Struct TemporalProof 

pub struct TemporalProof {
    pub mac: [u8; 32],
    pub nonce: [u8; 32],
    pub prev_mac: [u8; 32],
}

A temporal proof with verifiable freshness, recency, and ordering.

What this proves

1. Integrity, the ciphertext and entropy snapshot have not been modified since the proof was created.
2. Freshness, the proof was created after the verifier issued its challenge nonce (prevents replay).
3. Recency, the claimed ε.timestamp is within max_drift of the verifier’s clock at verification time.
4. Ordering, if prev_mac is non-genesis, this proof was created after the proof whose MAC it references.

How it works

commit_key = KK-KDF(shared_secret, ε.bytes, "KK-commit-v1")
message    = nonce || prev_mac || ε.bytes || ε.timestamp || ciphertext
mac        = KK-MAC-with-entropy(commit_key, message, ε.bytes)

The MAC runs on a sponge whose rotation schedule is derived from ε.bytes, the permutation structure itself is temporal, not just the data flowing through it.

Protocol

Verifier ──── challenge nonce ──→ Prover
Prover   ──── KkBoundPacket   ──→ Verifier
Verifier checks: MAC ✓  epoch ✓  nonce ✓  chain ✓

Fields

mac: [u8; 32]

MAC binding nonce + chain + entropy + ciphertext.

nonce: [u8; 32]

Verifier-supplied freshness nonce (prevents replay).

prev_mac: [u8; 32]

MAC of the previous proof in the chain (GENESIS_MAC for the first).

Implementations

impl TemporalProof

pub const BYTES: usize = 96

Serialized size in bytes: 32 (mac) + 32 (nonce) + 32 (prev_mac).

pub fn to_bytes(&self) -> Vec<u8>

pub fn from_bytes(data: &[u8]) -> Result<Self>

Trait Implementations

impl Clone for TemporalProof

fn clone(&self) -> TemporalProof

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for TemporalProof

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.