tscrypto

package

v0.3.0-rc1 Latest Latest Go to latest Published: Apr 15, 2026 License: MIT Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/truestamp/truestamp-cli

Links

Open Source Insights

Documentation ¶

Overview ¶

Package tscrypto implements the Truestamp-specific cryptographic primitives used by proofs: SHA-256 with one-byte domain-separation prefixes (see docs/CRYPTOGRAPHY.md in truestamp-v2 for the prefix registry) and Ed25519 signature verification.

Index ¶

Constants
func BuildCompactProofPayload(version byte, keyIDHex string, timestampMs uint64, ...) ([]byte, error)
func BytesToHex(b []byte) string
func ComputeBlockHash(id, prevHashHex, merkleRootHex, metadataHashHex, signingKeyIDHex string) (string, error)
func ComputeCommitmentDataHash(jcsBytes []byte) string
func ComputeCommitmentHash(id, commitmentDataHashHex, ownerID, signingKeyIDHex string) (string, error)
func ComputeEntropyHash(jcsBytes []byte) string
func ComputeEntropyMetadataHash(jcsBytes []byte) string
func ComputeItemHash(id, claimsHashHex, metadataHashHex, signingKeyIDHex string) (string, error)
func ComputeKeyID(pubkey []byte) string
func ComputeObservationHash(id, entropyHashHex, metadataHashHex, signingKeyIDHex string) (string, error)
func ComputeProofHash(version byte, keyIDHex, subjectHashHex string, ...) (string, []byte, error)
func DecodeCompactMerkleProof(base64urlProof string) ([]string, error)
func DecodePublicKey(b64 string) (ed25519.PublicKey, error)
func DomainHash(prefix byte, data []byte) []byte
func ExtractULIDTimestamp(id string) (time.Time, error)
func ExtractUUIDv7Timestamp(id string) (time.Time, error)
func FormatBlockTime(blockID string) string
func FormatItemTime(itemID string) string
func HexEqual(a, b string) bool
func HexToBytes(h string) ([]byte, error)
func LenPrefix(data []byte) []byte
func ValidateClaimsHash(hash, hashType string) error
func VerifyEd25519(hashBytes []byte, signatureB64 string, pubkey ed25519.PublicKey) (bool, error)
func VerifyMerkleProof(itemHashHex string, proof []string, expectedRootHex string) (bool, error)

Constants ¶

View Source

const (
	PrefixMerkleLeaf      = 0x00
	PrefixMerkleInternal  = 0x01
	PrefixItemClaims      = 0x11
	PrefixItemMetadata    = 0x12
	PrefixItemHash        = 0x13
	PrefixEntropy         = 0x21
	PrefixEntropyMetadata = 0x22
	PrefixObservationHash = 0x23
	PrefixBlockMetadata   = 0x33
	PrefixBlockHash       = 0x32
	PrefixCommitmentData  = 0x34
	PrefixCommitmentHash  = 0x35
	PrefixKeyID           = 0x51
	PrefixProofHash       = 0x61
)

Domain separation prefix bytes per docs/CRYPTOGRAPHY.md.

Variables ¶

This section is empty.

Functions ¶

func BuildCompactProofPayload ¶

func BuildCompactProofPayload(version byte, keyIDHex string, timestampMs uint64, subjectHashHex, blockHashHex string, epochRootHexes []string) ([]byte, error)

BuildCompactProofPayload builds the new compact proof signature payload: version(1) || key_id(4) || timestamp(8) || subject_hash(32) || block_hash(32) || N(2) || epoch_roots(32*N) Then computes SHA256(0x61 || payload) for Ed25519 verification. Returns the raw hash bytes (for signature verification).

func BytesToHex ¶

func BytesToHex(b []byte) string

BytesToHex encodes bytes to lowercase hex string.

func ComputeBlockHash ¶

func ComputeBlockHash(id, prevHashHex, merkleRootHex, metadataHashHex, signingKeyIDHex string) (string, error)

ComputeBlockHash computes the length-prefixed block hash with domain prefix 0x32. Field order: id, previous_block_hash, merkle_root, metadata_hash, signing_key_id

func ComputeCommitmentDataHash ¶

func ComputeCommitmentDataHash(jcsBytes []byte) string

ComputeCommitmentDataHash computes SHA256(0x34 || JCS(commitment_data)).

func ComputeCommitmentHash ¶

func ComputeCommitmentHash(id, commitmentDataHashHex, ownerID, signingKeyIDHex string) (string, error)

ComputeCommitmentHash computes the length-prefixed commitment hash with domain prefix 0x35. Field order: id, commitment_data_hash, owner_id, signing_key_id

func ComputeEntropyHash ¶

func ComputeEntropyHash(jcsBytes []byte) string

ComputeEntropyHash computes SHA256(0x21 || JCS(entropy_data)).

func ComputeEntropyMetadataHash ¶

func ComputeEntropyMetadataHash(jcsBytes []byte) string

ComputeEntropyMetadataHash computes SHA256(0x22 || JCS(metadata)).

func ComputeItemHash ¶

func ComputeItemHash(id, claimsHashHex, metadataHashHex, signingKeyIDHex string) (string, error)

ComputeItemHash computes the length-prefixed item hash with domain prefix 0x13. Field order: id, claims_hash, metadata_hash, signing_key_id

func ComputeKeyID ¶

func ComputeKeyID(pubkey []byte) string

ComputeKeyID derives key_id from public key: truncate4(SHA256(0x51 || pubkey)).

func ComputeObservationHash ¶

func ComputeObservationHash(id, entropyHashHex, metadataHashHex, signingKeyIDHex string) (string, error)

ComputeObservationHash computes the length-prefixed observation hash with domain prefix 0x23. Field order: id, entropy_hash, metadata_hash, signing_key_id This mirrors ComputeItemHash but uses prefix 0x23 for entropy observations.

func ComputeProofHash ¶

func ComputeProofHash(version byte, keyIDHex, subjectHashHex string, blockHashes, commitmentHashes []string) (string, []byte, error)

ComputeProofHash builds the binary proof_hash payload and computes SHA256(0x61 || payload). Returns both the hex hash and raw hash bytes (raw needed for Ed25519 verification).

func DecodeCompactMerkleProof ¶

func DecodeCompactMerkleProof(base64urlProof string) ([]string, error)

DecodeCompactMerkleProof decodes a compact base64url-encoded Merkle proof into the standard ["l:hex", "r:hex", ...] format.

Binary format:

Byte 0: depth (number of proof steps, 0-64)
Next ceil(depth/8) bytes: direction bitfield (little-endian) bit=0 means left sibling ("l:"), bit=1 means right sibling ("r:")
Remaining: depth * 32 bytes of raw sibling hashes

func DecodePublicKey ¶

func DecodePublicKey(b64 string) (ed25519.PublicKey, error)

DecodePublicKey decodes a base64-encoded Ed25519 public key.

func DomainHash ¶

func DomainHash(prefix byte, data []byte) []byte

DomainHash computes SHA256(prefix_byte || data).

func ExtractULIDTimestamp ¶

func ExtractULIDTimestamp(id string) (time.Time, error)

ExtractULIDTimestamp extracts the millisecond timestamp from a ULID string.

func ExtractUUIDv7Timestamp ¶

func ExtractUUIDv7Timestamp(id string) (time.Time, error)

ExtractUUIDv7Timestamp extracts the millisecond timestamp from a UUIDv7 string.

func FormatBlockTime ¶

func FormatBlockTime(blockID string) string

FormatBlockTime extracts and formats the timestamp from a UUIDv7 block ID. Returns "unknown" if extraction fails.

func FormatItemTime ¶

func FormatItemTime(itemID string) string

FormatItemTime extracts and formats the timestamp from a ULID item ID. Returns "unknown" if extraction fails.

func HexEqual ¶

func HexEqual(a, b string) bool

HexEqual compares two hex strings case-insensitively.

func HexToBytes ¶

func HexToBytes(h string) ([]byte, error)

HexToBytes decodes a hex string to bytes. Returns empty slice for empty input.

func LenPrefix ¶

func LenPrefix(data []byte) []byte

LenPrefix prepends a 4-byte big-endian length prefix to data.

func ValidateClaimsHash ¶

func ValidateClaimsHash(hash, hashType string) error

ValidateClaimsHash checks that a hex hash string has the correct length for the given hash type.

func VerifyEd25519 ¶

func VerifyEd25519(hashBytes []byte, signatureB64 string, pubkey ed25519.PublicKey) (bool, error)

VerifyEd25519 verifies an Ed25519 signature over a hash.

func VerifyMerkleProof ¶

func VerifyMerkleProof(itemHashHex string, proof []string, expectedRootHex string) (bool, error)

VerifyMerkleProof walks an RFC 6962 Merkle proof from leaf to root. Proof elements are in "l:hex" or "r:hex" format. Returns true if the computed root matches expectedRootHex.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL