Sealed delivery · verify offline

Download the verifier & verify your delivery.

You don’t have to trust us. Download the standalone verifier — a single stdlib-only Python file you can read in one sitting — and run it against your sealed delivery bundle on your own machine. No pip install. No network. Reading time: 60 seconds. Verification time: under a second.

What you'll need: Python 3.10 or newer (python --version) · your sealed bundle.json from us · the verifier below. Put them in the same folder. Run the one command. Read GREEN or RED.

The files

Verify command

$ python auditspine_verify_standalone.py YOUR_BUNDLE.json

Exit code 0 = GREEN (bundle verifies). Exit code 1 = RED (chain or hash mismatch). For tooling-friendly output:

$ python auditspine_verify_standalone.py YOUR_BUNDLE.json --json

What the verifier checks

Three independent checks, on your own machine, with no network call:

Container integrity — the bundle’s bundle_hash matches the canonical-bytes hash of its contents. Nothing added, removed, or altered after we sealed it.
Chain integrity — every seal’s hash + every previous_seal_hash link verifies end-to-end. Nothing in the middle was replaced.
Payload integrity — the actual sealed bytes embedded in the bundle re-derive the hashes we recorded. What we claim was sealed is what is sealed.

The QuickStart walks through GREEN vs. RED in detail. The reference explains design rationale and the three checks.

Want the bigger picture first? Read the walkthrough or walk PI6 interactively.