Verify — Ledatic

Provenance report

Report —

This URL names a generated report. Its manifest is fetched below and every check re-runs locally: the signed message is rebuilt from the manifest’s own fields, hashed, and each witness signature is verified against keys pinned in this page’s source.

Bring your own

The loader

Feed it any pair: artifact bytes plus the attestation JSON that claims them. Either order, drag or paste. The artifact never leaves your machine — hashing and signature checks run in this tab.

no artifact loaded · drop one or try a sample ▸

files (artifact, attestation JSON, or both)

manifest: none held
artifact: none held — a signature can still be checked over its attested digest

Attestation records on this site end in .attestation.json — here is a real one to inspect. Provenance-report manifests verify here too.

These checks run in your browser — with JavaScript off there is no machine on this page to run them, and this loader stays honestly inert. Offline fallback: attest/verify.sh in the public site repo reproduces every check with openssl. Report manifests are plain JSON at /provenance/manifest/<report_id>.

The sample triad

Meet all three verdicts before trusting any of them

A verifier you have only watched succeed proves nothing. Press all three — the third one is the only red on this site, and it earns it.

/01 · expect green

The current release

The genuine record for the latest Rail compiler binary, signed by the artifact witness when it shipped. The bytes are fetched, re-hashed, and the signature checked — here, by you.

/02 · expect green, older

A record from the archive

recorded 2026-04-28

An attestation signed against beacon pulse p#360,389 still verifies today — that is the point. Age changes nothing about the math; the chain anchor tells you exactly how old it is.

/03 · expect red

The sabotaged copy

not yet run

A copy of /01’s record embedded in this page with one character of the witness signature changed. The bytes hash clean — and the signature collapses. Failure, in a sandbox, on purpose.

Verify the verifier

Who checks the checker?

There is no black box here. The cryptography is your browser’s own WebCrypto; the choreography is one readable JavaScript file served by this site. Both are checkable.

The engine

Hashing and Ed25519 verification call crypto.subtle — code that ships inside your browser and is maintained by its vendor, not by us. We could not alter it if we wanted to.

If your browser lacks an Ed25519 engine, this page says so and refuses to guess — outcomes go to “unverified,” never to green.

The choreography

The module at /_shared/proof-tray.js?v=d46dd7e0 decides what to fetch and what counts as a pass. Press the button to re-fetch its served bytes and compare them against the site’s signed deploy record — the same self-check every page footer runs.

Until the first signed deploy record is published at /attest/site/latest.json, this check reports honestly unknown — it will not show green on faith. Source is public in the site repo.

The honest part

One thing is taken on faith

Pin the key once — verify everything after. Every proof above reduces to trusting the public-key fingerprints pinned in this site’s source. A forger who could rewrite both this page and the keys it pins could forge the green — which is exactly why the keys are also published out-of-band, where this page cannot touch them.

fleet0 artifact witness pk_fp cac5 f21a 7056 4aeb public key

site_deploy site deploy signer pk_fp 7b43 91d6 4aec b9ac public key

report witnesses provenance reports name their witnesses; this page pins raw verifying keys for fleet0, studio and mini in its source

Out-of-band copies live in the public site repo. Compare fingerprints from a different machine, a different network, a different day — that one comparison is the entire trust decision.

Verify it yourself.