pow-attest test vectors

Deterministic inputs and expected outputs for every cryptographic construction

All inputs are fixed constants. Reproduce with any sha256 implementation to verify a client or integration.

1. Proof-of-Work

Format: sha256(challenge + nonce) — direct concatenation, no separator. Output must have 18 leading zero bits (4.5 hex nibbles).

challenge = "a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4"
nonce     = "122778"
input     = "a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4122778"
sha256    = 0000260f25c541583b8065698fe685375e15f02604aa5363d35285eb7911dd6e
                  ↑ 18 leading zero bits (first 4 nibbles = 0, 5th nibble 0x2 ≤ 0b0011)

Verify: echo -n "a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4122778" | sha256sum

2. Dead man's switch outcome hashes

Construction: sha256(TAG_BYTES + switch_id_bytes + ascii_decimal_timestamp_bytes)

switch_id = "550e8400-e29b-41d4-a716-446655440000"
timestamp = 1700000000  (Unix seconds)

ALIVE outcome = sha256("ALIVE" + switch_id + str(timestamp))
             = eeeafdcee5cbe81171106e687a9036a443d118c3b7006084f10b5c5034f395d7

DEAD outcome  = sha256("DEAD" + switch_id + str(timestamp))
             = 9f38ce383c2e97413bc2b37987937967471aac1c163c20c3975e914183969b81

Input	Value
tag (ALIVE)	41 4c 49 56 45
switch_id	550e8400-e29b-41d4-a716-446655440000
timestamp	1700000000 → "1700000000"
ALIVE sha256	eeeafdcee5cbe81171106e687a9036a443d118c3b7006084f10b5c5034f395d7
DEAD sha256	9f38ce383c2e97413bc2b37987937967471aac1c163c20c3975e914183969b81

3. Bug bounty released outcome hash

Construction: sha256("RELEASED" + bounty_id) — no timestamp; the release event is the condition.

bounty_id = "6ba7b810-9dad-11d1-80b4-00c04fd430c8"

RELEASED outcome = sha256("RELEASED" + bounty_id)
                 = 6ad09a223172420d37ad3512cfa6367ec3dbf4fe38249ee16786202411dec2ad

4. Check-in signature message

The owner proves liveness by signing sha256(switch_id + str(bucket_ts)) with BIP-340 Schnorr. Bucket = floor(unix_seconds / 600) * 600 — 10-minute windows prevent replay while tolerating clock skew.

switch_id = "550e8400-e29b-41d4-a716-446655440000"
bucket_ts = 1700000000  (= floor(1700000000 / 600) * 600)

sig_message = sha256(switch_id + str(bucket_ts))
            = 4c3c748a5dcbd4f47ec022d2f09d709a52da53bfde89b59a2ffbc08883770b70

Sign this 32-byte digest with BIP-340 Schnorr using your owner_pubkey private key.

5. Oracle pubkey

2bc78390c94d8bbb96ac3e6940462ba2812418d871e701c1a845fdb1dfd4a0e5

x-only (BIP-340). All attestations are verifiable offline against this key with schnorr.verify(sig, outcome_hash, oracle_pubkey).

Node.js verification snippet

const crypto = require('crypto');

// Reproduce all vectors above
const SWITCH_ID = '550e8400-e29b-41d4-a716-446655440000';
const BOUNTY_ID = '6ba7b810-9dad-11d1-80b4-00c04fd430c8';
const TIMESTAMP = 1700000000;

// PoW: sha256(challenge + nonce), no separator
const pow = crypto.createHash('sha256')
  .update('a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4' + '122778').digest('hex');

const alive = crypto.createHash('sha256')
  .update('ALIVE').update(SWITCH_ID).update(String(TIMESTAMP)).digest('hex');
const released = crypto.createHash('sha256')
  .update('RELEASED').update(BOUNTY_ID).digest('hex');
const checkin = crypto.createHash('sha256')
  .update(SWITCH_ID).update(String(TIMESTAMP)).digest('hex');

console.assert(pow      === '0000260f25c541583b8065698fe685375e15f02604aa5363d35285eb7911dd6e');
console.assert(alive    === 'eeeafdcee5cbe81171106e687a9036a443d118c3b7006084f10b5c5034f395d7');
console.assert(released === '6ad09a223172420d37ad3512cfa6367ec3dbf4fe38249ee16786202411dec2ad');
console.assert(checkin  === '4c3c748a5dcbd4f47ec022d2f09d709a52da53bfde89b59a2ffbc08883770b70');
console.log('all vectors match');

pow-attest — manifest — PowForge