Witness Model

Architecture

A witness is a service provider that issues cryptographic signatures over well-defined data objects. Witness statements may cover block identifiers, state roots, transaction inclusion claims, or application-specific data hashes.

Witnesses do not provide cryptographic proofs of correctness. Instead, they provide signed attestations that can be verified by the client using the witness’s public key. The client validates the signature, the witness identity, and the structure of the attested data.

Clients may query one or multiple witnesses for the same information. Trust assumptions can be reduced by requiring matching attestations from multiple independent witnesses or by enforcing threshold rules.

Witness identities are explicit and enumerable. Clients decide which witnesses are acceptable and how many attestations are required. Trust decisions are therefore explicit and configurable at the client level.

The Witness Protocol specifies the structure and verification of witness statements but does not define how witnesses obtain their information. Responsibility for correctness is bound to the witness identity and its signature.