Documentation Index
Fetch the complete documentation index at: https://mintlify.com/Centurylong/sanctifier/llms.txt
Use this file to discover all available pages before exploring further.
sanctifier attest generates a cryptographic attestation that a contract scan passed a minimum security score threshold — without revealing the exact score or the full findings report. The proof is built on Bulletproofs range proofs (no trusted setup required) and is bound to the precise scanner version, vulnerability ruleset, and source code that was analyzed. A third party can verify the attestation with nothing more than the artifact file and the sanctifier binary.
Usage
Arguments and options
Path to the contract directory or a single
.rs file to scan and attest.
Ignored when --verify is provided.Minimum security score (0–100) the scan must reach to produce an
attestation. The score is computed by penalizing findings by severity:
critical findings cost 40 points each, high findings cost 15, medium cost 6,
and low cost 2. A clean scan (no findings) scores 100.If the scan falls below the threshold, Sanctifier exits with code
1 and
writes no artifact.Write the attestation artifact to this file path. When omitted the artifact
is printed to stdout as JSON.
Path to an existing attestation artifact file. When this flag is present,
Sanctifier verifies the artifact instead of generating one — no scan is run.
The verifier recomputes the statement binding from the artifact’s own
metadata and checks the Bulletproofs range proof against the recorded
commitment.
How zero-knowledge attestation works
The statement Sanctifier proves is: “the (hidden) security score is at least the public threshold”, bound to the exact scanner version, ruleset, and source under analysis.Score the scan
Sanctifier runs the full analysis suite and computes a 0–100 security
score. The source files are hashed into a SHA-256
source_commitment that
binds the attestation to precisely the code that was scanned.Build the statement binding
A binding is computed over
scanner_version || ruleset || source_commitment || threshold. This ensures a proof generated for one scan cannot be
replayed against a different scanner version, ruleset, or threshold.Generate the range proof
A Bulletproofs range proof is generated over
delta = score - threshold.
The Pedersen commitment hides delta (and therefore the exact score) — the
verifier learns only that the threshold was cleared, not by how much.Generating an attestation
Verifying an attestation
Attestation artifact structure
The exact score and per-severity finding counts are intentionally not
included in the artifact. The verifier learns only that
score >= threshold,
which is the zero-knowledge property: compliance is proven without disclosing
internal audit details.Use cases
| Use case | How to use |
|---|---|
| Publish proof of compliance without revealing full findings | Generate with --out attest.json, share the file |
| Third-party audit verification | Share the artifact; auditor runs sanctifier attest --verify |
| CI gate: block deploys below a score threshold | sanctifier attest . --threshold 85 — exits 1 if score is below 85 |
| DeFi protocol partner due diligence | Provide an attestation artifact for each contract version |