Cryptographic verificationprove a ghost.
Paste a github commit URL — or paste a commit message and ring manually — and the verifier reproduces the full proof: ring root, signature integrity, LSAG correctness. Identity stays hidden by construction.
The verifier fetches the commit and .gitghost/ring.json from the same SHA, recomputes the ring root, and runs full LSAG verification — no trust in our server, the math is reproducible.
awaiting input
- ring root recomputed
- ring root matches trailer
- signature parses
- LSAG verifies
Verification is fully deterministic — same inputs always give the same answer. No hidden state.
Four invariants.
Ring membership
Every public key in the ring must be a valid secp256k1 point. We re-derive the canonical compressed form before verification.
Signature integrity
We parse `lsag1.<c0>.<s_concat>.<keyImage>` strictly: wrong segment count, wrong scalar lengths, malformed key image — all reject.
Ring root consistency
The ring root in the commit trailer must match the deterministic hash of the supplied ring config — no silent ring substitution.
Key image surfaced
We surface the key image so callers can detect reuse against their own anchor log — the same signer in the same ring always produces the same key image.