Skip to main content

Standalone offline verifier for VERIDICT case bundles. Free and open: trust, but re-check.

Project description

veridict-verify

Standalone offline verifier for VERIDICT case bundles (.veridict.zip). Free and open: trust, but re-check.

This package shares no runtime code with the VERIDICT engine. It re-checks hashes, signatures, timestamps, citation spans, corroboration ceilings, and graph semantics from the published bundle format so a skeptic does not have to trust the tool that produced the case. You do not need an account, a server, or the engine — only this package and the bundle you were handed.

Install

pip install veridict-verify
# optional RFC-3161 token parsing:
pip install 'veridict-verify[timestamps]'

Or from this repository:

pip install .

Usage

veridict-verify path/to/case.veridict.zip
veridict-verify path/to/case.veridict.zip --json
veridict-verify path/to/case.veridict.zip --trusted-key <sha256-fingerprint>

Try it right now on the demo bundle in this repository:

veridict-verify examples/demo.veridict.zip

Exit codes

Code Meaning
0 VALID — no findings
2 VALID WITH WARNINGS — integrity holds; review warnings (e.g. pending timestamps, single-source)
1 INVALID — hash/signature/semantic failure

Key pinning

Cryptographic verification proves integrity, not identity. Pin a published investigator fingerprint:

veridict-verify case.veridict.zip --trusted-key abcdef...64hex...

See docs/key-policy.md for custody and publication guidance.

What it checks

  • Manifest hash and Ed25519 signature; key id ↔ public key binding
  • Append-only hash chain (seq, prev, body_hash, chain_hash, record signatures)
  • Artifact CAS object re-hash; optional standalone content_signature
  • Claim grounding (supported-by), exact citation quote/offsets
  • Human verified-by signatures; contradicts / supersedes semantics
  • Independence corroboration ceilings (N vs M)
  • RFC-3161 / OpenTimestamps proof structure where present
  • Key-rotation statements (veridict-key-rotation/1)

Documentation

Relationship to the VERIDICT engine

The engine that builds cases (capture, sealing, AI-assisted analysis, reporting) is developed separately. This verifier is intentionally independent so that opposing counsel, auditors, and editors can re-check conclusions without trusting — or even having — the engine. Conformance tests that exercise the verifier against engine-produced bundles run in the engine's CI on every commit.

License

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

veridict_verify-0.2.0.tar.gz (30.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

veridict_verify-0.2.0-py3-none-any.whl (19.9 kB view details)

Uploaded Python 3

File details

Details for the file veridict_verify-0.2.0.tar.gz.

File metadata

  • Download URL: veridict_verify-0.2.0.tar.gz
  • Upload date:
  • Size: 30.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for veridict_verify-0.2.0.tar.gz
Algorithm Hash digest
SHA256 b3ff1cec9ffc869abf83272f7fad9ea95708be91abe520d7932aeba94959877f
MD5 de95192aa2f46f434d9a7cf1cdfb3116
BLAKE2b-256 6afd1f3e1eb1e78990a1356952073ee9573c7fb7c9517eb0e122745d03b761c8

See more details on using hashes here.

Provenance

The following attestation bundles were made for veridict_verify-0.2.0.tar.gz:

Publisher: release.yml on CXdefense/veridict-verify

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file veridict_verify-0.2.0-py3-none-any.whl.

File metadata

  • Download URL: veridict_verify-0.2.0-py3-none-any.whl
  • Upload date:
  • Size: 19.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for veridict_verify-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 63b9c7050257fe77ffdf55d4f94b9cef75750bf81403248fa0fb9024ca307566
MD5 f610d67d009011c4b91bb811fad9dc4b
BLAKE2b-256 df05614fa82ff4a1a3352158127319f64bf97ada4905ab5d6894c11f7dffa654

See more details on using hashes here.

Provenance

The following attestation bundles were made for veridict_verify-0.2.0-py3-none-any.whl:

Publisher: release.yml on CXdefense/veridict-verify

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page