Skip to main content

Verifier Guide

This guide is for external companies and partners who want to verify Olymp data without trusting a gateway or provider.

What you receive

Gateways return a canonical Attested Data Response (ADR). It includes:

  • Payload or payload pointer + payload hash
  • Provider identity and trust tier (Tier A or Tier B)
  • On-chain anchor reference
  • Provider or adapter EIP-712 signature
  • Gateway query receipt (EIP-712)

Verification procedure (step by step)

  1. Fetch ADR and payload from the gateway.
  2. Hash the payload bytes and compare to payloadPointer.payloadHash.
  3. Verify provider or adapter signature (EIP-712).
  4. Check ProviderRegistry for provider status, type, and signing mode.
  5. Confirm anchor exists on-chain and matches schemaId, dataType, window, and payloadHash.
  6. Read ScoreRegistry for provider score at or near the anchor block.
  7. Verify the gateway receipt signature.
  8. If settlement.mode is EPOCH_BATCHED, record epochId and usageId for later reconciliation.

If any step fails, treat the response as invalid.

Trust tiers

  • Tier A (Provider-Signed / Model 1): provider signs the DataPackage.
  • Tier B (Adapter-Attributed / Model 2 bootstrap): adapter signs and anchors; provider is attributed.

Recommended policy:

  • Require Tier A for higher assurance use cases.
  • Allow Tier B only with stricter minimum scores or redundancy.

Example TypeScript pseudocode

import { verifyAttestedResponse } from '@olympnetwork/verifier';

const result = await verifyAttestedResponse(adr, {
  trustPolicy: { requireTierA: true, minScoreScaled: 800000 },
  verifyGatewayReceipt: true,
});

if (!result.ok) {
  throw new Error(result.errors.join(', '));
}

Integration patterns

  • Pull latest: request the latest ADR for a data type and verify each response.
  • Polling cache: cache verified ADRs locally and revalidate anchors on TTL boundaries.
  • Streaming/WebSocket: if supported, verify each message exactly once.

Security notes

  • Enforce replay protection when sending paid requests (nonce + timestamp).
  • Pin anchors by block number or tx hash in audit logs for reproducibility.
  • If providers conflict, prefer Tier A data and use on-chain scores to resolve.

Disclaimers

Verification outcomes are variable and depend on on-chain state and payload integrity. No guarantees. Not investment advice.