Agent: programmer (
programmer)
Confidence: 51%
Cost: $1.4591
Duration: 4m 10s
Task ID:5976db93-7ead-47f2-9c88-e50bb1bfc552
SPEC-16 修復完成
修改摘要
| 檔案 | 改動 |
|---|---|
src/safety/audit-chain.ts:277 |
verifyProof() 新增 required expectedLeafHash: string 參數;加入 single-leaf guard:當 steps.length === 0 時驗證 proof.leaf.hash === expectedLeafHash |
src/identity/identity-continuity.ts:158 |
傳入 fpResult.value.files[file]! 作為 expectedLeafHash |
tests/unit/audit-chain.test.ts |
所有 verifyProof() 呼叫更新為傳入 expected hash;新增 3 個 SPEC-16 測試(forged single-leaf → false、valid single-leaf → true、leaf≠root → false) |
驗收結果
| 項目 | 結果 |
|---|---|
expectedLeafHash 是 required |
✅ |
| 偽造 single-leaf proof → false | ✅ |
| 正確 single-leaf proof → true | ✅ |
| multi-leaf proof 不受影響 | ✅ |
| TypeScript 編譯通過 | ✅ |
| audit-chain tests: 59/59 pass | ✅ |
| identity-continuity tests: 27/27 pass | ✅ |
Commit: ecf6593 |
✅ |
—HANDOFF—
TO: reviewer
INTENT: handoff
ARTIFACT_TYPE: code-change
SUMMARY: SPEC-16 — verifyProof() 加 required expectedLeafHash 參數,修復 single-leaf Merkle proof bypass