Verification results - Amazon Quantum Ledger Database (Amazon QLDB)
Using a proof to recalculate your digest

Verification results

This section describes the results returned by an Amazon QLDB data verification request on the AWS Management Console. For detailed steps on how to submit a verification request, see Step 2: Verifying your data in QLDB.

On the Verification page of the QLDB console, the results of your request are displayed in the Verification results card. The Proof tab shows the contents of the proof returned by QLDB for your specified document revision and digest. It includes the following details:

  • Revision hash – The SHA-256 value that uniquely represents the document revision that you're verifying.

  • Proof hashes – The ordered list of hashes provided by QLDB that are used to recalculate the specified digest. The console starts with the Revision hash and sequentially combines it with each proof hash until it ends with a recalculated digest.

    The list is collapsed by default, so you can expand it to reveal the hash values. Optionally, you can try the hash calculations yourself by following the steps as described in Using a proof to recalculate your digest.

  • Digest calculated – The hash that resulted from the series of Hash calculations that were done on the Revision hash. If this value matches your previously saved Digest, the verification is successful.

The Block tab shows the contents of the block that contains the revision you're verifying. It includes the following details:

  • Transaction ID – The unique ID of the transaction that committed this block.

  • Transaction time – The timestamp when this block was committed to the strand.

  • Block hash – The SHA-256 value that uniquely represents this block and all of its contents.

  • Block address – The location in your ledger's journal where this block was committed. An address has the following two fields:

    • Strand ID – The unique ID of the journal strand that contains this block.

    • Sequence number – The index number that specifies the location of this block within the strand.

  • Statements – The PartiQL statements that were performed to commit entries in this block.

    Note

    If you run parameterized statements programmatically, they're recorded in your journal blocks with bind parameters instead of the literal data. For example, you might see the following statement in a journal block, where the question mark (?) is a variable placeholder for the document contents.

    INSERT INTO Vehicle ?

  • Document entries – The document revisions that were committed in this block.

If your request failed to verify the document revision, see Common errors for verification for information about possible causes.

Using a proof to recalculate your digest

After QLDB returns a proof for your document verification request, you can try doing the hash calculations yourself. This section describes the high-level steps to recalculate your digest using the proof that is provided.

First, pair your Revision hash with the first hash in the Proof hashes list. Then, do the following steps.

  1. Sort the two hashes. Compare the hashes by their signed byte values in little-endian order.

  2. Concatenate the two hashes in sorted order.

  3. Hash the concatenated pair with an SHA-256 hash generator.

  4. Pair your new hash with the next hash in the proof and repeat steps 1–3. After you process the last proof hash, your new hash is your recalculated digest.

If your recalculated digest matches your previously saved digest, your document is successfully verified.

For a step-by-step tutorial with code examples that demonstrate these verification steps, proceed to Tutorial: Verifying data using an AWS SDK.