Proof Fingerprints

When PacSpace verifies a delta, it produces a proof fingerprint. The fingerprint lets both sides check that the same usage record was recorded.

Three Properties of Proof Fingerprints#

Deterministic#

Given the same input data, the proof fingerprint is always the same. There's no randomness, no timestamps mixed into the fingerprint, no server-specific variation. You can recompute it yourself and get the exact same result every time.

Same delta payload -> Same content fingerprint -> Same proof fingerprint

This means verification is repeatable. Today, tomorrow, a year from now - the math always checks out.

Checkable#

Change the original data and the proof fingerprint changes. This makes a mismatch visible during verification.

Original:  { "amount": 42.50 }  -> 0x8f3a9b...
Changed:   { "amount": 42.51 }  -> 0xd17c4e...

Connected#

Each proof can include the prior proof fingerprint. Your app can store this value when it needs continuity checks.

proofHash_0 <- proofHash_1 <- proofHash_2 <- proofHash_3

If a stored value does not match previousProofHash, alert an operator before using the record.

Independent Verification#

When you receive a delta.verified webhook, you get the fields needed to check the proof.

Step 1: Confirm your content fingerprint matches#

Compare the contentHash from the webhook against the fingerprint you expect for the delta you submitted. If they match, the delta PacSpace verified is the exact data you sent.

const { contentHash } = webhookData.proof;

// Your stored or recomputed fingerprint should match
assert(myContentHash === contentHash, 'Content fingerprint mismatch');

Step 2: Confirm your content fingerprint is in the verification set#

Check that your contentHash appears in the itemHashes array from the webhook payload. This proves your delta was included in the verification.

const { itemHashes, contentHash } = webhookData.proof;

assert(itemHashes.includes(contentHash), 'Content fingerprint not found in verification set');

Step 3: Confirm the proof fingerprint#

Compare the proofHash from the webhook against the receiptId you received when you originally submitted the delta.

const { proofHash } = webhookData.proof;

assert(
  proofHash === storedReceiptId,
  'Proof fingerprint mismatch - verification check failed'
);

Step 4 (optional): Check continuity#

If you stored the previous proof fingerprint, confirm it matches previousProofHash.

const { previousProofHash } = webhookData.proof;

assert(
  previousProofHash === storedPreviousProofHash,
  'Previous proof fingerprint does not match'
);

Verification Summary#

Next Steps#

• Verifying Proofs - Full verification example with code
• Webhook Payloads - Public schema for the delta.verified event