Glossary

Stay organized with collections Save and categorize content based on your preferences.

This glossary contains specific definitions and context of the technical terms around Binary Transparency.

General Terms

Log checkpoint: The commitment from a verifiable data structure to its contents.

Log entry: A record in the transparency log. Every log entry corresponds to a new leaf in the Merkle tree.

Log inclusion proof: A cryptographic check that proves that an entry exists within a transparency log.

Log payload: The content of a log entry.

Merkle tree: A data structure that accommodates the construction of a transparency log.

Transparency log: A public-facing, append-only log that has strong authenticity guarantees, constructed using a Merkle tree. Importantly, this log is tamper-evident.

Verifier: Someone, or a process, who verifies a claim. There can be different verifiers for different claims.

Witness: A process run by someone other than the log operator to regularly verify the consistency of the log checkpoint, as assurance that the log has grown in an append-only way.

Pixel Specific Terms

Build: A build refers to a particular firmware version or release that has a corresponding identifier.

Factory Image: A collection of binary image files that can be flashed directly onto your Pixel devices to restore to original factory firmware. This includes all releases for various monthly updates.

Firmware: Code or software that runs throughout the boot process up till the level of Operating Systems.

System Image: A specific binary image file typically named system.img.

VBMeta: Stands for Verified Boot Metadata. This is a cryptographically signed data structure that captures various metadata about the collection of binary images within a factory image for a particular build or device.

VBMeta digest: A cryptographically bound composite digest of various binary images within a factory image. This value is not to be confused with directly computing a cryptographic hash of VBMeta.