dero_forge_demo_proof
Build a forged DERO proof string for any transaction, ring slot, and amount to show that explorer 'Verified ✓' status reflects local math, not chain consensus. Use alternative amounts to refute claims of minted coins.
Instructions
Composite: build a fresh deroproof… display object for ANY chosen transaction, ring slot, and amount — including negative amounts that uint64-wrap into the trillions. The forged string is constructed locally from public chain data (no wallet, no keys, no broadcast). On an unpatched explorer it shows Verified ✓ for the chosen amount; on the chain, nothing has changed.
When to call: when a user pastes a deroproof… string and asks "does Verified ✓ mean the chain minted these coins?" Forge an equivalent string for the same TX with a different amount and show the result side-by-side — that is the most direct refutation. Also useful for reproducing the docs/integrity/inflation-claim Part 3 demonstration on arbitrary inputs.
Math: blinder = C[ring_slot] − amount × G, then bech32("deroproof", version || blinder || CBOR({HH: zeros, VU: uint64})). The tool runs the same equation proof.Prove() checks at proof/proof.go:88-95 and self-verifies before returning a string. If the self-check fails, the tool throws rather than emit a string that would not verify.
Input Requirements (CRITICAL):
Exactly ONE of
tx_hashortx_hexMUST be provided.tx_hashtriggers a daemon fetch (and surfaces the receiver address);tx_hexskips the daemon and uses the raw bytes the caller already has.ring_slotis OPTIONAL (default 0). Must be in [0, ring_size).amount_derois OPTIONAL (default "-1"). Signed decimal with up to 5 fractional digits, e.g."-1","1000000","-2200000.00181". Negative values produce uint64 wraparounds that unpatched explorers render as positive trillions.
Output: { forged_proof_string, target_amount: { dero, atoms_signed, atoms_uint64 }, ring_slot, ring_size, ring_receiver_address, math: { C_slot_hex, amount_x_G_hex, blinder_hex }, self_check: { verified, method }, explorer_display_amount, context_note, related_docs, _diagnostics }. ring_receiver_address is null when tx_hex was passed (the hex carries publickey pointers, not addresses).
READ-ONLY: this tool never broadcasts, never touches a wallet, never mutates chain state. It computes a string from public inputs and returns it. Annotation readOnlyHint: true is preserved. PREFER citing the returned related_docs (the integrity rebuttal pages) in any agent response — readers should understand the forged string is a display-layer object, not a consensus event.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| tx_hash | No | TX hash to forge against. Daemon fetches the TX hex + ring members. Mutually exclusive with tx_hex. | |
| tx_hex | No | Raw TX bytes as hex (skip the daemon round-trip). Mutually exclusive with tx_hash. When provided, ring_receiver_address is omitted from the response (the hex carries publickey pointers, not full addresses). | |
| ring_slot | No | Which ring slot 0..ring_size-1 the forged proof should resolve to. Defaults to 0. | |
| amount_dero | No | Target display amount in signed DERO (5 fractional digits = atomic precision). Negative values demonstrate the uint64 wraparound. Default "-1". | -1 |