Independent external verification of Veritas Acta instance claims.
Runs entirely outside the operator's infrastructure. No privileged access. No secrets. Read-only.
| # | Check | What it verifies |
|---|---|---|
| 1 | Manifest | /.well-known/acta-instance.json exists and is well-formed |
| 2 | Endpoints | All advertised endpoints respond with 200 |
| 3 | Anchor freshness | Latest anchor is less than 25 hours old |
| 4 | Anchor signature | Ed25519 signature is valid against known public key |
| 5 | Merkle root | Recomputed from chain heads matches claimed root |
| 6 | Witness | External witness is active and references the latest anchor |
| 7 | Conformance honesty | Self-reported conformance matches actual state |
| 8 | Chain integrity | Full independent hash chain verification of an exported topic |
| 9 | Identity binding | Anchor includes charter and protocol spec hashes |
npm install
node check.js https://veritasacta.comJSON report goes to stdout. Human-readable progress goes to stderr.
This repo runs a GitHub Action twice daily that:
- Fetches all public Acta surfaces
- Independently verifies every check
- Commits a JSON report to
reports/latest.json - Archives historical reports in
reports/archive/
Infrastructure earns that label through external verification, not self-assessment. This checker closes the loop: the operator publishes claims, this tool independently verifies them, and the results are public.
MIT