand description

Structural verification (ADR-0002 check 1): the returned subtree genuinely belongs to the committed tree.

Re-derives the selected branch from (nonce, commitment.key_count), rebuilds the root from proof.leaves and proof.sibling_cut_hashes, and requires it to equal commitment.root. Also checks leaf count and ascending-key order (the committed tree sorts leaves by key).

This does NOT verify possession of bytes — that is the caller’s spot-check using select_spotcheck_indices. It only proves the structure.