#Concepts — S vs X

ULDA introduces linear authentication: every new signature proves it is the immediate successor (or near-successor) of the previous one.

#ULDA-S (Skippable)

• Construction: for each block i, compute hash^i(block_i); store the intermediate digests along the triangle.
• Gap tolerance: can verify across a gap g where 1 ≤ g ≤ N−1 by applying g extra hashes along the diagonal.
• When to use: unreliable or delayed channels (email hops, IoT uplinks, async pipelines).

#ULDA-X (Strict)

• Construction: at depth d, hash concatenations of neighbours: hash(block_i || block_{i+1}), forming a shallow tree.
• Gap tolerance: none; verification only succeeds when the new generation is exactly k+1.
• When to use: strictly sequential and reliable channels (TLS, SSH, WebSocket).

#Shared properties

• Same on-wire size for Origin and Signature.
• Verifier only keeps the last valid signature (“state-light”).
• No secrets required by the verifier; the authenticity is proven by structure.

Rule of thumb: Start with S if delivery guarantees are unclear; switch to X when you control the transport and want constant-cost verification.