Offline, dependency-light validator for AlgoVoi signed compliance evidence — auto-detects signed receipts, signed-chain streams, and evidence packs. Falcon-1024 / RFC 8785 (JCS), public key only. No AlgoVoi code, no service, no secret.
Project description
algovoi-validate
Don't trust AlgoVoi — verify it yourself. A standalone, offline validator for AlgoVoi signed compliance evidence. Its entire trust base is two public libraries — no AlgoVoi code, no secret key, no running service, no network.
pip install algovoi-validate
It re-derives every Falcon-1024 (FN-DSA-1024) signature and SHA-256 hash-link itself, from the
published public key alone. If it prints VERIFIED, the evidence is genuine and unaltered; change a
single byte and it fails at exactly that entry.
Use — auto-detect
Drop an AlgoVoi artifact; it identifies the type and validates it:
algovoi-validate <path> # auto-detect
algovoi-validate <path> <public_key.b64> # ...for a bare receipt/chain
An evidence pack embeds its public key. A bare receipt or signed chain also takes the signer's published public key.
| Artifact | Detected from | Needs a public key? |
|---|---|---|
| Evidence pack (directory) | *_chain.json + public_key.b64 |
no (embedded) |
| Signed chain (JSON array) | array of signed envelopes | yes |
| Single receipt (file) | one signed envelope | yes |
Explicit subcommands
algovoi-validate pack <pack_dir>
algovoi-validate receipt <receipt.txt> <public_key.b64>
algovoi-validate chain <chain.json> <public_key.b64>
Exit code is 0 iff everything verifies.
What it checks
- Falcon-1024 / FN-DSA-1024 signatures over RFC 8785 (JCS) canonical bytes, using the published public key only.
- Hash-linked chains — sequence,
prev-hash linkage, and head, so a tampered, reordered, or removed entry is caught at exactly that point. - Evidence packs — every signed chain in the pack, plus the trusted-timestamp binding (each timestamp's message imprint equals the hash of the archive receipt it stamps).
Library use
from algovoi_validate import autodetect, verify_pack, verify_chain, verify_receipt
Licence
Apache-2.0. Pairs with the production / custody side of AlgoVoi Records Vault; this verifier is free and always will be.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file algovoi_validate-0.1.1.tar.gz.
File metadata
- Download URL: algovoi_validate-0.1.1.tar.gz
- Upload date:
- Size: 10.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e0ccc641d55105990d9c85661e79a882d54c3a9d8c2ba8d9a1ec057a77e4d13e
|
|
| MD5 |
825f184e5bb51128c544b74b611b685a
|
|
| BLAKE2b-256 |
2766d813325a23a1a243377a13840f8a550d6c59d1159b7763c4ac35462ff8ea
|
File details
Details for the file algovoi_validate-0.1.1-py3-none-any.whl.
File metadata
- Download URL: algovoi_validate-0.1.1-py3-none-any.whl
- Upload date:
- Size: 11.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8bd02a009f8c2203cce60ba24730d72442c2bff9e833690052eea737ca2a215e
|
|
| MD5 |
0c5c517a87f02d494a3765e117c54730
|
|
| BLAKE2b-256 |
4f57db49ddbf58e778e18440d34e22fd5b0ae116d1a4ff5f3fc58d22a9e2fd49
|