🎉 The Pluto SDK is live! Read more →
ReferenceOnchain Verifier Contracts

Onchain Verifier Contracts

Pluto’s onchain verifier contract allows you to verify cryptographic proofs directly on the blockchain. This enables trustless verification of signatures and data integrity in your decentralized applications.

Current Deployment Status: Our verifier is currently only available on testnet. We’re using Base Sepolia testnet (an Ethereum L2).

Contract Address: 0x2d386a1ed0a1d21d6e2b68bdfa480944a316b6ea

Source Code: Verified on Basescan

How It Works

The verification process follows these steps:

  1. Obtain output from the Pluto prover
  2. Format the proof data for onchain verification
  3. Call the verifyNotarySignature function on the contract

Our example GitHub repository provides helper functions to simplify this process:

import { sendProofTx, awaitProofTx } from "../onchain.js";
 
// Proof data received from the prover
onSuccess: async (proofData) => {
  // Send the proof transaction
  const result = await sendProofTx(proofData);
 
  // Wait for transaction confirmation
  const { verified, error } = await awaitProofTx(result);
};

Contract Documentation

Verifier Contract

The main contract responsible for verifying signatures and managing notaries.

contract Verifier is Ownable {
    mapping(address => bool) public isNotary;
    mapping(bytes32 => address) public digests;
 
    // ... error definitions ...
 
    constructor(address notaryAddress) Ownable(msg.sender) {
        isNotary[notaryAddress] = true;
    }
 
    // ... functions ...
}

Key Functions

verifyNotarySignature
function verifyNotarySignature(
    bytes32 digest,
    uint8 v,
    bytes32 r,
    bytes32 s,
    address signer,
    bytes32 manifest,
    bytes32 value
) external returns (bool)

This is the primary function for verifying signatures. It:

  1. Checks if the signer is a registered notary
  2. Verifies the digest is correctly formed from the manifest and value
  3. Recovers the signer address from the signature components (v, r, s)
  4. Ensures the proof hasn’t been used before
  5. Records the proof as used by associating it with the sender’s address

Parameters:

  • digest: The hash of the data that was signed
  • v: The recovery ID (27 or 28)
  • r: The R value of the signature
  • s: The S value of the signature
  • signer: The address that signed the data
  • manifest: The manifest of the data
  • value: The value of the data

Returns:

  • bool: True if verification succeeds
Notary Management

The contract includes functions for managing trusted notaries:

function addNotary(address notaryAddress) external onlyOwner
function removeNotary(address notaryAddress) external onlyOwner

These functions allow the contract owner to add or remove notaries from the trusted list.

Internal Verification
function verify_digest(bytes32 digest, bytes32 manifest, bytes32 value) internal pure returns (bool)

This internal function verifies that the digest is correctly formed as a merkle root of the keccak256 hash of the value and manifest.

Manifest ReferencePlaintext Authentication