Normalize zk curve metadata in proof bundles and enforce consistency#267
Merged
kojibai merged 1 commit intocodex/implement-opengraph-image-rendering-for-verified-glyphs-zhhgfyfrom Jan 25, 2026
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 23ddb8687a
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Comment on lines
+320
to
+323
| const normalizedMeta: ZkMeta = { | ||
| ...zkMeta, | ||
| curve: normalizedCurve, | ||
| warnings: warnings.length ? warnings : undefined, |
There was a problem hiding this comment.
normalizeProofBundleZkCurves always overwrites zkMeta.curve with normalizedCurve, but normalizeZkCurve returns an empty string for whitespace-only values. If a bundle arrives with a blank zkProof.curve (e.g., user-provided payload) and a valid zkMeta.curve, this logic erases the usable curve and propagates "" into the bundle root. That can break any verifier that relies on zkMeta.curve when the proof object is incomplete. Consider treating empty/whitespace curves as absent (e.g., return undefined and skip the overwrite) before setting zkMeta.curve.
Useful? React with 👍 / 👎.
kojibai
merged commit f4a8587
into
codex/implement-opengraph-image-rendering-for-verified-glyphs-zhhgfy
2 checks passed
kojibai
added a commit
that referenced
this pull request
Jan 26, 2026
# Φ Network (PHI_NETWORK) — v42.0.0
**Release date:** 2026-01-25 (America/New_York)
**Baseline:** v41.2.0 (tag: `41.2.0`, commit: `f955135`) → HEAD :contentReference[oaicite:1]{index=1}
## Executive summary
v42.0.0 is a major capability release for the ΦNet Sovereign Gate focused on **shareable verification**, **receive-ownership**, and **offline-first integrity**. This release introduces a deterministic **VERIFIED OpenGraph (OG) card pipeline** (server-rendered + client fallback), adds a **receive ownership layer** (receive signature + owner ΦKey derivation + provenance handling), and hardens the verification bundle schema/hashing so **offline verification remains final and spoof-resistant**. :contentReference[oaicite:2]{index=2}
---
## Highlights
### 1) Deterministic VERIFIED OG cards + /og route (shareable verification)
- Added deterministic **VERIFIED OG card renderer**, **/og route**, SSR metadata, and a client download fallback. :contentReference[oaicite:3]{index=3}
- Hardened OG not-found handling + share text, and tightened OG metadata ordering for receive signatures. :contentReference[oaicite:4]{index=4}
- Added **verifiedAtPulse** to verified OG cards and added verification pulse into proof bundles so each verification is uniquely stamped. :contentReference[oaicite:5]{index=5}
### 2) Receive ownership layer (receiveSig + owner ΦKey derivation + provenance)
- Implemented a receive ownership layer including **receiveSig**, **owner ΦKey derivation**, and provenance handling. :contentReference[oaicite:6]{index=6}
- Fixed receive signature lookup issues and improved verification snapshot/KAS fallback behavior around receive flows. :contentReference[oaicite:7]{index=7}
- Allowed chained receives and surfaced owner ΦKey display. :contentReference[oaicite:8]{index=8}
### 3) Verifier artifact packaging (ZIP bundles) + segmented verification robustness
- Added **bundle ZIP downloads** for VerifierStamper receive + segment flows. :contentReference[oaicite:9]{index=9}
- Fixed segmented glyph verification and ensured archive-on-seal correctness; fixed sendLock typing when sealing segments. :contentReference[oaicite:10]{index=10}
### 4) Valuation integrity (minted snapshot + receipt binding) + receive USD chart correctness
- Minted valuation snapshot + bound it to receipts; fixed receive-signature bundle hash, and corrected USD chart behavior for receive glyphs. :contentReference[oaicite:11]{index=11}
### 5) SSR + offline-first performance (snapshot seeding/caching, preload/header, lazy-loading)
- SSR/offline: use `/` as shell, add SSR preloads/header, and lazy-load heavy browser libs. :contentReference[oaicite:12]{index=12}
- Added SSR snapshot seeding + caching and short-circuited SSR loaders when cached. :contentReference[oaicite:13]{index=13}
- Multiple Vercel SSR hardening iterations (render invocation, render fn signature, HTML fallback). :contentReference[oaicite:14]{index=14}
---
## Breaking changes / upgrade notes
- **Verification bundle schema** has been expanded/clarified with explicit binding fields (origin/receive mode, bundle hashes, receiveSig, receivePulse, ownerPhiKey, derivation, etc.). Consumers should treat the bundle as forward-compatible and prefer the explicit fields when present. :contentReference[oaicite:15]{index=15}
- Tooling note: repository package manager metadata was updated (`pnpm@10.28.1`) alongside related build metadata changes. :contentReference[oaicite:16]{index=16}
---
## Security & Integrity
- Hardened verification cache + receipts; tightened proof bundle contracts and normalized ZK curve metadata for consistency. :contentReference[oaicite:17]{index=17}
- Fixed verify bundle hash parity (including legacy proofs) and aligned ZK hash with payload hash. :contentReference[oaicite:18]{index=18}
- Persisted KAS author signatures in the sigil registry + hardened WebAuthn signing flows (PWA stability + cross-session recall). :contentReference[oaicite:19]{index=19}
---
## Performance & Reliability
- Improved SSR/offline shell behavior and lazy loading for heavier client libraries to reduce initial load and improve time-to-interactive without sacrificing offline operation. :contentReference[oaicite:20]{index=20}
- Fixed app loading issues on Vercel by correcting SSR invocation/signatures and HTML fallbacks. :contentReference[oaicite:21]{index=21}
- Mobile export hardening: fixed PNG export fidelity, ensured img onload is registered before src assignment, and clamped PNG export sizes for mobile constraints. :contentReference[oaicite:22]{index=22}
---
## Full “Today / last 24h” commit list (GitHub date buckets)
> Note: GitHub groups these as **Jan 25–26, 2026** (often UTC-skewed vs local time). :contentReference[oaicite:23]{index=23}
### Jan 26, 2026
- Merge PR #256 — Add deterministic VERIFIED OG card renderer, /og route, SSR meta, and client download fallback (`d646d44`) :contentReference[oaicite:24]{index=24}
- Merge PR #279 — Add bundle ZIP downloads for VerifierStamper receive and segment flows (`4cdfc14`) :contentReference[oaicite:25]{index=25}
- Add bundle zip downloads for verifier actions (`44b819e`) :contentReference[oaicite:26]{index=26}
- Merge PR #278 — Fix segmented glyph verification and archive on seal (`ba519b5`) :contentReference[oaicite:27]{index=27}
- update (`146ac52`) :contentReference[oaicite:28]{index=28}
- Fix sendLock type when sealing segments (`0027102`) :contentReference[oaicite:29]{index=29}
- Fix segmented glyph verification and archive on seal (`68edd9f`) :contentReference[oaicite:30]{index=30}
- Merge PR #273 — Mint valuation snapshot + bind to receipt; fix receive-signature bundle hash; USD chart for receive glyphs (`f7d225a`) :contentReference[oaicite:31]{index=31}
- Merge PR #276 — fix infinite receives and verification display (`2c73fde`) :contentReference[oaicite:32]{index=32}
- Merge PR #277 — fix unused variable warnings (`2a1994a`) :contentReference[oaicite:33]{index=33}
- update verifypage (`a66c624`) :contentReference[oaicite:34]{index=34}
- Use receive bundle hash from embedded proof (`eea658d`) :contentReference[oaicite:35]{index=35}
- Use receive bundle root and lock helper (`c94496f`) :contentReference[oaicite:36]{index=36}
### Jan 25, 2026
- Allow repeat receive claims per upload (`a5793b5`) :contentReference[oaicite:37]{index=37}
- Fix verify OG meta ordering for receive sig (`90b8572`) :contentReference[oaicite:38]{index=38}
- Allow chained receives and show owner PhiKey (`6872a65`) :contentReference[oaicite:39]{index=39}
- Merge PR #275 — Fix receive signature storage key mismatch (`fd528a3`) :contentReference[oaicite:40]{index=40}
- Fix receive signature lookup and USD chart scaling (`54b08ef`) :contentReference[oaicite:41]{index=41}
- Merge PR #274 — Fix TypeScript type errors on VerifyPage (`4d43a9f`) :contentReference[oaicite:42]{index=42}
- Tighten KAS author-sig fallback (`c66e34e`) :contentReference[oaicite:43]{index=43}
- Fix verification snapshot and KAS fallback (`8595b42`) :contentReference[oaicite:44]{index=44}
- Add receive-bound valuation and signature fixes (`fe54c2d`) :contentReference[oaicite:45]{index=45}
- Merge PR #272 — Add receive ownership layer: receiveSig, owner ΦKey derivation, and provenance handling (`4da37ea`) :contentReference[oaicite:46]{index=46}
- update verifypage fixed linter errors (`888515c`) :contentReference[oaicite:47]{index=47}
- Add receive ownership metadata and verification (`c6675aa`) :contentReference[oaicite:48]{index=48}
- Merge PR #270 — default cache version to verification_bundle_version (`d5c44d6`) :contentReference[oaicite:49]{index=49}
- Use verifier bundle version for cache fallback (`29fc43f`) :contentReference[oaicite:50]{index=50}
- Merge PR #268 — harden sigil proof bundle for invariants (`ec5f7cf`) :contentReference[oaicite:51]{index=51}
- Merge PR #269 — finalize verifier audit hardening (`8c8f218`) :contentReference[oaicite:52]{index=52}
- update verifier proof verifier stamper and verifypage for lint errrors (`fd80430`) :contentReference[oaicite:53]{index=53}
- Harden verification cache and receipts (`0ffd781`) :contentReference[oaicite:54]{index=54}
- Harden sigil proof bundle contracts (`beec7ed`) :contentReference[oaicite:55]{index=55}
- Merge PR #267 — fix proof bundle curve metadata consistency (`f4a8587`) :contentReference[oaicite:56]{index=56}
- Normalize zk curve metadata in proof bundles (`23ddb86`) :contentReference[oaicite:57]{index=57}
- Merge PR #266 — escape capsulehash in svg text (`04d9a92`) :contentReference[oaicite:58]{index=58}
- Merge PR #258 — fix corrupted PNG image on VerifyPage (`cabfee1`) :contentReference[oaicite:59]{index=59}
- Fix bundle hash parity and PNG filename (`674b964`) :contentReference[oaicite:60]{index=60}
- Fix bundle hash parity for legacy proofs (`9c96fcd`) :contentReference[oaicite:61]{index=61}
- Use phi.svg in verified card (`7db9cb2`) :contentReference[oaicite:62]{index=62}
- Fix VerifyPage pulse initialization (`ff4892f`) :contentReference[oaicite:63]{index=63}
- Fix verifier PNG download and unique URLs (`53b9812`) :contentReference[oaicite:64]{index=64}
- Fix PNG download handling (`21689a9`) :contentReference[oaicite:65]{index=65}
- Merge PR #257 — add verification timing marker to card (`0a908f0`) :contentReference[oaicite:66]{index=66}
- Fix verifiedAtPulse type in bundle seed (`47579f8`) :contentReference[oaicite:67]{index=67}
- Fix verification metadata order and OG description (`1c4ae9e`) :contentReference[oaicite:68]{index=68}
- Add verification pulse to proof bundles (`507e5a3`) :contentReference[oaicite:69]{index=69}
- Add verifiedAtPulse to verified OG cards (`bc30b46`) :contentReference[oaicite:70]{index=70}
- Add verified OG card rendering (`548f807`) :contentReference[oaicite:71]{index=71}
- create phi_og_verified_template (`2311fd6`) :contentReference[oaicite:72]{index=72}
- Preserve badge styles on button variants (`ea60d43`) + official seal popovers + copy refinements :contentReference[oaicite:73]{index=73}
- SSR fixes: render invocation/signature + loader declaration + caching short-circuit + HTML fallback :contentReference[oaicite:74]{index=74}
---
## Full changelog (since v41.2.0)
Baseline tag: `41.2.0` — “Bump app version to 41.2.0 and update sigil file naming” (`f955135`). :contentReference[oaicite:75]{index=75}
### v41.3.0 → v41.6.x (Jan 12–13)
- v41.3.0 Update build artifacts and SigilModal component (`e498c3f`) :contentReference[oaicite:76]{index=76}
- Bump app version to 41.5.0 and update Sigil file naming (`3c858ef`) :contentReference[oaicite:77]{index=77}
- v41.6.0 Update baseName format in SigilModal export (`e5fbe8a`) :contentReference[oaicite:78]{index=78}
- Store KAS auth in sigil registry (`fff9e79`) + Fix WebAuthn allowCredentials buffer (`464fd40`) :contentReference[oaicite:79]{index=79}
- Merge PR #226 — Persist KAS author signatures in sigil registry and harden WebAuthn signing (`87ff285`) :contentReference[oaicite:80]{index=80}
- Reload detection: Add reload detective and harden KaiVoh reload safety (`228a735`), PR #228 (`5d8c524`) :contentReference[oaicite:81]{index=81}
### v41.6.8 → v41.7.x (Jan 24)
- Merge PR #229 — implement SSR and optimize performance (`d96d955`) + SSR entrypoints/perf instrumentation (`ad71837`) :contentReference[oaicite:82]{index=82}
- Export + proof bundle: Enhance sigil export with proof bundle (`11e6433`), Match SigilPage export proof bundle to SealMoment (`aeb1339`), Align exported SVG hashing with verifier (`2602cdf`) :contentReference[oaicite:83]{index=83}
- Offline correctness: Ensure sigil page and exports work offline (`93ec687`), Keep JSZip bundled for offline exports (`7f1f2d0`) :contentReference[oaicite:84]{index=84}
- Mobile PNG stability: Clamp PNG export size for mobile (`c539f9c`), Fix fallback image loading (`6457adc`), Fix mobile PNG export fidelity (`56e6906`) :contentReference[oaicite:85]{index=85}
### v41.8.x → v41.9.x (Jan 25)
- SSR/offline hardening: PR #237 (`b56ad55`) + SSR snapshot cache/loader short-circuit (`2b36112`) + Vercel SSR invocation/signature fixes (`c17a987`, `8e55600`) :contentReference[oaicite:86]{index=86}
- Verify UX: live chart popover on verify price (`7c88c05`) + badge/seal popovers and copy updates :contentReference[oaicite:87]{index=87}
- Verified OG groundwork: create template (`2311fd6`), add verified OG rendering (`548f807`), add verification pulse fields (`507e5a3`, `bc30b46`) :contentReference[oaicite:88]{index=88}
- Hash parity hardening: multiple fixes for verify bundle hash parity + legacy proofs + PNG download correctness :contentReference[oaicite:89]{index=89}
### v41.9.9 → v42.0.0 (Jan 25–26)
- Receive ownership layer (PR #272) + receive valuation/signature correctness and chained-receive display improvements :contentReference[oaicite:90]{index=90}
- Valuation snapshot minting + receipt binding (PR #273) :contentReference[oaicite:91]{index=91}
- Segmented verification fixes (PR #278) + ZIP bundle downloads (PR #279) :contentReference[oaicite:92]{index=92}
- Deterministic VERIFIED OG cards end-to-end (PR #256) :contentReference[oaicite:93]{index=93}
---
## Credits
- Primary author: @kojibai :contentReference[oaicite:94]{index=94}
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation
zkMeta.curvecould disagree with the actualzkProof.curve(e.g.zkProofusesbn128butzkMeta.curvewasBLS12-381).bundleRootmirrors the normalized proof curve and surface a non-breaking warning when a correction is applied.Description
normalizeZkCurve(curve: string): ZkCurveto canonicalize common aliases (bn128,altbn128,bn254→bn128;bls12-381→BLS12-381) and left other values trimmed as-is, and introducedZkCurveunion type.normalizeProofBundleZkCurves({ zkProof, zkMeta })which normalizeszkProof.curve, enforceszkMeta.curveto match, and attaches an optionalzkMeta.warningsarray when a mismatch was corrected (warning string likecurve_mismatch_corrected: meta=BLS12-381 proof=bn128).buildBundleRoot()now runsnormalizeProofBundleZkCurvesand uses the normalizedzkProof/zkMetawhen producingbundleRootsobundleRootand top-level bundle fields are consistent.curve: "BLS12-381"defaults in meta builders and instead derive normalizedzkMetafrom the actualzkProofwhere present (applied inSigilModal.tsx,KaiVohApp.tsx,exportZip.ts).ZkMeta.curveandzkProof.curveshareZkCurve-compatible typing and addedwarnings?: string[]toZkMeta.proof bundle normalizes zk curve metadatatotests/sigil_bundle_pipeline.test.mjswhich builds a bundle withzkProof.curve="bn128"andzkMeta.curve="BLS12-381"and asserts all ofproofBundle,bundleRoot.zkMeta, andbundleRoot.zkProofuse the normalized value"bn128"and that the warning is present.src/components/KaiVoh/verifierProof.ts,src/components/SigilModal.tsx,src/components/KaiVoh/KaiVohApp.tsx,src/pages/SigilPage/exportZip.ts, andtests/sigil_bundle_pipeline.test.mjs.Testing
node --test tests/sigil_bundle_pipeline.test.mjs, which executed the existing bundle pipeline test and the new curve-normalization test; both subtests passed successfully.ZK_PUBLIC_INPUTS_CONTRACTinvariant remains unchanged and the original Groth16 verification test still passes in the pipeline test.Codex Task