Skip to main content

prism_verify/
lib.rs

1//! `prism_verify` — the Prism replay façade.
2//!
3//! This crate is the Rust realization of the **`prism-verify`** container
4//! of the Prism system specified by the [UOR-Framework wiki][wiki]. It is
5//! a thin verification surface that re-exports
6//! [`certify_from_trace`] from [`prism`], [`Certified`] from `prism`,
7//! and the trace and certificate wire-format types from
8//! [`uor_foundation`]. Verification consumers depend on this crate
9//! alone, never on the runtime; this preserves TC-06 (no
10//! application-author infrastructure) and minimizes the verifier's
11//! attack surface and dependency footprint.
12//!
13//! The façade is genuinely thin: every item in this crate's API is a
14//! re-export of an item defined elsewhere in the architecture. The
15//! crate adds zero behavior; it adds a *namespace*.
16//!
17//! The crate is published to crates.io under the package name
18//! [`uor-prism-verify`](https://crates.io/crates/uor-prism-verify); the
19//! library name is `prism_verify` so that import paths track wiki
20//! nomenclature (`use prism_verify::certify_from_trace;`).
21//!
22//! # See also
23//!
24//! - [Wiki: 01 Introduction and Goals](https://github.com/UOR-Foundation/UOR-Framework/wiki/01-Introduction-and-Goals)
25//! - [Wiki: 03 Context and Scope](https://github.com/UOR-Foundation/UOR-Framework/wiki/03-Context-and-Scope)
26//! - [Wiki: 05 Building Block View § Whitebox `prism-verify`](https://github.com/UOR-Foundation/UOR-Framework/wiki/05-Building-Block-View#whitebox-prism-verify)
27//! - [Wiki: 06 Runtime View § Scenario 2: Trace-Replay Verification](https://github.com/UOR-Foundation/UOR-Framework/wiki/06-Runtime-View#scenario-2-trace-replay-verification)
28//! - [Wiki: 12 Glossary § Term Definitions](https://github.com/UOR-Foundation/UOR-Framework/wiki/12-Glossary#term-definitions)
29//! - [Wiki: Conceptual Model § SD3 Verification](https://github.com/UOR-Foundation/UOR-Framework/wiki/Conceptual-Model#sd3-verification) — OPM statement of the verification process this façade enacts
30//! - [Wiki: Conceptual Model § SD5 Distribute And Run](https://github.com/UOR-Foundation/UOR-Framework/wiki/Conceptual-Model#sd5-distribute-and-run) — `Verification` is the second of the two user-handled processes in SD5 (after `Execution`); this façade is the user-side surface that realizes it
31//!
32//! # Constraints
33//!
34//! This crate is normatively bound by:
35//!
36//! - **TC-05** — replayability of the principal data path without
37//!   invoking author deciders or hash functions; this façade is the
38//!   user-facing surface of that property
39//! - **TC-06** — verification proceeds without any application-author
40//!   infrastructure
41//! - **QS-03** — local verification: this crate is the dependency
42//!   verification consumers pin, exposing nothing beyond the surface
43//!   needed to re-derive a `Certified<GroundingCertificate>` from a
44//!   `Trace`
45//! - **QS-05** — replay equivalence: the round-trip produces a
46//!   bit-identical certificate
47//! - **ADR-019** — this façade exposes the **anamorphism** dual to
48//!   `pipeline::run`'s catamorphism. Together the catamorphism +
49//!   anamorphism form Prism's hylomorphism (per ADR-021), and the
50//!   trace is the round-trip witness object
51//!
52//! # C4 placement
53//!
54//! Container `prism-verify` (Level 2) of the Prism system. Its
55//! components mirror the Level 2 building blocks described in the
56//! wiki's [Building Block View § Whitebox `prism-verify`][05-verify]:
57//! the re-export of `certify_from_trace`, the re-export of `Certified`,
58//! and the re-exports of foundation wire-format types.
59//!
60//! # Behavior
61//!
62//! ```rust
63//! // Given: an empty Trace (the simplest deterministic verifier input)
64//! // When:  certify_from_trace is invoked on it
65//! // Then:  the structural validator rejects with ReplayError::EmptyTrace,
66//! //        proving that the façade's certify_from_trace, ReplayError,
67//! //        and Trace re-exports are wired correctly together
68//! use prism_verify::{certify_from_trace, ReplayError, Trace};
69//! let trace: Trace = Trace::empty();
70//! assert!(matches!(certify_from_trace(&trace), Err(ReplayError::EmptyTrace)));
71//! ```
72//!
73//! [wiki]: https://github.com/UOR-Foundation/UOR-Framework/wiki
74//! [05-verify]: https://github.com/UOR-Foundation/UOR-Framework/wiki/05-Building-Block-View#whitebox-prism-verify
75
76#![no_std]
77#![cfg_attr(docsrs, feature(doc_cfg))]
78
79pub use prism;
80pub use uor_foundation;
81
82// The verifier API: one function and its companion result types.
83pub use prism::replay::certify_from_trace;
84pub use prism::seal::Certified;
85
86// Wire-format types the verifier consumes and emits, plus the
87// substitution axes a verifier instantiates them at. `HostBounds`
88// carries the capacity constants that used to be free `pub const`s in
89// foundation 0.3.0 (`TRACE_MAX_EVENTS` is now
90// `<B as HostBounds>::TRACE_MAX_EVENTS`).
91pub use uor_foundation::{
92    ContentFingerprint, DefaultHostBounds, GroundingCertificate, HostBounds, ReplayError, Trace,
93    TraceEvent, TRACE_REPLAY_FORMAT_VERSION,
94};
95
96/// Canonical URL of the UOR-Framework wiki, the normative source for the
97/// Prism architecture realized by this façade.
98///
99/// Re-exported from [`prism::WIKI`] so that verification consumers who
100/// depend on this façade alone can still surface the architectural
101/// origin without a transitive dependency declaration.
102///
103/// # See also
104///
105/// - [Wiki: Home](https://github.com/UOR-Foundation/UOR-Framework/wiki)
106///
107/// # Constraints
108///
109/// - **CV-02** — code identifiers appear in monospace without paraphrase
110///
111/// # Behavior
112///
113/// ```rust
114/// // Given: prism_verify is loaded
115/// // When:  the wiki URL is queried through the façade
116/// // Then:  it equals the same constant as on the runtime crate
117/// assert_eq!(prism_verify::WIKI, prism::WIKI);
118/// ```
119pub const WIKI: &str = prism::WIKI;