Conformance & parity
The cross-implementation parity discipline: frozen canonical()/retrieval_key() goldens, the C8 crypto fixtures, the shared URN conformance vectors, the OpenRPC-vs-server diff test, and what every reimplementation MUST pass.
The cross-implementation parity discipline: frozen canonical()/retrieval_key() goldens, the C8 crypto fixtures, the shared URN conformance vectors, the OpenRPC-vs-server diff test, and what every reimplementation MUST pass.
Layer 1 read-crypto: HKDF-SHA256 key derivation (salt-mixed secret), AES-256-GCM-SIV fixed-nonce seal, the byte-exact constants table, and the one-crypto-implementation invariant (producer = host = verifier = dig-client-wasm).
The D5 per-resource UNTAGGED leaf = SHA-256(ciphertext), the NODE_TAG fold, odd-node carry-up, the proof-length ≤ ceil(log2 n) binding contract (D8), and the base64 X-Dig-Inclusion-Proof wire layout.
Fixed-size obfuscation (128 MiB uniform blob, deterministic ChaCha20 filler), WASM injection memory layout (BINDING D2: 2 MiB offset, 384 MiB ceiling), the self-serving guest pipeline, oblivious gather, decoy generation, and the disabled host-attestation gate.
Merkle proofs, verified downloads, signed roots, revocation, and host attestation for DigStore security.
Store identity via on-chain singleton launcher id, generations as capsules, content root, on-disk layout, and compiled module structure.
Streaming resources by URN or retrieval key, listing keys per deployment, and checking out entire generations.
Architecture of the content-addressable, encrypted WebAssembly store format: identity, generations, URNs, and compiled modules.
URN format and semantics, derivation of retrieval and decryption keys, AES-256-GCM-SIV encryption, and public vs. private store differences.
Proyecto direccionable por contenido con forma de Git, con cifrado integrado y direccionamiento basado en URN; compila a un único módulo WebAssembly autodefendido.