feat: add embodied action receipt fixtures#36
Conversation
|
🟡 Contributor Check: MEDIUM
Automated check by AgenTrust Contributor Check. |
imran-siddique
left a comment
There was a problem hiding this comment.
Nice self-contained offline verifier + deterministic fixtures. Approving.
Fixtures are self-consistent. I recomputed action.action_ref from the canonical (agent_id, action_type, action_scope, action_timestamp) preimage and it matches sha256:6572d670…0b21f across all four fixtures. The CI unittest (test_fixtures_match_expected_results) asserts verify_fixture() == expected for every fixture, which re-derives the action_ref, verifies each Ed25519 receipt signature against the pinned controller key, and walks the prev_receipt_hash chain — so green CI is a real self-consistency proof here, not just a smoke test.
Signing/preimage rules line up. generate_fixtures.py signs over canonical_bytes of the receipt minus signature, and verify_receipts.py verifies over receipt_preimage (same minus-signature canonical form). The chain hash is taken over the full signed receipt on both sides, so the sha256:997a9dd7…cd338 link in the two-receipt chains is consistent.
Outcome coverage is good: accepted chain, missing-required-receipt, invalid signature (last b64 char flipped, …GDw → …GDA), and the controller-rejected fixture that correctly makes the point that a signed rejection is valid evidence of a negative outcome, not a verifier failure.
One follow-up worth a future PR (not blocking): verify_receipts.py has branches for call_id_mismatch, trace_id_mismatch, action_ref_mismatch, and chain_mismatch (reordered/tampered prev_receipt_hash), but no fixture exercises a wrong-binding / broken-chain case — only the signature tamper is covered. A wrong-call-id.json or broken-chain.json fixture would lock in those binding checks the same way signature-mismatch.json locks in signature verification.
CI green (validate, embodied-action-receipts, industrial-embodied-ai). Approving.
Summary
Adds a small fixture-style embodied-action receipt example for offline verification of externally consequential action evidence.
This complements:
cmcp#339Embodied Action Evidence Profiletrace-spec#66verification.action_receiptsaxisWhat changed
embodied-action-receipts/with deterministic JSON fixtures for:verify_receipts.py, an offline verifier that checks:action_refcall_id/ TRACE session bindingrejectedoutcomesgenerate_fixtures.pyfor reproducible fixture generation from a deterministic public test seed.Why
For embodied AI,
verification.action_receipts: requiredshould mean action-level receipt evidence is offline-verifiable and bound to the session/call. It should not imply physical completion, controller safety, or functional-safety certification.The
controller-rejectedfixture makes that boundary concrete: a signed rejection is valid evidence, but it is not proof that the physical action completed.Validation
python3 -m unittest discover -s embodied-action-receipts/tests -vpython3 embodied-action-receipts/verify_receipts.py embodied-action-receipts/fixtures/valid-chain.jsonpython3 embodied-action-receipts/verify_receipts.py embodied-action-receipts/fixtures/controller-rejected.jsonpython3 -m json.toolover all JSON filespyyamlgit diff --check