Offline receipt verification · nothing leaves this tab

Prove what the AI did.

Drop a receipt from your agent's work. Every hash and signature is recomputed in your browser — nothing leaves this tab. Your keys, your data, your proof.

Drag a receipt.json here

or click to choose a file

runs entirely in this tab  ·   works offline  ·   zero uploads

no receipt handy? ·

Optional — pin against a live Token Holder

Offline verification trusts the signing key embedded in the receipt. For independent pinning, fetch GET /audit/signing-key/public from a Token Holder you control and compare. This is the only button on this page that touches the network — and it only downloads TH's public key; your receipt never leaves this tab.

What a PASS actually proves.

Each event in the receipt carries a signed 14-field core. The verifier rebuilds every link: hash = SHA-256(prevHash ‖ canonical(core)), embedded diffs against their signed diffSha256, each event's Ed25519 signature against the agent key Token Holder registered, and — when embedded — Token Holder's own attestation that the key belongs to the identity it says it does.

The format is open. Audit this page (view source — the verifier is verify-core.js, unminified), or verify in your terminal with Clawnoly's node verify-receipt.js receipt.json — same canonicalization, same checks, same verdict.

Honest scope: receipts are tamper-evident, not tamper-proof. PASS means nothing was altered after signing by the registered identity — evidence a third party can check, not a claim you have to take on faith.