Elydora Epoch Root (EER)
The EER is a periodic Merkle root that anchors all operations within a time window into a single verifiable hash, signed by Elydora.
Structure
| Field | Type | Required | Description |
|---|---|---|---|
| epoch_id | string | Yes | Unique identifier for this epoch. |
| org_id | string | Yes | Organization identifier. |
| start_time | string | Yes | ISO 8601 start of the epoch time window. |
| end_time | string | Yes | ISO 8601 end of the epoch time window. |
| leaf_count | number | Yes | Number of operations included in this epoch. |
| root_hash | string | Yes | SHA-256 Merkle root of all operation hashes in the epoch. |
| hash_alg | string | Yes | Hash algorithm used. Currently SHA-256. |
| signature_by_elydora | string | Yes | Ed25519 signature by Elydora over the epoch root. |
Example EER
json
{
"epoch_id": "epoch_001",
"org_id": "org_acme",
"start_time": "2026-02-28T00:00:00Z",
"end_time": "2026-02-28T06:00:00Z",
"leaf_count": 1247,
"root_hash": "sha256:merkle_root_abc123...",
"hash_alg": "SHA-256",
"signature_by_elydora": "base64:elydora-epoch-sig..."
}Merkle Tree Construction
The Merkle tree is built from the receipt hashes of all operations submitted during the epoch window:
- Leaves are the receipt_hash values from each EAR, sorted by seq_no.
- Internal nodes are computed as SHA-256(left || right).
- If the leaf count is odd, the last leaf is duplicated to complete the tree.
Verification
To verify that a specific operation is included in an epoch:
- Obtain the operation's EAR and its receipt_hash
- Request a Merkle proof from the API
- Recompute the root hash using the proof path
- Compare with the EER's root_hash
- Verify Elydora's signature over the epoch root using the JWKS
Epoch Timing
Epochs are closed on a configurable schedule (default: every 6 hours). The epoch boundary is based on server_received_at timestamps, not client-side issued_at.