spike

patrick-ogrady · patrick-ogrady · commit 9f5db64e283c · 2026-05-23T13:07:13.000-07:00
diff --git a/storage/src/qmdb/any/ordered/mod.rs b/storage/src/qmdb/any/ordered/mod.rs
@@ -26,6 +26,15 @@ pub use crate::qmdb::any::operation::{update::Ordered as Update, Ordered as Oper
 /// Type alias for a location and its associated key data.
 type LocatedKey<F, K, V> = Option<(Location<F>, Update<K, V>)>;
 
+/// Whether the ordered-key span defined by `span_start` and `span_end` contains `key`.
+pub fn span_contains<K: Key>(span_start: &K, span_end: &K, key: &K) -> bool {
+    if span_start >= span_end {
+        key >= span_start || key < span_end
+    } else {
+        key >= span_start && key < span_end
+    }
+}
+
 impl<
         F: Family,
         E: Context,
@@ -50,23 +59,6 @@ where
         }
     }
 
-    /// Whether the span defined by `span_start` and `span_end` contains `key`.
-    pub fn span_contains(span_start: &K, span_end: &K, key: &K) -> bool {
-        if span_start >= span_end {
-            // cyclic span case
-            if key >= span_start || key < span_end {
-                return true;
-            }
-        } else {
-            // normal span case
-            if key >= span_start && key < span_end {
-                return true;
-            }
-        }
-
-        false
-    }
-
     /// Find the span produced by the provided locations that contains `key`, if any.
     async fn find_span(
         &self,
@@ -77,7 +69,7 @@ where
         for loc in locs {
             // Iterate over conflicts in the snapshot entry to find the span.
             let data = Self::get_update_op(&reader, loc).await?;
-            if Self::span_contains(&data.key, &data.next_key, key) {
+            if span_contains(&data.key, &data.next_key, key) {
                 return Ok(Some((loc, data)));
             }
         }
diff --git a/storage/src/qmdb/current/ordered/db.rs b/storage/src/qmdb/current/ordered/db.rs
@@ -61,6 +61,53 @@ impl<F: merkle::Graftable, K: Key, D: Digest, const N: usize> Read for KeyValueP
     }
 }
 
+impl<F: merkle::Graftable, K: Key, D: Digest, const N: usize> KeyValueProof<F, K, D, N> {
+    /// Return true if this proof authenticates `update` against `root`.
+    ///
+    /// This also checks that the proof's embedded `next_key` matches the provided update, which is
+    /// required when the operation is decoded separately from the proof.
+    pub fn verify_update<H, V>(
+        &self,
+        hasher: &StandardHasher<H>,
+        update: &Update<K, V>,
+        root: &D,
+    ) -> bool
+    where
+        H: Hasher<Digest = D>,
+        V: ValueEncoding,
+        Operation<F, K, V>: Codec,
+    {
+        if self.next_key != update.next_key {
+            return false;
+        }
+
+        self.proof
+            .verify(hasher, Operation::Update(update.clone()), root)
+    }
+
+    /// Return true if this proof authenticates `operation` as the active key-value update.
+    pub fn verify_operation<H, V>(
+        &self,
+        hasher: &StandardHasher<H>,
+        operation: &Operation<F, K, V>,
+        root: &D,
+    ) -> bool
+    where
+        H: Hasher<Digest = D>,
+        V: ValueEncoding,
+        Operation<F, K, V>: Codec + Clone,
+    {
+        let Operation::Update(update) = operation else {
+            return false;
+        };
+        if self.next_key != update.next_key {
+            return false;
+        }
+
+        self.proof.verify(hasher, operation.clone(), root)
+    }
+}
+
 #[cfg(feature = "arbitrary")]
 impl<F: merkle::Graftable, K: Key, D: Digest, const N: usize> arbitrary::Arbitrary<'_>
     for KeyValueProof<F, K, D, N>
@@ -113,13 +160,13 @@ where
         proof: &KeyValueProof<F, K, H::Digest, N>,
         root: &H::Digest,
     ) -> bool {
-        let op = Operation::Update(Update {
+        let update = Update {
             key,
             value,
             next_key: proof.next_key.clone(),
-        });
+        };
 
-        proof.proof.verify(hasher, op, root)
+        proof.verify_update(hasher, &update, root)
     }
 
     /// Get the operation that currently defines the span whose range contains `key`, or None if the
@@ -148,37 +195,7 @@ where
         proof: &super::ExclusionProof<F, K, V, H::Digest, N>,
         root: &H::Digest,
     ) -> bool {
-        let (op_proof, op) = match proof {
-            super::ExclusionProof::KeyValue(op_proof, data) => {
-                if data.key == *key {
-                    // The provided `key` is in the DB if it matches the start of the span.
-                    return false;
-                }
-                if !crate::qmdb::any::db::Db::<F, E, C, I, H, Update<K, V>, N, S>::span_contains(
-                    &data.key,
-                    &data.next_key,
-                    key,
-                ) {
-                    // If the key is not within the span, then this proof cannot prove its
-                    // exclusion.
-                    return false;
-                }
-
-                (op_proof, Operation::Update(data.clone()))
-            }
-            super::ExclusionProof::Commit(op_proof, metadata) => {
-                // Handle the case where the proof shows the db is empty, hence any key is proven
-                // excluded. For the db to be empty, the floor must equal the commit operation's
-                // location.
-                let floor_loc = op_proof.loc;
-                (
-                    op_proof,
-                    Operation::CommitFloor(metadata.clone(), floor_loc),
-                )
-            }
-        };
-
-        op_proof.verify(hasher, op, root)
+        proof.verify_key(hasher, key, root)
     }
 }
 
diff --git a/storage/src/qmdb/current/ordered/mod.rs b/storage/src/qmdb/current/ordered/mod.rs
@@ -9,16 +9,19 @@
 //! - [variable]: Variant for values of variable size.
 
 use crate::{
-    merkle::Graftable,
+    merkle::{hasher::Standard as StandardHasher, Graftable},
     qmdb::{
-        any::{ordered::Update, ValueEncoding},
+        any::{
+            ordered::{self, Operation, Update},
+            ValueEncoding,
+        },
         current::proof::OperationProof,
         operation::Key,
     },
 };
 use bytes::{Buf, BufMut};
-use commonware_codec::{EncodeSize, Read, ReadExt as _, Write};
-use commonware_cryptography::Digest;
+use commonware_codec::{Codec, EncodeSize, Read, ReadExt as _, Write};
+use commonware_cryptography::{Digest, Hasher};
 
 pub mod db;
 pub mod fixed;
@@ -46,6 +49,43 @@ pub enum ExclusionProof<F: Graftable, K: Key, V: ValueEncoding, D: Digest, const
     Commit(OperationProof<F, D, N>, Option<V::Value>),
 }
 
+impl<F: Graftable, K: Key, V: ValueEncoding, D: Digest, const N: usize>
+    ExclusionProof<F, K, V, D, N>
+where
+    Operation<F, K, V>: Codec,
+{
+    /// Return true if this proof authenticates that `key` is not active at `root`.
+    pub fn verify_key<H>(&self, hasher: &StandardHasher<H>, key: &K, root: &D) -> bool
+    where
+        H: Hasher<Digest = D>,
+    {
+        let (op_proof, operation) = match self {
+            Self::KeyValue(op_proof, update) => {
+                if update.key == *key {
+                    // The provided `key` is in the DB if it matches the start of the span.
+                    return false;
+                }
+                if !ordered::span_contains(&update.key, &update.next_key, key) {
+                    // If the key is not within the span, then this proof cannot prove its
+                    // exclusion.
+                    return false;
+                }
+
+                (op_proof, Operation::Update(update.clone()))
+            }
+            Self::Commit(op_proof, metadata) => {
+                // Handle the case where the proof shows the db is empty, hence any key is proven
+                // excluded. For the db to be empty, the floor must equal the commit operation's
+                // location.
+                let floor = op_proof.loc;
+                (op_proof, Operation::CommitFloor(metadata.clone(), floor))
+            }
+        };
+
+        op_proof.verify(hasher, operation, root)
+    }
+}
+
 const KEY_VALUE_CONTEXT: u8 = 0;
 const COMMIT_CONTEXT: u8 = 1;
 
@@ -587,6 +627,14 @@ pub mod tests {
                 assert!(TestDb::<F, C, V>::verify_key_value_proof(
                     &hasher, key, value, &proof, &root
                 ));
+                let update = Update {
+                    key,
+                    value,
+                    next_key: proof.next_key,
+                };
+                assert!(proof.verify_update(&hasher, &update, &root));
+                assert!(proof.verify_operation(&hasher, &Operation::Update(update.clone()), &root));
+                assert!(!proof.verify_operation(&hasher, &Operation::Delete(key), &root));
                 // Proof should fail against the wrong value. Use hash instead of fill to ensure
                 // the value differs from any key/value created by TestKey::from_seed (which uses
                 // fill patterns).
@@ -614,6 +662,9 @@ pub mod tests {
                 assert!(!TestDb::<F, C, V>::verify_key_value_proof(
                     &hasher, key, value, &bad_proof, &root,
                 ));
+                let mut bad_update = update;
+                bad_update.next_key = wrong_key;
+                assert!(!proof.verify_update(&hasher, &bad_update, &root));
             }
 
             db.destroy().await.unwrap();
@@ -705,6 +756,7 @@ pub mod tests {
                 &empty_proof,
                 &empty_root,
             ));
+            assert!(empty_proof.verify_key(&hasher, &key_exists_1, &empty_root));
 
             // Add `key_exists_1` and test exclusion proving over the single-key database case.
             let v1 = Sha256::fill(0xA1);
@@ -737,6 +789,7 @@ pub mod tests {
                 &proof,
                 &root,
             ));
+            assert!(proof.verify_key(&hasher, &greater_key, &root));
             assert!(TestDb::<F, C, V>::verify_exclusion_proof(
                 &hasher,
                 &lesser_key,
@@ -750,6 +803,7 @@ pub mod tests {
                 &proof,
                 &root,
             ));
+            assert!(!proof.verify_key(&hasher, &key_exists_1, &root));
 
             // Add a second key and test exclusion proving over the two-key database case.
             let key_exists_2 = Sha256::fill(0x30);
@@ -811,6 +865,7 @@ pub mod tests {
                 &proof,
                 &root,
             ));
+            assert!(proof.verify_key(&hasher, &middle_key, &root));
             assert!(!TestDb::<F, C, V>::verify_exclusion_proof(
                 &hasher,
                 &key_exists_2,
