Attesto

Proof of Evolution

Nova, IVC, and lifecycle state

Proof of Evolution is the async Attesto 2.0 lane for proving lifecycle state transitions over committed checkpoint metadata. It does not sit in the hot ingest path and does not block receipts.

Overview

Proofstream creates the evidence history first. The Proof of Evolution lane then takes checkpoint ranges, policy digests, incident/gap state, and previous lifecycle state roots and produces a new committed state root for the next epoch.

Nova and IVC

Nova is used as the research direction for incrementally verifiable computation through folding schemes. In Attesto, the practical goal is to prove lifecycle state evolution over evidence commitments, not to put large AI workloads directly inside the ingest path.

State roots and public inputs

{
  "previous_state_root": "sha256-hex",
  "checkpoint_root": "sha256-hex",
  "policy_digest": "sha256-hex",
  "gap_state": "none",
  "quorum_state": "satisfied",
  "next_state_root": "sha256-hex"
}

Evolution chain

Each IVC epoch references the previous state root and the checkpoint range it summarizes. A verifier can inspect the evolution chain as a sequence of state transitions over evidence commitments.

Claim boundaries

Current production language is “designed for lifecycle proofing.” Stronger statements about externally reviewed cryptographic security remain unavailable until an external applied-cryptography review is completed and linked from the public trust material.

Current circuit limitation

The first attesto.lifecycle.v1 Nova relation proves an arithmetic transition: the same Pallas-field addition used by the backend lifecycle state-root function. It does not yet prove inside Nova that a checkpoint root was produced by the Proofstream checkpoint algorithm, that a configured witness quorum such as 2-of-3 was really satisfied, or that policy and incident/gap state were derived from approved lifecycle evidence.

Those checks are enforced today by the Proofstream verifier, witness policy engine, offline verifier corpus, and production readiness gates outside Nova. The successor target is a reviewed Poseidon-style circuit-friendly hash transition over the same field, with matching Rust circuit, backend, SDK, golden-vector, verifier, benchmark, and external-review evidence.