-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathpython-recompute-integrity-seal.py
More file actions
46 lines (31 loc) · 1.44 KB
/
python-recompute-integrity-seal.py
File metadata and controls
46 lines (31 loc) · 1.44 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
from __future__ import annotations
import hashlib
import json
from pathlib import Path
REPO_ROOT = Path(__file__).resolve().parents[2]
def load_json(relative_path: str) -> dict:
return json.loads((REPO_ROOT / relative_path).read_text(encoding="utf-8"))
def canonicalize_json(value: object) -> str:
return json.dumps(value, sort_keys=True, separators=(",", ":"), ensure_ascii=False, allow_nan=False)
def compute_integrity_hash(capsule: dict) -> str:
contract_constants = load_json("references/contract-constants.json")
payload = {
key: capsule[key]
for key in contract_constants["validator"]["integrity_payload_root_keys"]
}
canonical = canonicalize_json(payload)
return hashlib.sha3_512(canonical.encode("utf-8")).hexdigest()
note = load_json("examples/example-note.capsule.json")
invalid_g16 = load_json("examples/example-validator-invalid-g16.capsule.json")
note_hash = compute_integrity_hash(note)
repaired_invalid_hash = compute_integrity_hash(invalid_g16)
assert note["integrity_sha3_512"] == note_hash
assert invalid_g16["integrity_sha3_512"] != repaired_invalid_hash
summary = {
"noteCapsuleId": note["metadata"]["capsule_id"],
"noteSealMatches": note["integrity_sha3_512"] == note_hash,
"invalidCapsuleId": invalid_g16["metadata"]["capsule_id"],
"publishedInvalidSeal": invalid_g16["integrity_sha3_512"],
"repairedInvalidSeal": repaired_invalid_hash,
}
print(json.dumps(summary, indent=2))