Skip to main content

Verify TRACE claim inclusion proofs against the public registry

Project description

License: CC BY 4.0 TRACE Spec Discord

TRACE Registry

The public accountability layer for TRACE claim anchors. Each entry records the Merkle root of a batch of signed TRACE Trust Records, committed to this repository as an append-only record. Git's commit history is the tamper-evidence layer: any rewrite of a published entry diverges the commit hashes that auditors and mirrors have already observed.

Current Registry State

The registry currently contains one development entry (registry/2026/06/12.ndjson). This is a software-only example anchor with advisory enforcement and a zeroed measurement, committed as a launch-day example. It does not represent a production Trust Record. The first production entries will be added after Confidential Computing Summit launch on June 23, 2026.

The anchor construction (canonical claim bytes, leaf hashing, RFC 6962 Merkle tree, inclusion proofs) is specified in docs/anchor-format.md. A third party can implement a verifier from that document alone; the reference tools in tools/ are one implementation.

Status. The format, reference tooling, schema validation, and a first real entry (registry/2026/06/12.ndjson) are live. Anchoring is currently manual and low volume; a continuous anchoring cadence and a packaged trace-verify CLI on PyPI are planned but not yet operational.

Why this exists

Anyone holding a TRACE trust record and its inclusion proof can verify that the record was anchored in this registry without trusting the operator who issued it, using only this public git history and the verifier below. No single operator controls the audit trail.

Registry Format

Each daily file in registry/YYYY/MM/ is newline-delimited JSON, one anchor entry per line, validated by CI against schema/registry-entry.schema.json:

{"ts": "2026-06-12T18:09:41Z", "merkle_root": "sha256:9279...bada", "leaf_count": 1, "producer": "cmcp-gateway/0.1.0", "batch_id": "2026-06-12-001"}

Entries are append-only. See docs/anchor-format.md for field semantics.

Verifying a claim

You need three things: your signed claim (Trust Record), the inclusion proof your producer gave you, and the registry entry for the batch. Then:

git clone https://github.com/agentrust-io/trace-registry.git
cd trace-registry
python tools/verify_inclusion.py \
  --claim samples/example-trust-record.json \
  --proof samples/inclusion-proof.json \
  --entry registry/2026/06/12.ndjson
# OK: claim is included in batch '2026-06-12-001' (root sha256:9279..., ts 2026-06-12T18:09:41Z)

Exit code 0 means the claim is proven included; 1 means it is not. The verifier is a single standard-library Python file, so you can audit it (or reimplement it from the spec) rather than trust it. The samples/ files above are a real anchored example you can use to exercise the tooling.

Inclusion verification proves the signed claim bytes were anchored at the entry's timestamp. Validating the claim's signature against the producer key is a separate TRACE step.

Anchoring claims

Producers batch signed claims and anchor them with:

python tools/anchor.py claim1.json claim2.json \
  --producer my-gateway/1.0 --proof-dir proofs/ \
  >> registry/2026/06/12.ndjson

This emits the registry entry line and writes one inclusion proof per claim to hand back to claim holders.

Canonical Registry

This repository exists for independence: TRACE claim anchors can be checked without trusting any single operator's infrastructure, and the git history is auditable by anyone.

Community

Questions, feedback, integration help: Discord.

License

Creative Commons Attribution 4.0 International (CC BY 4.0). See LICENSE.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

trace_verify-0.2.0.tar.gz (53.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

trace_verify-0.2.0-py3-none-any.whl (11.1 kB view details)

Uploaded Python 3

File details

Details for the file trace_verify-0.2.0.tar.gz.

File metadata

  • Download URL: trace_verify-0.2.0.tar.gz
  • Upload date:
  • Size: 53.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for trace_verify-0.2.0.tar.gz
Algorithm Hash digest
SHA256 b6954f0ea2c6ca1a0d7a0821a7883ed247e9fc8816539c86508eba05eb2539dc
MD5 54789a436f070a607939c47f73f96fcd
BLAKE2b-256 cc85cc7a310714058f1ac8cc81b0f7e80b6fb288bdd5a3bda85905715e5a8db0

See more details on using hashes here.

Provenance

The following attestation bundles were made for trace_verify-0.2.0.tar.gz:

Publisher: publish.yml on agentrust-io/trace-registry

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file trace_verify-0.2.0-py3-none-any.whl.

File metadata

  • Download URL: trace_verify-0.2.0-py3-none-any.whl
  • Upload date:
  • Size: 11.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for trace_verify-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 016f4763e2b53fb9cfaa4d60071b92b79f35827661e67a635ed63c6940240805
MD5 99aeea5804839ed3c7d815efa3790d4b
BLAKE2b-256 df1c470e4b2a16088f043fea74413e4ea01941154eaf6110580b0e14fa878159

See more details on using hashes here.

Provenance

The following attestation bundles were made for trace_verify-0.2.0-py3-none-any.whl:

Publisher: publish.yml on agentrust-io/trace-registry

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page