HashVerificationStrategy

Overview

The HashVerificationStrategy verifies data integrity by comparing SHA-256 hashes of fetched data against trusted gateway digest headers. This strategy provides fast, cryptographically secure verification for high-throughput applications.

Important

Verification methods require that the gateway being used has the relevant transaction data indexed locally. Gateways cannot proxy out verification requests to other sources, as this would compromise the security and reliability of the verification process. If a gateway doesn't have the required data indexed, verification will fail.

How It Works

  1. Fetch Data: Retrieve content from the selected gateway
  2. Compute Hash: Calculate the SHA-256 hash of the received data
  3. Request Digest: Get the digest from trusted gateways via HTTP headers using HEAD/GET requests
  4. Compare: Verify that both hashes match exactly
  5. Result: Pass or fail based on hash comparison

Configuration

Basic Usage

import { HashVerificationStrategy } from '@ar.io/wayfinder-core'

const strategy = new HashVerificationStrategy({
  trustedGateways: [new URL('https://arweave.net')],
})

Advanced Configuration

const strategy = new HashVerificationStrategy({
  trustedGateways: [
    new URL('https://arweave.net'),
    new URL('https://permagate.io'),
  ],
  maxConcurrency: 2, // Process multiple gateway requests concurrently
  logger: customLogger, // Optional custom logger
})

Parameters

← Swipe to see more →
ParameterTypeDefaultDescription
trustedGatewaysURL[]RequiredArray of trusted gateway URLs for hash comparison
maxConcurrencynumber1Maximum number of concurrent requests to gateways
loggerLoggerdefaultLoggerCustom logger instance for debugging
← Swipe to see more →

Integration Examples

With Wayfinder

import { Wayfinder, HashVerificationStrategy } from '@ar.io/wayfinder-core'

const wayfinder = new Wayfinder({
  gatewaysProvider: gatewaysProvider,
  verificationSettings: {
    enabled: true,
    strategy: new HashVerificationStrategy({
      trustedGateways: [new URL('https://arweave.net')],
    }),
    strict: true,
  },
})

// Verification happens automatically
const response = await wayfinder.request('ar://transaction-id')
const data = await response.text()

With Event Monitoring

const wayfinder = new Wayfinder({
  gatewaysProvider: gatewaysProvider,
  verificationSettings: {
    enabled: true,
    strategy: new HashVerificationStrategy({
      trustedGateways: [new URL('https://arweave.net')],
    }),
    events: {
      onVerificationSucceeded: (event) => {
        console.log('✅ Hash verification passed:', {
          txId: event.txId,
        })
      },
      onVerificationFailed: (error) => {
        console.error('❌ Hash verification failed:', {
          error: error.message,
        })
      },
    },
  },
})

Standalone Usage

const strategy = new HashVerificationStrategy({
  trustedGateways: [new URL('https://arweave.net')],
})

// Manual verification
try {
  await strategy.verifyData({
    data: dataBuffer,
    txId: 'transaction-id',
  })
  console.log('Verification passed!')
} catch (error) {
  console.error('Verification failed:', error.message)
}

How Digest Fetching Works

The strategy uses a sophisticated approach to get digest headers from trusted gateways:

  1. HEAD Request: First tries a HEAD request to get the digest header
  2. GET Request: If HEAD fails, performs a GET request to hydrate the gateway's cache
  3. Second HEAD Request: Makes another HEAD request to get the cached digest
  4. Sandbox URLs: Uses subdomain sandboxing for security (e.g., txid.arweave.net)

This ensures that even if a gateway doesn't have the data cached initially, it will fetch and cache it, then provide the digest header.

Use Cases

High-Throughput Applications

Perfect for applications that need fast verification:

const strategy = new HashVerificationStrategy({
  trustedGateways: [new URL('https://arweave.net')],
  maxConcurrency: 3, // Higher concurrency for speed
})

Development and Testing

Quick verification for development environments:

const devStrategy = new HashVerificationStrategy({
  trustedGateways: [new URL('https://arweave.net')],
  logger: debugLogger, // Detailed logging for development
})

Production with Multiple Gateways

Reliable verification with fallback options:

const prodStrategy = new HashVerificationStrategy({
  trustedGateways: [
    new URL('https://arweave.net'),
    new URL('https://permagate.io'),
  ],
  maxConcurrency: 2, // Use multiple gateways concurrently
})

Best Practices

  1. Use Multiple Trusted Gateways: Increases reliability and provides fallback options
  2. Set Appropriate Concurrency: Balance between performance and gateway load
  3. Monitor Verification Events: Track success rates and failure reasons
  4. Handle Network Failures: Implement proper error handling for gateway requests
  5. Use Reputable Gateways: Choose gateways with reliable data indexing and caching

Comparison with Other Strategies

← Swipe to see more →
AspectHash VerificationSignature VerificationData Root Verification
SecurityHighVery HighHighest
PerformanceFastestFastSlower
Best ForHigh-throughput applicationsFinancial or legal documentsProduction applications
← Swipe to see more →

The HashVerificationStrategy provides an excellent balance of security and performance, making it ideal for most applications that need fast, reliable data integrity verification.

Was this page helpful?