min

patrick-ogrady · patrick-ogrady · commit 1b1bfd8d7136 · 2026-05-23T14:28:50.000-07:00
diff --git a/storage/src/qmdb/current/ordered/db.rs b/storage/src/qmdb/current/ordered/db.rs
@@ -9,7 +9,7 @@ use crate::{
     merkle::{self, hasher::Standard as StandardHasher, Location},
     qmdb::{
         any::{
-            ordered::{Operation, Update},
+            ordered::{self, Operation, Update},
             ValueEncoding,
         },
         current::proof::OperationProof,
@@ -61,32 +61,6 @@ impl<F: merkle::Graftable, K: Key, D: Digest, const N: usize> Read for KeyValueP
     }
 }
 
-impl<F: merkle::Graftable, K: Key, D: Digest, const N: usize> KeyValueProof<F, K, D, N> {
-    /// Return true if this proof authenticates `operation` as the active key-value update.
-    ///
-    /// This also checks that the proof's embedded `next_key` matches the provided operation, which
-    /// is required when the operation is decoded separately from the proof.
-    pub fn verify_operation<H, V>(
-        &self,
-        hasher: &StandardHasher<H>,
-        operation: Operation<F, K, V>,
-        root: &D,
-    ) -> bool
-    where
-        H: Hasher<Digest = D>,
-        V: ValueEncoding,
-        Operation<F, K, V>: Codec,
-    {
-        match &operation {
-            Operation::Update(update) if self.next_key == update.next_key => {}
-            Operation::Update(_) => return false,
-            _ => return false,
-        }
-
-        self.proof.verify(hasher, operation, root)
-    }
-}
-
 #[cfg(feature = "arbitrary")]
 impl<F: merkle::Graftable, K: Key, D: Digest, const N: usize> arbitrary::Arbitrary<'_>
     for KeyValueProof<F, K, D, N>
@@ -139,7 +113,7 @@ where
         proof: &KeyValueProof<F, K, H::Digest, N>,
         root: &H::Digest,
     ) -> bool {
-        proof.verify_operation(
+        proof.proof.verify(
             hasher,
             Operation::Update(Update {
                 key,
@@ -176,7 +150,30 @@ where
         proof: &super::ExclusionProof<F, K, V, H::Digest, N>,
         root: &H::Digest,
     ) -> bool {
-        proof.verify_key(hasher, key, root)
+        let (op_proof, operation) = match proof {
+            super::ExclusionProof::KeyValue(op_proof, update) => {
+                if update.key == *key {
+                    // The provided `key` is in the DB if it matches the start of the span.
+                    return false;
+                }
+                if !ordered::span_contains(&update.key, &update.next_key, key) {
+                    // If the key is not within the span, then this proof cannot prove its
+                    // exclusion.
+                    return false;
+                }
+
+                (op_proof, Operation::Update(update.clone()))
+            }
+            super::ExclusionProof::Commit(op_proof, metadata) => {
+                // Handle the case where the proof shows the db is empty, hence any key is proven
+                // excluded. For the db to be empty, the floor must equal the commit operation's
+                // location.
+                let floor = op_proof.loc;
+                (op_proof, Operation::CommitFloor(metadata.clone(), floor))
+            }
+        };
+
+        op_proof.verify(hasher, operation, root)
     }
 }
 
diff --git a/storage/src/qmdb/current/ordered/mod.rs b/storage/src/qmdb/current/ordered/mod.rs
@@ -9,19 +9,19 @@
 //! - [variable]: Variant for values of variable size.
 
 use crate::{
-    merkle::{hasher::Standard as StandardHasher, Graftable},
+    merkle::Graftable,
     qmdb::{
         any::{
-            ordered::{self, Operation, Update},
+            ordered::Update,
             ValueEncoding,
         },
         current::proof::OperationProof,
         operation::Key,
     },
 };
 use bytes::{Buf, BufMut};
-use commonware_codec::{Codec, EncodeSize, Read, ReadExt as _, Write};
-use commonware_cryptography::{Digest, Hasher};
+use commonware_codec::{EncodeSize, Read, ReadExt as _, Write};
+use commonware_cryptography::Digest;
 
 pub mod db;
 pub mod fixed;
@@ -49,43 +49,6 @@ pub enum ExclusionProof<F: Graftable, K: Key, V: ValueEncoding, D: Digest, const
     Commit(OperationProof<F, D, N>, Option<V::Value>),
 }
 
-impl<F: Graftable, K: Key, V: ValueEncoding, D: Digest, const N: usize>
-    ExclusionProof<F, K, V, D, N>
-where
-    Operation<F, K, V>: Codec,
-{
-    /// Return true if this proof authenticates that `key` is not active at `root`.
-    pub fn verify_key<H>(&self, hasher: &StandardHasher<H>, key: &K, root: &D) -> bool
-    where
-        H: Hasher<Digest = D>,
-    {
-        let (op_proof, operation) = match self {
-            Self::KeyValue(op_proof, update) => {
-                if update.key == *key {
-                    // The provided `key` is in the DB if it matches the start of the span.
-                    return false;
-                }
-                if !ordered::span_contains(&update.key, &update.next_key, key) {
-                    // If the key is not within the span, then this proof cannot prove its
-                    // exclusion.
-                    return false;
-                }
-
-                (op_proof, Operation::Update(update.clone()))
-            }
-            Self::Commit(op_proof, metadata) => {
-                // Handle the case where the proof shows the db is empty, hence any key is proven
-                // excluded. For the db to be empty, the floor must equal the commit operation's
-                // location.
-                let floor = op_proof.loc;
-                (op_proof, Operation::CommitFloor(metadata.clone(), floor))
-            }
-        };
-
-        op_proof.verify(hasher, operation, root)
-    }
-}
-
 const KEY_VALUE_CONTEXT: u8 = 0;
 const COMMIT_CONTEXT: u8 = 1;
 
@@ -627,16 +590,6 @@ pub mod tests {
                 assert!(TestDb::<F, C, V>::verify_key_value_proof(
                     &hasher, key, value, &proof, &root
                 ));
-                assert!(proof.verify_operation(
-                    &hasher,
-                    Operation::Update(Update {
-                        key,
-                        value,
-                        next_key: proof.next_key,
-                    }),
-                    &root
-                ));
-                assert!(!proof.verify_operation(&hasher, Operation::Delete(key), &root));
                 // Proof should fail against the wrong value. Use hash instead of fill to ensure
                 // the value differs from any key/value created by TestKey::from_seed (which uses
                 // fill patterns).
@@ -664,15 +617,6 @@ pub mod tests {
                 assert!(!TestDb::<F, C, V>::verify_key_value_proof(
                     &hasher, key, value, &bad_proof, &root,
                 ));
-                assert!(!proof.verify_operation(
-                    &hasher,
-                    Operation::Update(Update {
-                        key,
-                        value,
-                        next_key: wrong_key,
-                    }),
-                    &root
-                ));
             }
 
             db.destroy().await.unwrap();
@@ -764,7 +708,6 @@ pub mod tests {
                 &empty_proof,
                 &empty_root,
             ));
-            assert!(empty_proof.verify_key(&hasher, &key_exists_1, &empty_root));
 
             // Add `key_exists_1` and test exclusion proving over the single-key database case.
             let v1 = Sha256::fill(0xA1);
@@ -797,7 +740,6 @@ pub mod tests {
                 &proof,
                 &root,
             ));
-            assert!(proof.verify_key(&hasher, &greater_key, &root));
             assert!(TestDb::<F, C, V>::verify_exclusion_proof(
                 &hasher,
                 &lesser_key,
@@ -811,7 +753,6 @@ pub mod tests {
                 &proof,
                 &root,
             ));
-            assert!(!proof.verify_key(&hasher, &key_exists_1, &root));
 
             // Add a second key and test exclusion proving over the two-key database case.
             let key_exists_2 = Sha256::fill(0x30);
@@ -873,7 +814,6 @@ pub mod tests {
                 &proof,
                 &root,
             ));
-            assert!(proof.verify_key(&hasher, &middle_key, &root));
             assert!(!TestDb::<F, C, V>::verify_exclusion_proof(
                 &hasher,
                 &key_exists_2,
