Skip to main content

saorsa_node/
attestation.rs

1//! Attestation security level detection.
2//!
3//! This module provides compile-time detection of the available attestation
4//! verification level based on enabled features.
5//!
6//! # Security Levels
7//!
8//! | Level | Feature | Security |
9//! |-------|---------|----------|
10//! | `Stark` | `zkvm-prover` | Post-quantum secure |
11//! | `Groth16` | `zkvm-verifier-groth16` | NOT post-quantum secure |
12//! | `None` | (no feature) | **NO CRYPTOGRAPHIC SECURITY** |
13//!
14//! # Usage
15//!
16//! ```rust,ignore
17//! use saorsa_node::attestation::VerificationLevel;
18//!
19//! match VerificationLevel::current() {
20//!     VerificationLevel::Stark => println!("Post-quantum secure"),
21//!     VerificationLevel::Groth16 => println!("WARNING: Not PQ-secure"),
22//!     VerificationLevel::None => panic!("NO SECURITY - mock verification only"),
23//! }
24//! ```
25
26use std::fmt;
27
28/// Attestation verification security level.
29///
30/// Determined at compile time based on enabled features.
31#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)]
32pub enum VerificationLevel {
33    /// No cryptographic verification available.
34    ///
35    /// **WARNING**: Proofs are accepted without any cryptographic validation.
36    /// This provides **ZERO SECURITY** and should never be used in production.
37    /// Enable `zkvm-prover` or `zkvm-verifier-groth16` feature for real verification.
38    None,
39
40    /// Groth16/PLONK verification via `sp1-verifier`.
41    ///
42    /// **WARNING**: Groth16 uses BN254 elliptic curves which are **NOT post-quantum secure**.
43    /// Suitable for applications where quantum resistance is not required.
44    Groth16,
45
46    /// STARK-based verification via `sp1-sdk`.
47    ///
48    /// Post-quantum secure verification using STARKs.
49    /// This is the recommended option for production deployments.
50    Stark,
51}
52
53impl VerificationLevel {
54    /// Get the current verification level based on compile-time features.
55    ///
56    /// Priority: `zkvm-prover` (Stark) > `zkvm-verifier-groth16` (Groth16) > None
57    #[must_use]
58    pub const fn current() -> Self {
59        #[cfg(feature = "zkvm-prover")]
60        {
61            Self::Stark
62        }
63
64        #[cfg(all(feature = "zkvm-verifier-groth16", not(feature = "zkvm-prover")))]
65        {
66            Self::Groth16
67        }
68
69        #[cfg(not(any(feature = "zkvm-prover", feature = "zkvm-verifier-groth16")))]
70        {
71            Self::None
72        }
73    }
74
75    /// Check if any cryptographic verification is available.
76    #[must_use]
77    pub const fn is_secure(&self) -> bool {
78        matches!(self, Self::Groth16 | Self::Stark)
79    }
80
81    /// Check if post-quantum secure verification is available.
82    #[must_use]
83    pub const fn is_pq_secure(&self) -> bool {
84        matches!(self, Self::Stark)
85    }
86
87    /// Get a human-readable description of the security level.
88    #[must_use]
89    pub const fn description(&self) -> &'static str {
90        match self {
91            Self::None => "NO CRYPTOGRAPHIC SECURITY (mock verification)",
92            Self::Groth16 => "Groth16 verification (NOT post-quantum secure)",
93            Self::Stark => "STARK verification (post-quantum secure)",
94        }
95    }
96
97    /// Get the required feature flag name for this level.
98    #[must_use]
99    pub const fn feature_name(&self) -> Option<&'static str> {
100        match self {
101            Self::None => None,
102            Self::Groth16 => Some("zkvm-verifier-groth16"),
103            Self::Stark => Some("zkvm-prover"),
104        }
105    }
106}
107
108impl fmt::Display for VerificationLevel {
109    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
110        write!(f, "{}", self.description())
111    }
112}
113
114#[cfg(test)]
115mod tests {
116    use super::*;
117
118    #[test]
119    fn test_verification_level_current() {
120        let level = VerificationLevel::current();
121
122        // The level depends on features, but we can verify it's valid
123        match level {
124            VerificationLevel::None => {
125                assert!(!level.is_secure());
126                assert!(!level.is_pq_secure());
127            }
128            VerificationLevel::Groth16 => {
129                assert!(level.is_secure());
130                assert!(!level.is_pq_secure());
131            }
132            VerificationLevel::Stark => {
133                assert!(level.is_secure());
134                assert!(level.is_pq_secure());
135            }
136        }
137    }
138
139    #[test]
140    fn test_verification_level_display() {
141        assert!(VerificationLevel::None.to_string().contains("NO"));
142        assert!(VerificationLevel::Groth16
143            .to_string()
144            .contains("NOT post-quantum"));
145        assert!(VerificationLevel::Stark
146            .to_string()
147            .contains("post-quantum secure"));
148    }
149
150    #[test]
151    fn test_feature_names() {
152        assert_eq!(VerificationLevel::None.feature_name(), None);
153        assert_eq!(
154            VerificationLevel::Groth16.feature_name(),
155            Some("zkvm-verifier-groth16")
156        );
157        assert_eq!(VerificationLevel::Stark.feature_name(), Some("zkvm-prover"));
158    }
159}