Mint valuation snapshot + bind to receipt; fix receive-signature bundle hash; USD chart for receive glyphs#273
Merged
kojibai merged 14 commits intocodex/implement-opengraph-image-rendering-for-verified-glyphs-zhhgfyfrom Jan 26, 2026
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: fe54c2d9e6
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
…-on-verifypage Fix verification snapshot typing, KAS author-sig fallback, and receive bundle hashing
…age-key-mismatch Fix receive signature lookup and USD chart scaling
Use receive bundle root and consolidate receive lock checks
…verification-display Allow chained receives and surface owner ΦKey on verify page
kojibai
merged commit f7d225a
into
codex/implement-opengraph-image-rendering-for-verified-glyphs-zhhgfy
1 of 2 checks passed
kojibai
added a commit
that referenced
this pull request
Jan 26, 2026
# Φ Network (PHI_NETWORK) — v42.0.0
**Release date:** 2026-01-25 (America/New_York)
**Baseline:** v41.2.0 (tag: `41.2.0`, commit: `f955135`) → HEAD :contentReference[oaicite:1]{index=1}
## Executive summary
v42.0.0 is a major capability release for the ΦNet Sovereign Gate focused on **shareable verification**, **receive-ownership**, and **offline-first integrity**. This release introduces a deterministic **VERIFIED OpenGraph (OG) card pipeline** (server-rendered + client fallback), adds a **receive ownership layer** (receive signature + owner ΦKey derivation + provenance handling), and hardens the verification bundle schema/hashing so **offline verification remains final and spoof-resistant**. :contentReference[oaicite:2]{index=2}
---
## Highlights
### 1) Deterministic VERIFIED OG cards + /og route (shareable verification)
- Added deterministic **VERIFIED OG card renderer**, **/og route**, SSR metadata, and a client download fallback. :contentReference[oaicite:3]{index=3}
- Hardened OG not-found handling + share text, and tightened OG metadata ordering for receive signatures. :contentReference[oaicite:4]{index=4}
- Added **verifiedAtPulse** to verified OG cards and added verification pulse into proof bundles so each verification is uniquely stamped. :contentReference[oaicite:5]{index=5}
### 2) Receive ownership layer (receiveSig + owner ΦKey derivation + provenance)
- Implemented a receive ownership layer including **receiveSig**, **owner ΦKey derivation**, and provenance handling. :contentReference[oaicite:6]{index=6}
- Fixed receive signature lookup issues and improved verification snapshot/KAS fallback behavior around receive flows. :contentReference[oaicite:7]{index=7}
- Allowed chained receives and surfaced owner ΦKey display. :contentReference[oaicite:8]{index=8}
### 3) Verifier artifact packaging (ZIP bundles) + segmented verification robustness
- Added **bundle ZIP downloads** for VerifierStamper receive + segment flows. :contentReference[oaicite:9]{index=9}
- Fixed segmented glyph verification and ensured archive-on-seal correctness; fixed sendLock typing when sealing segments. :contentReference[oaicite:10]{index=10}
### 4) Valuation integrity (minted snapshot + receipt binding) + receive USD chart correctness
- Minted valuation snapshot + bound it to receipts; fixed receive-signature bundle hash, and corrected USD chart behavior for receive glyphs. :contentReference[oaicite:11]{index=11}
### 5) SSR + offline-first performance (snapshot seeding/caching, preload/header, lazy-loading)
- SSR/offline: use `/` as shell, add SSR preloads/header, and lazy-load heavy browser libs. :contentReference[oaicite:12]{index=12}
- Added SSR snapshot seeding + caching and short-circuited SSR loaders when cached. :contentReference[oaicite:13]{index=13}
- Multiple Vercel SSR hardening iterations (render invocation, render fn signature, HTML fallback). :contentReference[oaicite:14]{index=14}
---
## Breaking changes / upgrade notes
- **Verification bundle schema** has been expanded/clarified with explicit binding fields (origin/receive mode, bundle hashes, receiveSig, receivePulse, ownerPhiKey, derivation, etc.). Consumers should treat the bundle as forward-compatible and prefer the explicit fields when present. :contentReference[oaicite:15]{index=15}
- Tooling note: repository package manager metadata was updated (`pnpm@10.28.1`) alongside related build metadata changes. :contentReference[oaicite:16]{index=16}
---
## Security & Integrity
- Hardened verification cache + receipts; tightened proof bundle contracts and normalized ZK curve metadata for consistency. :contentReference[oaicite:17]{index=17}
- Fixed verify bundle hash parity (including legacy proofs) and aligned ZK hash with payload hash. :contentReference[oaicite:18]{index=18}
- Persisted KAS author signatures in the sigil registry + hardened WebAuthn signing flows (PWA stability + cross-session recall). :contentReference[oaicite:19]{index=19}
---
## Performance & Reliability
- Improved SSR/offline shell behavior and lazy loading for heavier client libraries to reduce initial load and improve time-to-interactive without sacrificing offline operation. :contentReference[oaicite:20]{index=20}
- Fixed app loading issues on Vercel by correcting SSR invocation/signatures and HTML fallbacks. :contentReference[oaicite:21]{index=21}
- Mobile export hardening: fixed PNG export fidelity, ensured img onload is registered before src assignment, and clamped PNG export sizes for mobile constraints. :contentReference[oaicite:22]{index=22}
---
## Full “Today / last 24h” commit list (GitHub date buckets)
> Note: GitHub groups these as **Jan 25–26, 2026** (often UTC-skewed vs local time). :contentReference[oaicite:23]{index=23}
### Jan 26, 2026
- Merge PR #256 — Add deterministic VERIFIED OG card renderer, /og route, SSR meta, and client download fallback (`d646d44`) :contentReference[oaicite:24]{index=24}
- Merge PR #279 — Add bundle ZIP downloads for VerifierStamper receive and segment flows (`4cdfc14`) :contentReference[oaicite:25]{index=25}
- Add bundle zip downloads for verifier actions (`44b819e`) :contentReference[oaicite:26]{index=26}
- Merge PR #278 — Fix segmented glyph verification and archive on seal (`ba519b5`) :contentReference[oaicite:27]{index=27}
- update (`146ac52`) :contentReference[oaicite:28]{index=28}
- Fix sendLock type when sealing segments (`0027102`) :contentReference[oaicite:29]{index=29}
- Fix segmented glyph verification and archive on seal (`68edd9f`) :contentReference[oaicite:30]{index=30}
- Merge PR #273 — Mint valuation snapshot + bind to receipt; fix receive-signature bundle hash; USD chart for receive glyphs (`f7d225a`) :contentReference[oaicite:31]{index=31}
- Merge PR #276 — fix infinite receives and verification display (`2c73fde`) :contentReference[oaicite:32]{index=32}
- Merge PR #277 — fix unused variable warnings (`2a1994a`) :contentReference[oaicite:33]{index=33}
- update verifypage (`a66c624`) :contentReference[oaicite:34]{index=34}
- Use receive bundle hash from embedded proof (`eea658d`) :contentReference[oaicite:35]{index=35}
- Use receive bundle root and lock helper (`c94496f`) :contentReference[oaicite:36]{index=36}
### Jan 25, 2026
- Allow repeat receive claims per upload (`a5793b5`) :contentReference[oaicite:37]{index=37}
- Fix verify OG meta ordering for receive sig (`90b8572`) :contentReference[oaicite:38]{index=38}
- Allow chained receives and show owner PhiKey (`6872a65`) :contentReference[oaicite:39]{index=39}
- Merge PR #275 — Fix receive signature storage key mismatch (`fd528a3`) :contentReference[oaicite:40]{index=40}
- Fix receive signature lookup and USD chart scaling (`54b08ef`) :contentReference[oaicite:41]{index=41}
- Merge PR #274 — Fix TypeScript type errors on VerifyPage (`4d43a9f`) :contentReference[oaicite:42]{index=42}
- Tighten KAS author-sig fallback (`c66e34e`) :contentReference[oaicite:43]{index=43}
- Fix verification snapshot and KAS fallback (`8595b42`) :contentReference[oaicite:44]{index=44}
- Add receive-bound valuation and signature fixes (`fe54c2d`) :contentReference[oaicite:45]{index=45}
- Merge PR #272 — Add receive ownership layer: receiveSig, owner ΦKey derivation, and provenance handling (`4da37ea`) :contentReference[oaicite:46]{index=46}
- update verifypage fixed linter errors (`888515c`) :contentReference[oaicite:47]{index=47}
- Add receive ownership metadata and verification (`c6675aa`) :contentReference[oaicite:48]{index=48}
- Merge PR #270 — default cache version to verification_bundle_version (`d5c44d6`) :contentReference[oaicite:49]{index=49}
- Use verifier bundle version for cache fallback (`29fc43f`) :contentReference[oaicite:50]{index=50}
- Merge PR #268 — harden sigil proof bundle for invariants (`ec5f7cf`) :contentReference[oaicite:51]{index=51}
- Merge PR #269 — finalize verifier audit hardening (`8c8f218`) :contentReference[oaicite:52]{index=52}
- update verifier proof verifier stamper and verifypage for lint errrors (`fd80430`) :contentReference[oaicite:53]{index=53}
- Harden verification cache and receipts (`0ffd781`) :contentReference[oaicite:54]{index=54}
- Harden sigil proof bundle contracts (`beec7ed`) :contentReference[oaicite:55]{index=55}
- Merge PR #267 — fix proof bundle curve metadata consistency (`f4a8587`) :contentReference[oaicite:56]{index=56}
- Normalize zk curve metadata in proof bundles (`23ddb86`) :contentReference[oaicite:57]{index=57}
- Merge PR #266 — escape capsulehash in svg text (`04d9a92`) :contentReference[oaicite:58]{index=58}
- Merge PR #258 — fix corrupted PNG image on VerifyPage (`cabfee1`) :contentReference[oaicite:59]{index=59}
- Fix bundle hash parity and PNG filename (`674b964`) :contentReference[oaicite:60]{index=60}
- Fix bundle hash parity for legacy proofs (`9c96fcd`) :contentReference[oaicite:61]{index=61}
- Use phi.svg in verified card (`7db9cb2`) :contentReference[oaicite:62]{index=62}
- Fix VerifyPage pulse initialization (`ff4892f`) :contentReference[oaicite:63]{index=63}
- Fix verifier PNG download and unique URLs (`53b9812`) :contentReference[oaicite:64]{index=64}
- Fix PNG download handling (`21689a9`) :contentReference[oaicite:65]{index=65}
- Merge PR #257 — add verification timing marker to card (`0a908f0`) :contentReference[oaicite:66]{index=66}
- Fix verifiedAtPulse type in bundle seed (`47579f8`) :contentReference[oaicite:67]{index=67}
- Fix verification metadata order and OG description (`1c4ae9e`) :contentReference[oaicite:68]{index=68}
- Add verification pulse to proof bundles (`507e5a3`) :contentReference[oaicite:69]{index=69}
- Add verifiedAtPulse to verified OG cards (`bc30b46`) :contentReference[oaicite:70]{index=70}
- Add verified OG card rendering (`548f807`) :contentReference[oaicite:71]{index=71}
- create phi_og_verified_template (`2311fd6`) :contentReference[oaicite:72]{index=72}
- Preserve badge styles on button variants (`ea60d43`) + official seal popovers + copy refinements :contentReference[oaicite:73]{index=73}
- SSR fixes: render invocation/signature + loader declaration + caching short-circuit + HTML fallback :contentReference[oaicite:74]{index=74}
---
## Full changelog (since v41.2.0)
Baseline tag: `41.2.0` — “Bump app version to 41.2.0 and update sigil file naming” (`f955135`). :contentReference[oaicite:75]{index=75}
### v41.3.0 → v41.6.x (Jan 12–13)
- v41.3.0 Update build artifacts and SigilModal component (`e498c3f`) :contentReference[oaicite:76]{index=76}
- Bump app version to 41.5.0 and update Sigil file naming (`3c858ef`) :contentReference[oaicite:77]{index=77}
- v41.6.0 Update baseName format in SigilModal export (`e5fbe8a`) :contentReference[oaicite:78]{index=78}
- Store KAS auth in sigil registry (`fff9e79`) + Fix WebAuthn allowCredentials buffer (`464fd40`) :contentReference[oaicite:79]{index=79}
- Merge PR #226 — Persist KAS author signatures in sigil registry and harden WebAuthn signing (`87ff285`) :contentReference[oaicite:80]{index=80}
- Reload detection: Add reload detective and harden KaiVoh reload safety (`228a735`), PR #228 (`5d8c524`) :contentReference[oaicite:81]{index=81}
### v41.6.8 → v41.7.x (Jan 24)
- Merge PR #229 — implement SSR and optimize performance (`d96d955`) + SSR entrypoints/perf instrumentation (`ad71837`) :contentReference[oaicite:82]{index=82}
- Export + proof bundle: Enhance sigil export with proof bundle (`11e6433`), Match SigilPage export proof bundle to SealMoment (`aeb1339`), Align exported SVG hashing with verifier (`2602cdf`) :contentReference[oaicite:83]{index=83}
- Offline correctness: Ensure sigil page and exports work offline (`93ec687`), Keep JSZip bundled for offline exports (`7f1f2d0`) :contentReference[oaicite:84]{index=84}
- Mobile PNG stability: Clamp PNG export size for mobile (`c539f9c`), Fix fallback image loading (`6457adc`), Fix mobile PNG export fidelity (`56e6906`) :contentReference[oaicite:85]{index=85}
### v41.8.x → v41.9.x (Jan 25)
- SSR/offline hardening: PR #237 (`b56ad55`) + SSR snapshot cache/loader short-circuit (`2b36112`) + Vercel SSR invocation/signature fixes (`c17a987`, `8e55600`) :contentReference[oaicite:86]{index=86}
- Verify UX: live chart popover on verify price (`7c88c05`) + badge/seal popovers and copy updates :contentReference[oaicite:87]{index=87}
- Verified OG groundwork: create template (`2311fd6`), add verified OG rendering (`548f807`), add verification pulse fields (`507e5a3`, `bc30b46`) :contentReference[oaicite:88]{index=88}
- Hash parity hardening: multiple fixes for verify bundle hash parity + legacy proofs + PNG download correctness :contentReference[oaicite:89]{index=89}
### v41.9.9 → v42.0.0 (Jan 25–26)
- Receive ownership layer (PR #272) + receive valuation/signature correctness and chained-receive display improvements :contentReference[oaicite:90]{index=90}
- Valuation snapshot minting + receipt binding (PR #273) :contentReference[oaicite:91]{index=91}
- Segmented verification fixes (PR #278) + ZIP bundle downloads (PR #279) :contentReference[oaicite:92]{index=92}
- Deterministic VERIFIED OG cards end-to-end (PR #256) :contentReference[oaicite:93]{index=93}
---
## Credits
- Primary author: @kojibai :contentReference[oaicite:94]{index=94}
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation
verifiedAtPulseso Φ/USD values cannot be swapped after export.receiveBundleHashthat is persisted and later verified.Description
KVS-1) and helpers insrc/utils/valuationSnapshot.tsand compute a frozen snapshot inVerifyPage.tsxkeyed by(bundleHash, verifiedAtPulse); computevaluationHashviahashValuationSnapshotand include both snapshot andvaluationHashin theVerificationReceiptandVerifiedCardData.VerificationReceipt(KVR-1) to optionally carryvaluationandvaluationHash, updatehashVerificationReceipt/assertReceiptHashMatchto validate the valuation binding, and add tests that verify receipt hashing/validation changes when valuation changes.buildReceiveBundleRoot/hashReceiveBundleRoot) insrc/utils/receiveBundle.ts, and change receive flows to follow a two-phase pattern: (A) computereceiveBundleHashfrom the final receive bundle root, then (B) build areceiveWebAuthn challenge using thatreceiveBundleHashand sign it; apply this inVerifyPage.tsxandVerifierStamper.tsxso storedreceiveSig.binds.bundleHash === receiveBundleHashandreceiveBundleHashis persisted.VerifyPage.tsxby recomputingreceiveBundleRootand assertinghashReceiveBundleRoot(receiveBundleRoot) === receiveBundleHashbefore derivingownerPhiKey, and require thereceiveSigchallenge to match the samereceiveBundleHash.isReceiveGlyphinVerifyPage.tsx(legacy-safe signals includemode === "receive", presence ofreceiveSig,originBundleHash, orownerPhiKey), default chart focus to USD for receive glyphs, and feeduseRollingChartSeriesa USD-valued series (phiStatic * usdPerPhi) for receive glyphs while keeping origin glyphs on Φ; adddataUnithandling inLiveChartto accept USD-native series.src/og/buildVerifiedCardSvg.tsand extendsrc/og/types.ts/src/og/capsuleStore.tsto carry valuation; embed compact audit JSON into SVG metadata includingreceiptHash,valuationSnapshot,valuationHash,bundleHash,zkPoseidonHash, andverifiedAtPulse.src/utils/receiveBundle.ts,src/utils/valuationSnapshot.ts, unit teststests/valuation_snapshot.test.mjs, and extendtests/verification_receipt.test.mjsandtests/receive_bundle.test.mjsto cover valuation hashing, receipt validation with valuation, and receive-bundle-to-challenge binding.Testing
node --testwithtests/verification_receipt.test.mjs,tests/receive_bundle.test.mjs, andtests/valuation_snapshot.test.mjs, and all tests passed.hashVerificationReceiptchanges when valuation changes, thatassertReceiptHashMatchrejects mismatchedvaluationHash, and that receive signature challenges bind to computedreceiveBundleHashand fail when using the wrong hash.buildVerifiedCardSvgwas updated to include minted Φ and USD labels and audit metadata so programmatic PNG/SVG exports will carry the snapshot and hash (visual browser preview not required for CI tests).Codex Task