Skip to content
Oris Docs
Sign in Get API Key

L6 Verifier

L6 LIVE on Base Sepolia + api.useoris.xyz

L6 is the verifier. It is the read surface for every payment rail. The verifier takes a Compliance Bundle and returns a signed allow or deny verdict. Both an HTTP service and a Solidity reference implementation are live.

What it does

Given a bundle, a tx_intent, and a signer_pubkey, the verifier:

  1. Hashes the canonical bytes and checks the Ed25519 signature against signer_pubkey.
  2. Loads the current L5 revocation roots (Tier 1 + Tier 2) from cache.
  3. Verifies the non-membership proof against the recorded root.
  4. Checks the nonce against the replay-protection window (30 s default).
  5. Checks tx_intent.expires_at is still in the future.
  6. Dispatches on proof_type (0x01 Ed25519 today).
  7. Returns a verdict signed by the verifier’s own Ed25519 key.

The verdict is itself signed. A network can cache it. Downstream replay against a cached pubkey is a single Ed25519 check, no network call.

HTTP API

POST  https://api.useoris.xyz/verify/bundle
GET   https://api.useoris.xyz/verify/pubkey

POST /verify/bundle accepts:

{
  "bundle_hex": "0x...",
  "tx_intent_hex": "0x...",
  "signer_pubkey_hex": "0x..."
}

Returns:

{
  "allow": true,
  "reason_code": "OK",
  "bundle_hash": "0x...",
  "verifier_signature": "0x...",
  "verifier_pubkey": "0x..."
}

reason_code enumerates the failure modes: OK, SIGNATURE_INVALID, REVOKED_TIER_1, REVOKED_TIER_2, NONCE_REPLAYED, EXPIRED, POLICY_DENY, SANCTIONS_HIT, RISK_TIER_BLOCKED, BUNDLE_MALFORMED.

GET /verify/pubkey returns the verifier’s Ed25519 pubkey for offline verdict verification. Cache it. The pubkey rotates only on key-rotation events.

Solidity verifier

OrisComplianceVerifier  Base Sepolia
0xD0aCf4a873C5bBEA4296958C27c1eA652D98fA5C  (block 42019099)

The Solidity contract is the on-chain reference implementation. It accepts the same bundle bytes and returns a structured verdict. A network can route through HTTP or directly to the contract.

Latency

StepBudget
Bundle canonicalize + hash1 ms
Ed25519 signature check1 ms
Revocation roots fetch (Redis-cached)< 1 ms
Non-membership proof verify5 ms
Nonce + expiry check< 1 ms
Verdict signing1 ms
p95 total< 18 ms

Hot path is fully in-memory. No database call. The roots cache is invalidated when a new root commits on L5.

Verdict structure

Verdict {
  allow:               bool
  reason_code:         string    // see enumeration above
  bundle_hash:         bytes32   // keccak256(canonical_bytes)
  verifier_signature:  bytes     // Ed25519 over (allow, reason_code, bundle_hash)
  verifier_pubkey:     bytes     // Ed25519 pubkey
  evaluated_at:        u64
}

The verdict signs only (allow, reason_code, bundle_hash). A network can store the verdict next to the transaction and any auditor can replay the Ed25519 check.

SDK example

from oris.protocol import OrisProtocol


p = OrisProtocol(network="base-sepolia")


pubkey = p.verifier.get_pubkey()
verdict = p.verifier.verify(
    bundle_bytes_hex=bundle.canonical_bytes_hex,
    tx_intent_hex=bundle.tx_intent_hex,
    signer_pubkey_hex=agent.pubkey_hex,
)


if not verdict.allow:
    raise RuntimeError(f"deny: {verdict.reason_code}")


# Offline: confirm the verdict's signature against the cached pubkey
ok = p.verifier.verify_response_signature(verdict, pubkey.pubkey_hex)
assert ok

Self-hosting

The verifier is open source. A network operator can run the same binary inside their own perimeter. The contract is bytecode-compatible with the Solidity reference. Self-hosted verifiers fetch the verifier pubkey once at startup and verify everything else in memory.

Where to go next