Skip to content

Feature/private audit commitments#906

Merged
Calebux merged 2 commits into
Calebux:mainfrom
coderolisa:feature/private-audit-commitments
Jun 24, 2026
Merged

Feature/private audit commitments#906
Calebux merged 2 commits into
Calebux:mainfrom
coderolisa:feature/private-audit-commitments

Conversation

@coderolisa

Copy link
Copy Markdown
Contributor

Close #827

Description

Test Plan

  • Tested locally
  • Verified expected behavior
  • No regressions introduced

Checklist

  • Code builds successfully
  • Tests pass
  • Follows project conventions
  • No sensitive data exposed

gbena-afk added 2 commits June 24, 2026 13:21
Add cryptographic commitment-based audit logging system that replaces
plaintext on-chain logs while enabling selective disclosure.

Architecture & Design (Phase 1):
- Comprehensive security analysis and threat model
- Hash-based commitments using SHA-256 (Pedersen rejected for Soroban)
- Commitment formula: SHA256(event_data || blinding_factor || domain_sep)
- 75% storage reduction (48 bytes vs 200+ bytes per log)
- Security: 128-bit quantum, 256-bit classical resistance

Soroban Contract (Phase 2):
- Add record_commitment() for privacy-preserving logging
- Add Merkle tree anchoring and verification functions
- Maintain backward compatibility with legacy logging
- Remove sub_id from on-chain storage (prevents linkage)
- All tests passing (19/19)

Client Library (Phase 3):
- Implement AuditDisclosureClient for selective disclosure
- Add commitment computation and verification
- Add Merkle proof generation/verification interfaces
- Add disclosure package format with user-friendly reports

Database Schema:
- Create commitment_blinding_factors table
- Store encrypted 32-byte blinding factors
- RLS policies for user privacy
- Unique constraints on commitment_hash and commitment_index

Documentation:
- 90-page architecture review
- Security analysis with threat model
- Implementation progress tracker

Next: Backend integration with commitment generation and encryption

Related: #XXX
@coderolisa coderolisa requested a review from Calebux as a code owner June 24, 2026 12:27
@drips-wave

drips-wave Bot commented Jun 24, 2026

Copy link
Copy Markdown

@coderolisa Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

@Calebux Calebux merged commit 6ffa0d4 into Calebux:main Jun 24, 2026
18 of 33 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[P2] Privacy-preserving on-chain audit logs with selective disclosure

2 participants