Every Provenance report ships with a signed manifest: input hash, output hash, a timestamp anchored to a public entropy beacon, and an Ed25519 signature from an independent physical witness. Anyone you hand the report to verifies it in their own browser — no account, no tooling, no calling us. Built for legal, financial, and regulated workflows where “we ran it through a model” needs to survive discovery.
This page demonstrates the claim by proving itself. The manifest below is the signed record of this site's own deploy — including the bytes of the page you are reading.
manifest: /attest/site/latest.json · reproduce offline: attest/verify.sh
Signing rides alongside your existing pipeline. Nothing about how you produce reports changes; what changes is what you can hand to an inspector.
Your reports are produced however you produce them today. At delivery time, the inputs and outputs are hashed — the content itself never leaves your custody.
An independent, separately controlled witness device reads the current public beacon pulse and signs the record against it. The witness shares no infrastructure with the systems producing the reports.
The manifest is published at a stable URL. Counsel, auditors, and counterparties verify the signature in their own browser against a public, pinned Ed25519 key — in seconds, without contacting us.
Opposing counsel claims your AI analysis was retrofitted post-hoc. Hand them a signed manifest, an immutable timestamp on the public beacon, and a witness pubkey they can verify from their laptop.
Deployer log retention demands “we used model X on data Y at time Z” kept for ≥6 months. Provenance answers it cryptographically — a checked box, not a paragraph. Article 13 documentation and human-oversight obligations are organizational deliverables; Provenance covers the log-retention slice.
SEC, FCA, internal risk. “Prove the AI was used correctly, not after the fact.” Signed timestamps from a witness you don't control. The auditor verifies it in their browser; no audit log to argue about.
Intelligence and journalism workflows where the source matters. “Yes that's our analysis, here's proof of when it was generated. Verify it yourself.” The deepfake era's antibody.
attest|v1|inner_digest|pulse_id|value_hex|witnessed_atcrypto.subtle.verify
We never claim zero trust. We claim minimal, explicit, one-time trust: pin the witness key once — out of band, from the public repo — and verify everything after, forever, without us in the loop.
This button verifies a real, rotating attestation: the entropy beacon's latest signed physics frame. Your browser fetches the manifest, re-derives the artifact hash, and checks the witness signature — if the frame has rotated past the signed one, the proof reports that honestly.
No JavaScript? Fetch /entropy/frame/latest.attestation.json and
reproduce every check offline with attest/verify.sh from the
public site repo.
We shipped this in production. A 30-day commercial engagement ran its client deliverables through the witness chain — signed manifests, public verification pages. Closed 2026-05-12, paid in full. The witness infrastructure has signed the public beacon's observations continuously since April 2026, and the page you are reading is published through the same discipline: a signed deploy manifest, checked against the served bytes in your browser.
attest/verify.sh,
which reproduces every check offline from the manifest and the pinned keys.fleet0.pub.pem (artifact witness,
pk_fp cac5f21a70564aeb) ·
site_deploy.pub.pem (deploy signer,
pk_fp 7b4391d64aecb9ac). Both pinned in this site's verifier;
compare out of band against the public repo.
/witness/fleet0/latest — the witness signs each beacon pulse it observes; this is the most recent.
/entropy/pulse — append-only, published every ~2 s; the anchor every Provenance manifest binds against. The clock in the nav is reading it now.
/entropy/pulse/log — recent pulses with their prev_hash chain. Walk the chain in one request.