Skip to main content

Module hash

cortex_ledger

Module hash 

Source
Expand description

Domain-tagged, length-prefixed BLAKE3 hash chain (T-1.B.1 + T-1.B.6).

§Framing

Two hashes participate in the chain:

  1. payload_hashblake3(canonical_payload_bytes). The canonical encoding of a serde_json::Value is the ordered, no-whitespace form produced by canonical_payload_bytes. Object keys are sorted lexicographically; arrays preserve order; numbers, strings, and booleans are emitted in their canonical JSON form. This makes the hash stable across re-serialization: a Value parsed from JSON and re-serialized via the canonical encoder produces the same bytes regardless of the original key order or whitespace.

  2. event_hash — domain-tagged, length-prefixed framing:

    event_hash = blake3(
    DOMAIN_TAG_EVENT_HASH                  // 1 byte: 0x01
 || prev_event_hash.len() as u64 (LE)      // 8 bytes
 || prev_event_hash bytes                  // 32 bytes (or 0 if genesis)
 || payload_hash.len() as u64 (LE)         // 8 bytes
 || payload_hash bytes                     // 32 bytes
)

§Why length-prefix + domain tag (T-1.B.6 — THREATS T-EV-5)

Without length prefixes, two distinct (prev, payload) splits could concatenate to the same byte string and collide. Example: prev = "AB", payload = "CD" vs prev = "ABC", payload = "D" both yield "ABCD". Length prefixes make the boundary unambiguous.

Without a domain tag, an event_hash byte string could be reinterpreted as some other domain’s hash input (e.g. an audit_hash) and collide cross-domain. The 1-byte DOMAIN_TAG_EVENT_HASH = 0x01 reserves a domain-separated input space; future domains take other tags (0x02 audit, 0x03 trace seal, …).

The framing_resists_boundary_confusion proptest (≥200 cases) asserts that no two distinct (prev, payload) pairs produce the same event_hash.

Constants§

DOMAIN_TAG_EVENT_HASH
Domain tag for event_hash framing. Reserved: 0x01.
HEX_HASH_LEN
Length-in-bytes of a hex-encoded BLAKE3 hash (32 bytes → 64 hex chars).

Functions§

canonical_payload_bytes
Canonical, deterministic JSON encoding of a payload Value.
event_hash
Compute event_hash for an event with the given previous hash and payload hash, both as hex strings.
payload_hash
BLAKE3 hash of the canonical payload bytes, hex-encoded.
seal
Recompute payload_hash and event_hash for an event in-place.