Crate enfinitos_auditor 

enfinitos_auditor

EnfinitOS Auditor / Verifier SDK — Rust port of the reference [@enfinitos/sdk-auditor] TypeScript implementation. The wire shapes, canonicalisation rules, and verification semantics are deliberately identical: a regulator auditing the same proof pack with either SDK MUST get the same VALID/INVALID verdict on every step.

Trust model

EnfinitOS issues signed evidence as part of every spatial-chain run: a proof receipt for every render, a metering summary projecting those proofs into billable units, and a settlement summary reconciling those units into invoiced amounts.

The trust model is “don’t trust us — verify”:

1. Every record is Ed25519-signed.
2. Every proof receipt carries before_hash / after_hash so the chain detects single-record tampering.
3. Metering is a deterministic projection of proof.
4. Settlement is a deterministic projection of metering.
5. The auditor SDK ships the same canonical-JSON encoder, projection formulae, and signature primitives, and so re-derives every claim the platform makes.

The Rust crate is offline-first by design: it does not pull in an HTTP client. Callers feed in a VerificationKey set they’ve pinned themselves (the regulator audit posture).

Example

use enfinitos_auditor::{Auditor, AuditBundle, SignedProofPack, VerificationKey};
use std::fs;

let pack_json = fs::read_to_string("pack.json").unwrap();
let pack: SignedProofPack = serde_json::from_str(&pack_json).unwrap();

let keys_json = fs::read_to_string("keys.json").unwrap();
let keys: Vec<VerificationKey> = serde_json::from_str(&keys_json).unwrap();

let auditor = Auditor::new(keys);
let report = auditor.verify_all(&AuditBundle {
    pack,
    metering: None,
    settlement: None,
});
println!("verdict: {:?}", report.status);

Re-exports

pub use auditor::Auditor;

pub use errors::AuditorError;

pub use errors::AuditorErrorCode;

pub use keys::KeyDirectory;

pub use tenant_chain::canonicalise_tenant_chain_link;

pub use tenant_chain::genesis_chain_tip;

pub use tenant_chain::verify_tenant_chain;

pub use tenant_chain::TenantChainedRecord;

pub use tenant_chain::TENANT_CHAIN_VERSION;

pub use types::AuditBundle;

pub use types::AuditReasonCode;

pub use types::AuditReport;

pub use types::AuditStep;

pub use types::AuditStepKind;

pub use types::AuditStepStatus;

pub use types::ChainAuditReport;

pub use types::EnvelopeVersion;

pub use types::FullAuditReport;

pub use types::KeysSnapshot;

pub use types::MeterRecord;

pub use types::MeterStatus;

pub use types::MeterUnitType;

pub use types::MeteringSummary;

pub use types::ProjectionAuditReport;

pub use types::ProofPack;

pub use types::ProofReceiptPayload;

pub use types::ProofRecord;

pub use types::SettlementAuditReport;

pub use types::SettlementLine;

pub use types::SettlementPartyRole;

pub use types::SettlementStatus;

pub use types::SettlementSummary;

pub use types::SettlementTotals;

pub use types::SignatureAlgorithm;

pub use types::SignedProofPack;

pub use types::VerificationKey;

pub use types::SDK_VERSION;

pub use types::SUPPORTED_ENVELOPE_VERSIONS;

pub use types::SUPPORTED_SIGNATURE_ALGORITHMS;

Modules

auditor

Top-level Auditor facade — composes signature, chain, metering, and settlement verification behind one method. Offline-first: keys must be supplied at construction.

canonical_json

Canonical JSON encoder — byte-exact parity with the TS/Py ports.

errors

Typed error envelope. Mirrors the TS/Py shape: audit failures stay inside the report; operational errors raise this type.

hashing

sha256 helpers — same three flavours as the TS/Py ports.

keys

Verification key directory. Offline-first: callers feed in keys they’ve pinned themselves, or supply a snapshot loaded from JSON.

metering_audit

Metering re-projection audit. Mirrors the TS/Py meterAudit.

proof_chain

Proof-chain walking + continuity verification.

proof_pack

Proof pack parsing + per-record signature verification.

settlement_audit

Settlement reconciliation audit.

tenant_chain

Tenant-level chain verification — Wave 27 / pre-pilot punch #1 Phase 4.

types

Wire + domain types. Mirrors the TypeScript and Python ports field-for-field. Serde-rename attributes keep the on-disk JSON keys identical to the platform’s canonical shape.