Skip to main content

What bundle verification checks

A policy bundle is the compiled, signed artifact that the runtime evaluates. Bundle verification confirms:
  1. The bundle’s bundle_hash matches the content of the bundle directory
  2. The bundle manifest signature (bundle.sig) verifies against the trust root public key
  3. The bundle was not modified after it was signed

Bundle structure

A compiled policy bundle lives at policies/{policyId}/{policyVersion}/: 
policies/
  claims-approval/
    1.0.0/
      policy.json              ← the policy rules (compiled form)
      bundle.manifest.json     ← content manifest with bundle_hash
      bundle.sig               ← Ed25519 signature over the manifest

Using verifyBundle from @parmanasystems/core

import {
  verifyBundle,
  LocalVerifier,
} from "@parmanasystems/core";
import fs from "node:fs";
import path from "node:path";

const publicKey = fs.readFileSync("trust/root.pub", "utf8");
const verifier  = new LocalVerifier(publicKey);

const bundlePath = path.resolve("policies/claims-approval/1.0.0");

const result = verifyBundle(bundlePath, verifier);

console.log(result.valid);        // true
console.log(result.bundleHash);   // matches the bundleHash in attestations
console.log(result.policyId);     // "claims-approval"
console.log(result.version);      // "1.0.0"

Matching bundle hash to attestation

Every attestation contains the bundleHash of the bundle that produced it. To verify that an attestation was produced from a specific bundle: 
const result = verifyBundle(bundlePath, verifier);

if (attestation.bundleHash !== result.bundleHash) {
  throw new Error(
    "Attestation bundleHash does not match the bundle at " + bundlePath
  );
}

console.log("Bundle matches attestation");

What the manifest contains

bundle.manifest.json example: 
{
  "policyId": "claims-approval",
  "policyVersion": "1.0.0",
  "schemaVersion": "1.0.0",
  "bundle_hash": "sha256:abc123...",
  "files": [
    { "path": "policy.json", "hash": "sha256:def456..." }
  ],
  "compiledAt": "2024-01-10T08:00:00.000Z"
}
bundle.sig contains the Ed25519 signature over the canonical JSON serialization of the manifest.

Expected result

A successful verifyBundle call returns: 
{
  valid: true,
  bundleHash: "sha256:abc123...",
  policyId: "claims-approval",
  version: "1.0.0"
}

Via the CLI

npx @parmanasystems/verifier-cli verify-bundle \
  --bundle policies/claims-approval/1.0.0 \
  --public-key trust/root.pub
Expected output: 
✓ Bundle signature verified
✓ Content hash matches
  policyId: claims-approval
  version:  1.0.0
  hash:     sha256:abc123...

Troubleshooting

valid: false — “signature verification failed” The bundle.sig does not verify against trust/root.pub. Either the bundle was modified after signing, or the wrong public key is being used. Recompile and re-sign the bundle. valid: false — “content hash mismatch” The policy.json or other bundle files were modified after the manifest was created. Recompile the bundle. Bundle loads but produces unexpected decisions Bundle verification only confirms the bundle was not tampered with. If the policy rules produce unexpected outcomes, inspect policy.json and test using POST /simulate.