feat(client): resolve-before-pay for commitment-bound quotes (ADR-0003)#126
Open
grumbach wants to merge 1 commit into
Open
feat(client): resolve-before-pay for commitment-bound quotes (ADR-0003)#126grumbach wants to merge 1 commit into
grumbach wants to merge 1 commit into
Conversation
Implement the client half of ADR-0003: the client pays nothing it cannot resolve. Before paying, it runs the full binding check on every quote and candidate, so a node that overstates its storage to inflate its price is dropped before any on-chain payment instead of after. For each single-node quote and each merkle candidate, the client now: - verifies the quote's own ML-DSA-65 signature and that it is for the requested content; - checks the (committed_key_count, commitment_pin) shape, the count cap, and that price == calculate_price(count) by exact recomputation; and - for a bound quote, fully resolves the shipped commitment: parse it, check it is bound to the quoting peer, verify its signature, that it hashes to the quote's pin, and that its key_count matches the claimed count. Anything unresolvable, withheld, off-curve, or contradictory is dropped before payment, exactly as the storer would reject it. The verified commitments are then forwarded as sidecars in the PUT bundle (single-node and merkle) so storers cross-check synchronously. Sidecar blobs are size-capped before parsing. Pricing and the commitment verification come from ant-protocol, so client and node never disagree. Adds an e2e test (real QUIC nodes + Anvil) proving bound quotes are shipped, priced, fully resolve, and round-trip; and the off-curve / forged-commitment rejection is covered in unit tests. Depends on the evmlib, ant-protocol, and ant-node ADR-0003 releases; will not build standalone until those publish.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
ADR-0003: commitment-bound quote pricing — client side.
Implements "the client pays nothing it cannot resolve". Before paying, the client runs the full binding check on every quote and candidate, so a node that overstates its storage to inflate its price is dropped before any on-chain payment instead of after.
What
For each single-node quote and each merkle candidate, the client now:
(committed_key_count, commitment_pin)shape, the count cap, and thatprice == calculate_price(count)by exact recomputation;key_countmatches the claimed count.Anything unresolvable, withheld, off-curve, or contradictory is dropped before payment — exactly as the storer would reject it. The verified commitments are then forwarded as sidecars in the PUT bundle (single-node and merkle) so storers cross-check synchronously; sidecar blobs are size-capped before parsing. Pricing and commitment verification come from ant-protocol, so client and node never disagree.
Tests
Adds an e2e test (real QUIC nodes + Anvil) proving bound quotes are shipped, priced, fully resolve, and round-trip; the off-curve / forged-commitment rejection is covered in unit tests.
Release ordering
Depends on evmlib WithAutonomi/evmlib#11, ant-protocol WithAutonomi/ant-protocol#15, and ant-node WithAutonomi/ant-node#149. Built locally via temporary
[patch.crates-io]path patches + a localant-nodepath dep (not committed here); will not build standalone until those publish.