Arxi Evidence Model and Integrity Architecture
Audience: Engineers implementing envelope ingestion, hashing, signing, and integrity verification.
Table of Contents
- Executive Overview
- Identity and Schema Primitives
- Envelope and Segment Model
- Canonical Encoding and Hashing
- Attachment Integrity
- Signature Model
- Verification Result Algebra
- File-by-File Cross Reference
Executive Overview
Arxi integrity is built on canonical bytes plus cryptographic linkage:
- envelope content hashes over canonicalized 11-field hashable views,
- chain hashes linking each envelope to prior state,
- segment genesis and predecessor chain-head linkage,
- optional envelope signatures over content-hash bytes.
F:crates/arxi-envelope/src/envelope.rs L46-L92 F:crates/arxi-envelope/src/encoding.rs L252-L296 F:crates/arxi-envelope/src/segment.rs L39-L66
Identity and Schema Primitives
- UUIDv7-backed IDs:
EnvelopeId,SegmentId,BundleId. - String IDs with validation:
EventType,ActorId,EnvironmentId, etc. - String-backed IDs fail closed on empty, whitespace-only, and control-character input.
- String-backed IDs enforce explicit max-length bounds (
256for trace/session/actor/environment,128for event/adapter IDs). - String-backed ID serde paths are constructor-validated so hostile JSON cannot bypass invariants.
KeyIdis strict canonical lowercasehex(SHA-256(public_key_bytes))(64 chars).SchemaVersionis explicit and currently pinned to1(CURRENT_SCHEMA_VERSION).
F:crates/arxi-core/src/identity.rs L31-L55 F:crates/arxi-core/src/identity.rs L205-L647 F:crates/arxi-core/src/schema.rs L24-L49
Envelope and Segment Model
Envelope states
UnsealedEnvelope: adapter-supplied hashable fields.Envelope: recorder-sealed record withcontent_hash,chain_hash,sequence,segment_id, and optional signature.
F:crates/arxi-envelope/src/envelope.rs L98-L131 F:crates/arxi-envelope/src/envelope.rs L46-L92
Builder invariants
EnvelopeBuilder enforces required fields, UTC claimed time, and deterministic
attachment ordering before producing an UnsealedEnvelope.
F:crates/arxi-envelope/src/envelope.rs L284-L328
Segment structure
SegmentGenesis is structural metadata (not an envelope) and anchors first-chain
computation; predecessor fields must be jointly set or absent. recorder_id
is bounded by the same max length as ActorId and deserialize paths are
constructor-validated.
F:crates/arxi-envelope/src/segment.rs L39-L109
SealRecord captures final segment state and SealReason taxonomy.
F:crates/arxi-envelope/src/segment.rs L116-L170
Canonical Encoding and Hashing
Arxi uses JCS (serde_jcs) over private hashable view structs.
Important invariants:
Noneis serialized asnullin canonical output.- timestamps use fixed 9-digit nanosecond UTC format.
- attachment refs are sorted by hash hex in canonical views.
F:crates/arxi-envelope/src/encoding.rs L19-L31 F:crates/arxi-envelope/src/encoding.rs L48-L77 F:crates/arxi-envelope/src/encoding.rs L148-L162
Hash model:
content_hash = H(canonical_bytes)chain_hash = H(prev_chain_hash || content_hash)- first envelope in segment uses
H(segment_genesis_hash || content_hash)
F:crates/arxi-envelope/src/encoding.rs L239-L246 F:crates/arxi-envelope/src/encoding.rs L262-L273 F:crates/arxi-envelope/src/encoding.rs L285-L296
Hash functions are algorithm-identified and pluggable through HashFunction.
Current default is Sha256HashFunction.
F:crates/arxi-core/src/hash.rs L200-L274
Attachment Integrity
Two attachment representations:
AttachmentData: inline bytes submitted at ingest.AttachmentRef: content-addressed metadata embedded in envelopes.
AttachmentRef and AttachmentData reject empty, whitespace-only, and
control-character-bearing content_type values, enforce max length (255),
and deserialize AttachmentRef through constructor validation. AttachmentData
also requires non-empty bytes.
F:crates/arxi-envelope/src/attachment.rs L35-L85
F:crates/arxi-envelope/src/attachment.rs L99-L133
Signature Model
Core contract:
EnvelopeSignersignscontent_hashbytes.SignatureVerifierverifies message bytes under algorithm-specific keys.TrustRootandTrustPolicydefine trusted key material and signature acceptance policy (AnyTrustedKey,AllMustSign,Threshold).
F:crates/arxi-core/src/signature.rs L131-L270 F:crates/arxi-core/src/signature.rs L301-L337
Current implementation:
Ed25519Signerderives key ID ashex(SHA-256(public_key_bytes))and signscontent_hash. F:crates/arxi-envelope/src/signer.rs L68-L113Ed25519SignatureVerifieruses strict verification. F:crates/arxi-envelope/src/signature.rs L32-L95Verifierphase 6 uses trust-root lookup + algorithm dispatch and applies policy checks after per-envelope signature validation. F:crates/arxi-recorder/src/verifier.rs L509-L651
Verification Result Algebra
arxi-envelope defines verification data types, while algorithmic verification
runs in arxi-recorder.
Key structures:
VerificationManifestandManifestSegmentEntryVerificationVerdictandVerdictStatusCheckResult,CheckType, and specialized chain/cross-segment/signature checksVerificationWarningfor non-fatal findings
F:crates/arxi-envelope/src/verification.rs L39-L79 F:crates/arxi-envelope/src/verification.rs L85-L132 F:crates/arxi-envelope/src/verification.rs L189-L266
File-by-File Cross Reference
| Area | File | Notes |
|---|---|---|
| Identity contracts | crates/arxi-core/src/identity.rs | ID validation and serialization-stable newtypes. |
| Hash contracts | crates/arxi-core/src/hash.rs | Hash types, constant-time equality, algorithm registry. |
| Signature contracts | crates/arxi-core/src/signature.rs | Signer/verifier traits and envelope signature shape. |
| Envelope model | crates/arxi-envelope/src/envelope.rs | Sealed/unsealed forms and builder invariants. |
| Canonical encoding | crates/arxi-envelope/src/encoding.rs | JCS canonical bytes and chain formulas. |
| Segment model | crates/arxi-envelope/src/segment.rs | Genesis and seal metadata. |
| Attachments | crates/arxi-envelope/src/attachment.rs | Content-addressed attachment references. |
| Verification model | crates/arxi-envelope/src/verification.rs | Verdict and check-result algebra. |
| Ed25519 verify | crates/arxi-envelope/src/signature.rs | Strict signature verification implementation. |
| Ed25519 sign | crates/arxi-envelope/src/signer.rs | Envelope signing implementation. |