Cryptographic Proofs

GLACIS uses multiple cryptographic mechanisms to ensure attestation integrity.

Ed25519 Signatures

Every attestation is signed:

import { verify } from '@glacis/core';

const valid = verify(
  canonicalize(attestation),
  attestation.signature,
  sidecarPublicKey
);

SHA-256 Commitments

Commitments bind to data without revealing it:

// Request commitment
const commitment = sha256(canonicalize({
  model: 'gpt-4',
  messages: [...],
  timestamp: Date.now()
}));

Merkle Proofs

Verify attestation was included in the log:

interface MerkleProof {
  root: string;
  index: number;
  siblings: string[];
}

function verify(leaf: string, proof: MerkleProof): boolean {
  let hash = leaf;
  for (const sibling of proof.siblings) {
    hash = sha256(hash + sibling);
  }
  return hash === proof.root;
}

CBOR Canonicalization

Ensures deterministic serialization:

import { canonicalize } from '@glacis/core';

// Same input always produces same bytes
const bytes = canonicalize(data);
const hash = sha256(bytes);

Independent Verification

Auditors can verify proofs without GLACIS:

1. Download attestation and Merkle proof
2. Verify Ed25519 signature
3. Verify Merkle inclusion
4. Confirm commitment matches

Next Steps

• Security Model
• Zero-Egress Design