Voltry Probe — the open, read-only agent. Reads NVML/DCGM/Redfish/attestation into a signed evidence bundle and renders the offline certificate.
Project description
Voltry Probe
Voltry Probe is an open, read-only agent that produces a signed condition and provenance record for data-center GPUs. It reads what the hardware already exposes over NVML and the NVIDIA attestation chain (with DCGM and Redfish telemetry consumed where a collector provides it), binds the readings to the device's fused cryptographic identity, and renders a self-contained certificate you can open with no network at all.
It never states or implies what your hardware is worth. It records what the hardware is.
Install
pipx install voltry-probe
Requires Python 3.10 or newer. Stock DGX OS and Ubuntu 22.04 hosts work as-is.
pip install voltry-probe inside a virtualenv works too.
Optional extras:
pipx install "voltry-probe[hardware]" # live NVML + Redfish readers
pipx install "voltry-probe[submit]" # the opt-in submission client
Without [hardware] the probe runs against captured fixtures and simulators,
which is all you need to evaluate it.
Sixty seconds to a certificate
# 1. Scan. Read-only, works fully offline and air-gapped.
# Reads live hardware; signs with your operator key.
voltry scan --signing-key operator.pem --out bundle.json
# 2. Render. A self-contained HTML certificate, no network needed to view.
voltry cert bundle.json --out cert.html
Just evaluating, with no GPU and no key of your own? Point scan at a captured
sample and sign with a throwaway key:
voltry scan --fixture sample.json --ephemeral-key --out bundle.json
voltry cert bundle.json --out cert.html
That is the whole loop. voltry submit exists as a separate, explicit,
opt-in step; scanning and rendering never phone home.
What read-only means
The probe never writes to, resets, reconfigures, or stress-tests a device
during a scan. You can run it on a live production fleet. Functional
qualification (which does exercise the device) is a separate mode behind an
explicit flag, never part of a read-only scan.
What the certificate says, and what it does not
The certificate keeps measured facts and modeled estimates in separate blocks that never look alike:
- Deterministic gates: authenticity, firmware integrity, functional and sanitization results. Pass or fail, no model in the loop.
- Measured condition: ECC and Xid history, retired and remapped pages, spare rows remaining, throttle and clock behavior. Raw values against published thresholds.
- Provenance: certification history on the device's permanent identity, append-only. A failed attempt stays on the record; cherry-picking is structurally impossible.
It never contains a price, a dollar figure, or a lifetime guarantee. Power-chain exposure reads "Not Assessed" unless the facility itself was instrumented; it is never inferred from board power.
Verifying a bundle yourself
Every bundle is signed (ECDSA P-384 over RFC 8785 canonical JSON) and can be
verified by anyone with the voltry-evidence-schema package:
import json
from evidence_schema import EvidenceBundle, verify_bundle
bundle = EvidenceBundle.model_validate(json.load(open("bundle.json")))
assert verify_bundle(bundle)
License
Apache-2.0.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file voltry_probe-0.2.0.tar.gz.
File metadata
- Download URL: voltry_probe-0.2.0.tar.gz
- Upload date:
- Size: 48.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3cc57800cd8b7ce61d86a6c287ecffcc676a1cc11eb42273673cf232a0d31750
|
|
| MD5 |
2d3838760757038e0019710a0852cebf
|
|
| BLAKE2b-256 |
4e1e82ea5ceaa2db87db802cbea73c8e1060b25a40b3ca25b0e96e139f4bdd04
|
Provenance
The following attestation bundles were made for voltry_probe-0.2.0.tar.gz:
Publisher:
release.yml on Voltry-tech/core
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
voltry_probe-0.2.0.tar.gz -
Subject digest:
3cc57800cd8b7ce61d86a6c287ecffcc676a1cc11eb42273673cf232a0d31750 - Sigstore transparency entry: 2072335794
- Sigstore integration time:
-
Permalink:
Voltry-tech/core@5947219072247522fba817cbc99fadfebfd83d8a -
Branch / Tag:
refs/tags/voltry-probe-v0.2.0 - Owner: https://github.com/Voltry-tech
-
Access:
private
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@5947219072247522fba817cbc99fadfebfd83d8a -
Trigger Event:
push
-
Statement type:
File details
Details for the file voltry_probe-0.2.0-py3-none-any.whl.
File metadata
- Download URL: voltry_probe-0.2.0-py3-none-any.whl
- Upload date:
- Size: 40.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b088a2551d0c0287dc413d40cd2767187c4be6064ad08feea2cdf94fb447cd4c
|
|
| MD5 |
dde5a10fa84982676b79fbf014a61479
|
|
| BLAKE2b-256 |
dc6a20e3b7c825f1d1474df4f3c4198185897716c72424ff1de0818c6f713abe
|
Provenance
The following attestation bundles were made for voltry_probe-0.2.0-py3-none-any.whl:
Publisher:
release.yml on Voltry-tech/core
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
voltry_probe-0.2.0-py3-none-any.whl -
Subject digest:
b088a2551d0c0287dc413d40cd2767187c4be6064ad08feea2cdf94fb447cd4c - Sigstore transparency entry: 2072335802
- Sigstore integration time:
-
Permalink:
Voltry-tech/core@5947219072247522fba817cbc99fadfebfd83d8a -
Branch / Tag:
refs/tags/voltry-probe-v0.2.0 - Owner: https://github.com/Voltry-tech
-
Access:
private
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@5947219072247522fba817cbc99fadfebfd83d8a -
Trigger Event:
push
-
Statement type: