Skip to content

Make verifier ENS-first and gate local key fallback to explicit test/demo mode#319

Merged
GsCommand merged 1 commit into
mainfrom
codex/update-receipt-verification-to-ens-first
May 23, 2026
Merged

Make verifier ENS-first and gate local key fallback to explicit test/demo mode#319
GsCommand merged 1 commit into
mainfrom
codex/update-receipt-verification-to-ens-first

Conversation

@GsCommand
Copy link
Copy Markdown
Contributor

@GsCommand GsCommand commented May 23, 2026

Motivation

  • Prevent silent production reliance on the local demo signer by making ENS TXT records the primary source for signer keys and metadata.
  • Ensure verifier resolves and validates cl.sig.pub, cl.sig.kid, cl.sig.canonical, and cl.receipt.signer from ENS TXT records before any fallback is considered.
  • Preserve an explicit local/test fallback for developer/demo scenarios while requiring an explicit opt-in for non-test environments.

Description

  • Updated lib/verifyReceipt.js to resolve required ENS TXT keys first and to report public_key_source as ens_txt on successful ENS resolution and local_test_fallback when the explicit local fallback is used.
  • Gate local/demo fallback behind options.ens.allowLocalFallback === true, COMMANDLAYER_ALLOW_LOCAL_KEY_FALLBACK=true, or NODE_ENV === 'test', and return INVALID with reason: ens_key_unavailable when ENS keys are missing and fallback is not allowed.
  • Propagated public_key_source through the verify agent API by adding it to api/agents/verifyagent.js responses and updated verifyReceipt debug output to include key_resolution_error.
  • Added and updated tests in tests/verifyReceipt-runtime.test.js, tests/api-verify.test.js, and tests/api-agents-verifyagent.test.js to assert ENS-first behavior, explicit-fallback behavior, and that public_key_source is exposed; and updated README.md to document the key resolution policy.

Testing

  • Ran the test suite with npm test which completed successfully (97 passed, 0 failed).
  • Confirmed intended verifier behavior with unit tests that assert: ENS-backed verification reports public_key_source: ens_txt, ENS missing with fallback disabled returns reason: ens_key_unavailable, and explicit local fallback yields public_key_source: local_test_fallback in test/demo mode.
  • Attempted npm run check:links which failed because the check:links script is not defined in package.json.

Codex Task

@vercel
Copy link
Copy Markdown

vercel Bot commented May 23, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
commandlayer-commandlayer-org Ready Ready Preview, Comment May 23, 2026 11:49pm
commandlayer-org Ready Ready Preview, Comment May 23, 2026 11:49pm
commandlayer-org111 Ready Ready Preview, Comment May 23, 2026 11:49pm

Request Review

@GsCommand GsCommand merged commit f3ea9eb into main May 23, 2026
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

codex

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@GsCommand