Skip to content

Verify it yourself

The claims on this site are only worth anything if you can check them without us. You can. Verification reads only the agent's public key (published in the repository) and the files on disk — no network, no CA, no server.

Re-verify the whole bundle

After a run, re-check every signature and proof from scratch:

python3 tools/verify_all.py

It re-runs, offline, against the files on disk:

verifying against agent did:keri:EGzTx1qYsWORqHvioyFjXLNMEfByq_ox8xEaJTfwHGG2

  [ok ] verdict   verdict-9f9933de0283.json
  [ok ] dsse      dsse-verdict-9f9933de0283.json
  [ok ] witness   every verdict independently cosigned
  [ok ] fresh     16/16 cycles each used a distinct fresh agent
           ↳ bound to OTEL trace 4bf92f3577b3… span 00f067aa0ba9…
  [ok ] include   inclusion-9f9933de0283.json
  [ok ] release   auths-curve-0.1.0.tar.gz

ALL VERIFIED (offline)

Each line is a real re-computation:

Check Confirms
verdict / dsse the agent's signature over the exact verdict bytes
witness an independent second key cosigned every verdict
fresh each cycle used a distinct, freshly-minted agent
include the receipt is provably in the append-only transparency log
release the release signature binds the bytes on disk

Don't take verification's word for it either — break something

The fastest way to trust a verifier is to watch it reject a forgery. Change one byte of any attestation and re-run:

# tamper with a signed verdict, then re-verify
sed -i '' 's/"gate": "OK"/"gate": "NO"/' attestations/dsse-verdict-*.json
python3 tools/verify_all.py        # → VERIFICATION FAILED

A mutated verdict, a swapped signature, a forged inclusion proof, or a witness that is really the signer — each fails, loudly. That is the design: the repository, and nothing else, is the root of trust.

Re-run the gate

The verdicts themselves are re-checkable. Run the gate the way CI does:

python3 ../recurve/recurve --config recurve.toml matrix --gate
holding 16 · regressions 0 · broken 0
traps: 16/16 counterexamples still RED
GATE OK

Sixteen claims GREEN, and every one of their counterexamples still RED — proof each check is able to fail, so a GREEN is meaningful.

Re-run the enforcement

And the merge-gate that turns proof into policy:

python3 tools/ci_merge_gate.py     # exit 0 = allow, exit 1 = block

The trust model, in one line

You trust a public key you pin and the math — standard signatures and a Merkle log. You do not trust any server to be up, any platform to be honest, or the agent's own word that it passed. Anyone with the repository can confirm every claim on this site, offline, in the commands above.