Verifiable evidence surface

Latest Audit Run Archive Verify Proof

Verification

Verify it yourself.

Signed certificates, hash-chained logs, and preserved run archives.

Latest audit

Current verification surfaces

Human-readable

Latest audit

Human-readable audit certificate.

Open latest-audit.html

Archive

Run archive

Complete PASS and FAIL run history.

Open run archive

Raw artefact

Raw signed JSON

Cryptographically signed certificate.

Open latest-audit.json

Offline verification

Verify outside the served interface

Requires the repo or installed package.

verify_certificate.py

curl -s https://raw.githubusercontent.com/SDL-HQ/sir-firewall/main/proofs/latest-audit.json | python3 tools/verify_certificate.py

Expected output

OK: Certificate signature valid and payload_hash matches.

How it works

What a verifiable run binds together

Test suite binding

A run binds to a test suite through the suite hash.

Policy binding

A run binds to a policy configuration through the policy hash or version.

Log trail

A run produces an immutable log trail through the final ITGL hash.

Offline-checkable certificate

The published certificate is cryptographically signed and can be verified offline.

Verification resources

Core supporting surfaces

Repository

SIR repository

Full source code and documentation.

Public key

Public key

SDL public key for certificate verification.

Tooling

Verifier script

Python script to verify certificates offline.