microsoft · maxtropets · Mar 5, 2026 · Mar 4, 2026 · Mar 4, 2026 · Mar 4, 2026
@@ -9,6 +9,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 [7.0.0-dev12]: https://github.com/microsoft/CCF/releases/tag/ccf-7.0.0-dev12
 
+### Added
+
+- Added `ccf::describe_cose_receipt(receipt)` to produce a complete COSE receipt from a `TxReceiptImpl`, combining signature and merkle proof.
+
 ### Changed
 
 - Refactored the user facing surface of self-healing-open and local sealing. The whole feature is now `sealing-recovery` with `self-healing-open` now referred to as the `recovery-decision-protocol`. (#7679)

@@ -161,6 +161,10 @@ namespace ccf
   std::optional<SerialisedCoseSignature> describe_cose_signature_v1(
     const TxReceiptImpl& receipt);
 
+  using SerialisedCoseReceipt = std::vector<uint8_t>;
+  std::optional<SerialisedCoseReceipt> describe_cose_receipt(
+    const TxReceiptImpl& receipt);
+
   // Manual JSON serializers are specified for these types as they are not
   // trivial POD structs
 

@@ -2143,41 +2143,23 @@ namespace loggingapp
       auto get_cose_receipt = [](
                                 ccf::endpoints::ReadOnlyEndpointContext& ctx,
                                 ccf::historical::StatePtr historical_state) {
-        auto historical_tx = historical_state->store->create_read_only_tx();
-
         assert(historical_state->receipt);
-        auto signature = describe_cose_signature_v1(*historical_state->receipt);
-        if (!signature.has_value())
-        {
-          ctx.rpc_ctx->set_error(
-            HTTP_STATUS_NOT_FOUND,
-            ccf::errors::ResourceNotFound,
-            "No COSE signature available for this transaction");
-          return;
-        }
-        auto proof = describe_merkle_proof_v1(*historical_state->receipt);
-        if (!proof.has_value())
+        auto cose_receipt =
+          describe_cose_receipt(*historical_state->receipt);
+        if (!cose_receipt.has_value())
         {
           ctx.rpc_ctx->set_error(
             HTTP_STATUS_NOT_FOUND,
             ccf::errors::ResourceNotFound,
-            "No merkle proof available for this transaction");
+            "No COSE receipt available for this transaction");
           return;
         }
 
-        constexpr int64_t vdp = 396;
-        auto inclusion_proof = ccf::cose::edit::pos::AtKey{-1};
-
-        ccf::cose::edit::desc::Value desc{inclusion_proof, vdp, *proof};
-
-        auto cose_receipt =
-          ccf::cose::edit::set_unprotected_header(*signature, desc);
-
         ctx.rpc_ctx->set_response_status(HTTP_STATUS_OK);
         ctx.rpc_ctx->set_response_header(
           ccf::http::headers::CONTENT_TYPE,
           ccf::http::headervalues::contenttype::COSE);
-        ctx.rpc_ctx->set_response_body(cose_receipt);
+        ctx.rpc_ctx->set_response_body(*cose_receipt);
       };
       make_read_only_endpoint(
         "/log/public/cose_receipt",

@@ -3,6 +3,7 @@
 
 #include "ccf/historical_queries_adapter.h"
 
+#include "ccf/crypto/cose.h"
 #include "ccf/historical_queries_utils.h"
 #include "ccf/rpc_context.h"
 #include "ccf/service/tables/service.h"
@@ -253,6 +254,28 @@ namespace ccf
   {
     return receipt.cose_signature;
   }
+
+  std::optional<SerialisedCoseReceipt> describe_cose_receipt(
+    const TxReceiptImpl& receipt)
+  {
+    auto signature = describe_cose_signature_v1(receipt);
+    if (!signature.has_value())
+    {
+      return std::nullopt;
+    }
+
+    auto proof = describe_merkle_proof_v1(receipt);
+    if (!proof.has_value())
+    {
+      return std::nullopt;
+    }
+
+    constexpr int64_t vdp = 396; // inclusion-proofs label (draft-ietf-cose-merkle-tree-proofs)
+    auto inclusion_proof = ccf::cose::edit::pos::AtKey{-1};
+    ccf::cose::edit::desc::Value desc{inclusion_proof, vdp, *proof};
+
+    return ccf::cose::edit::set_unprotected_header(*signature, desc);
+  }
 }
 
 namespace ccf::historical