● INDEPENDENT VERIFICATION · CLIENT-SIDE · NO UPLOAD

Verify a Hardseal Edge packet.

Paste a Hardseal Edge evidence packet below. Your browser recomputes the SHA-256 hash chain, validates every section hash, and confirms the chain root — without sending the packet anywhere. The verifier runs in JavaScript on this page. The packet never leaves your machine.

This is an assessor-readable evidence integrity demonstration over synthetic demo replay artifacts (SHA-256 file digests, hash-chain / chain-root, sidecar verification, offline browser verification, PASS on original / FAIL on tamper). It is not Ed25519-signed production evidence, customer evidence, or compliance proof. View source on this page — or save it locally and run it offline — for trust beyond TLS delivery. The standalone Python verifier is the air-gapped equivalent.

▸ HARDSEAL PUBLIC TRUST LEDGER · RECEIPTS #1–#4 · INDEX
One compact index for the four public demo receipts published so far. Each row is a self-contained proof artifact: download the packet, compare its file SHA-256 against the sidecar, drop it into the verifier on this page, and confirm the chain root recomputes. The artifact link, sidecar, source PR, file SHA-256, and chain root are listed so anyone — buyer, assessor, or stranger — can cross-check without contacting Hardseal. Internal command receipts are private operator records (linked for the owner) and are not required for public verification; public proof rests entirely on the packet, sidecar, source PR, file SHA-256, and chain root(s) in each row.
Receipt Artifact & sidecar Source PR · internal command receipt (private) Core hash · proof value · limitation
#1
30-sec verifier + demo replay packet
jump to quickstart ↓		 sample-packet-receipt1.json
· sidecar (.sha256) 		PR #8
internal command receipt (private) 		File SHA-256: 9cf799eef49b70c25ff5abc1cc0052c5bed55f9b855fe1b69363b2ab1713e82b
hash_chain_root: 52d2c01eb5af1a89fee89a4228d5e1f5b02712db3fe7945f2bdf97c2b6c88c3e
Proves: public 30-second PASS/FAIL verifier path for a demo replay packet.
Limit: verifier-exercise replay sample, not a new field measurement.
#2
CMMC / NIST audit-log integrity packet
jump to quickstart ↓		 cmmc-audit-log-receipt2.json
· sidecar (.sha256) 		PR #9
internal command receipt (private) 		File SHA-256: b656d8b7ab59627b5fd165223f5e42c7d9a7d23bd14c05ede350e9b1dc525475
Outer hash_chain_root: be4195cdb7074b56475b6e5be52e4d4b05134b5723f1f393fedd5c91e388fdf1
Inner log_chain_root: 0d72ff3646648c84808befdb230c1803c61d86e430c82ede87b686e0d417a914
Proves: hash-chained, offline-verifiable audit-log demo, verifier-compatible, schema-reuse only.
Limit: synthetic demo. Not a customer log, not compliance proof, not an assessor outcome.
#3
POA&M evidence trail packet
jump to quickstart ↓		 poam-evidence-receipt3.json
· sidecar (.sha256) 		PR #10
internal command receipt (private) 		File SHA-256: 06967784f40dcc9caa0e8ce3253c3fb8edea8d418c7ee14b3815d354136e74a8
Outer hash_chain_root: 6411654e1c78a9db221ab155634500d0a2ed5086dbac9f36a2b4055cf294db96
Inner poam_chain_root: 5f00d1795850f7e7dc161d66e28501e9dfb8b5f03460fee65484b94ef27cfc18
Proves: POA&M trail with timeline/status/owner fields and NIST 800-171 mapping.
Limit: synthetic demo. Not a customer POA&M, not a live assessment artifact.
#4
SSP change-history packet
jump to quickstart ↓		 ssp-change-history-receipt4.json
· sidecar (.sha256) 		PR #11
internal command receipt (private) 		File SHA-256: e196ed163d28711bc510c6cfe5c3e4a8f3816960b6e38ad0aa5bb1326becaf56
Outer hash_chain_root: c323221b75a69c36d396a1e8311e28a11db2c591f7cc8d83cdc4726d1cfb0c1e
Inner ssp_chain_root: a99ec6eb8644c2cc4bb647b065794d590151d4d2e412ab9b37f7026a304c261d
Proves: SSP living-document change history with continuous-monitoring triggers.
Limit: synthetic demo. Not a customer SSP, not an assessment artifact.
How to verify any row in ~30 seconds: download the artifact and its sidecar, run shasum -a 256 <file> and confirm the digest matches the sidecar and the File SHA-256 listed above, then paste the file into the verifier on this page and confirm the recomputed chain root matches the value above. Air-gapped equivalent: python3 verify_standalone.py <file> using the stdlib-only standalone Python verifier.
Disclaimer (applies to every row above):

These are public synthetic demo replay receipts published for verification exercise and distribution. They are SHA-256 / hash-chain / sidecar-verifiable artifacts — they are not Ed25519-signed production evidence, customer evidence, certification proof, compliance proof, C3PAO-approved proof, audit-ready proof, or production continuous attestation. They do not guarantee any regulatory outcome (including CMMC 2.0, NIST SP 800-171, NIST SP 800-53, ISO 27001, FAA airworthiness, or any other regime). Hardseal does not certify, assess, or attest on behalf of any third party. The verifier proves evidence integrity only — that what was hash-sealed is internally consistent and free of accidental or in-transit change — a deliberate re-hash after modification is not detected by the verifier alone (see Integrity is not provenance, below). Your assessor decides truth.
▸ TRY IT NOW · 30-SECOND OFFLINE VERIFY
Demo replay sample: fresh-dated header over the canonical T1 thermal-saturation benchmark. Verifier-exercise sample, not a new field measurement (see the packet's limitations[] entry).
  1. Download the demo replay packet: sample-packet-receipt1.json (SHA-256: sidecar)
  2. Drop it into the box below — or click Load .json file — and press Verify packet. Expect PASS · INTEGRITY VERIFIED.
  3. Open the file in a text editor, change any number by one digit, save, re-verify. Expect FAIL · INTEGRITY NOT VERIFIED.
Air-gapped equivalent: shasum -a 256 sample-packet-receipt1.json then python3 verify_standalone.py sample-packet-receipt1.json. The standalone Python verifier is stdlib-only, ~14 KB, no network calls.
▸ CMMC AUDIT LOG EXAMPLE · RECEIPT #2 · 30-SECOND VERIFY
Synthetic CUI-environment audit-log excerpt (8 lines) sealed inside a Hardseal Edge v1.0 packet (SHA-256 hash chain). Mapped to CMMC 2.0 Level 2: AU.L2-3.3.1 / AU.L2-3.3.2 / AU.L2-3.3.8; NIST SP 800-171: 3.3.1 / 3.3.2 / 3.3.8; NIST SP 800-53 AU family: AU-2 / AU-3 / AU-9 / AU-12. Each log line is SHA-256 hashed and joined by an append-only log chain; the packet's outer hash chain seals the lines, line hashes, and log chain root together. The existing browser/Python verifier validates this packet without modification.
  1. Download the audit-log demo packet: cmmc-audit-log-receipt2.json (SHA-256: sidecar)
  2. Drop it into the box below — or click Load .json file — and press Verify packet. Expect PASS · INTEGRITY VERIFIED.
  3. Open the file in a text editor, change a single digit anywhere inside benchmark.audit_log.lines[] (for example, flip a seq or ts_utc digit), save, re-verify. Expect FAIL · INTEGRITY NOT VERIFIED with first mutated section: benchmark.
Air-gapped equivalent: shasum -a 256 cmmc-audit-log-receipt2.json then python3 verify_standalone.py cmmc-audit-log-receipt2.json. Same stdlib-only verifier as Receipt #1 — no new tooling.
Disclaimer (rendered with hedged language; see the packet's limitations[] field for the on-disk version, which is pending a regen pass to match):

This is a synthetic demo replay packet created for verification exercise only. Hardseal does not certify, assess, or guarantee any regulatory outcome (including CMMC 2.0, NIST SP 800-171, or NIST SP 800-53 compliance). It produces hash-chained, offline-verifiable evidence only; a passing verification proves the packet is internally consistent and free of accidental change. Your assessor decides truth. Do not use this packet as live evidence or compliance proof.
▸ CMMC POA&M EVIDENCE TRAIL EXAMPLE · RECEIPT #3 · 30-SECOND VERIFY
Synthetic POA&M (3 line items — deficiency, remediation action, owner, due date, status, last-updated, progress note) sealed inside a Hardseal Edge v1.0 packet. Mapped to NIST SP 800-171: 3.12.2 (primary POA&M), 3.12.1 (assessments), 3.12.3 (ongoing monitoring), with example deficiencies against 3.1.1 (access control) and 3.4.1 (baseline configuration). Assessment context: CMMC 2.0 Level 2 POA&M artifact review / C3PAO-style Phase 1 pre-assessment / POA&M closeout. Each entry is SHA-256 hashed and joined by an append-only POA&M chain; the packet's outer hash chain seals the entries, entry hashes, and POA&M chain root together. Same existing browser/Python verifier — no new tooling.
  1. Download the POA&M demo packet: poam-evidence-receipt3.json (SHA-256: sidecar)
  2. Drop it into the box below — or click Load .json file — and press Verify packet. Expect PASS · INTEGRITY VERIFIED.
  3. Open the file in a text editor, change a single digit anywhere inside benchmark.poam.poam_entries[] (for example, flip a seq digit or a date digit), save, re-verify. Expect FAIL · INTEGRITY NOT VERIFIED with first mutated section: benchmark.
Air-gapped equivalent: shasum -a 256 poam-evidence-receipt3.json then python3 verify_standalone.py poam-evidence-receipt3.json. Same stdlib-only verifier as Receipts #1 and #2 — no new tooling.
Disclaimer (rendered with hedged language; see the packet's limitations[] field for the on-disk version, which is pending a regen pass to match):

This is a synthetic demo replay packet created for verification exercise only. Hardseal does not certify, assess, or guarantee any regulatory outcome (including CMMC 2.0 or NIST SP 800-171 compliance). It produces hash-chained, offline-verifiable evidence only; a passing verification proves the packet is internally consistent and free of accidental change. Your assessor decides truth. Do not use this packet as live evidence or compliance proof.
▸ CMMC SSP CHANGE-HISTORY EXAMPLE · RECEIPT #4 · 30-SECOND VERIFY
Synthetic SSP change-history excerpt (8 entries spanning roughly 6 months — initial authorization, vulnerability-scan-driven update with POA&M open, POA&M closure, SIEM+EDR-correlation incident, scope change adding a secondary CUI system, log-retention drift caught by continuous attestation, quarterly access-review automation, and quarterly SSP integrity review) sealed inside a Hardseal Edge v1.0 packet. Mapped to CMMC 2.0 Level 2 Pre-Assessment Phase 1 SSP review and NIST SP 800-171: 3.12.1 (periodic assessment) / 3.12.2 (plans of action) / 3.12.3 (ongoing monitoring). Each entry is SHA-256 hashed and joined by an append-only SSP change chain; the packet's outer hash chain seals the entries, entry hashes, and chain root together. Same existing browser/Python verifier — no new tooling.
  1. Download the SSP change-history demo packet: ssp-change-history-receipt4.json (SHA-256: sidecar)
  2. Drop it into the box below — or click Load .json file — and press Verify packet. Expect PASS · INTEGRITY VERIFIED.
  3. Open the file in a text editor, change a single digit anywhere inside benchmark.ssp_change_history.ssp_entries[] (for example, flip a seq digit or a date digit), save, re-verify. Expect FAIL · INTEGRITY NOT VERIFIED with first mutated section: benchmark.
Air-gapped equivalent: shasum -a 256 ssp-change-history-receipt4.json then python3 verify_standalone.py ssp-change-history-receipt4.json. Same stdlib-only verifier as Receipts #1, #2, and #3 — no new tooling.
Disclaimer (rendered with hedged language; see the packet's limitations[] field for the on-disk version, which is pending a regen pass to match):

This is a synthetic demo replay artifact created for verification exercise only. Hardseal does not certify, assess, or guarantee any regulatory outcome (including CMMC 2.0 or NIST SP 800-171 compliance). It produces hash-chained, offline-verifiable evidence only; a passing verification proves the artifact is internally consistent and free of accidental change. Your assessor decides truth. Do not use this artifact as live evidence or compliance proof.

// Packet input

// Verification result

Awaiting input. Paste a packet and click Verify.
What this verifier does: reproduces the canonical JSON serialization, recomputes the seed hash from packet headers, recomputes per-section SHA-256 hashes in the fixed order device → model → benchmark → sensors → limitations, validates each entry in integrity.section_hashes against the recomputed chain, and confirms the final integrity.hash_chain_root matches.

What it doesn't do: claim the packet is true. The verifier only proves integrity — that what was hash-sealed is internally consistent and free of accidental or in-transit change — a deliberate re-hash after modification is not detected by the verifier alone (see Integrity is not provenance, below). The truth of the underlying measurement is the operator's responsibility under the limitations section of every packet.

Reproducibility: this client-side verifier implements the same canonical hash-chain algorithm as verify_standalone.py in the Hardseal repo and hardseal verify in the canonical CLI. Same valid packet → same chain root across all three implementations. The Python verifier is the air-gapped equivalent of this page; both are exercised by the same negative-test suite.

Integrity ≠ provenance: a PASS result means the packet is internally consistent under the Hardseal Edge v1.0 hash-chain rules — every section hash and the chain root recompute correctly. It does not independently prove the packet came from Hardseal or any specific source. To prove the packet matches a previously published artifact, compare the recomputed chain root against a trusted external manifest (for example, the per-packet chain roots published on /trophy-case.html for the bundled trophy case packets).

Scope of assurance: Hardseal Edge produces integrity evidence, not a certification. A PASS result does not certify the underlying AI system as compliant with CMMC, NIST 800-171, ISO 27001, FAA airworthiness, or any other regulatory regime. It does not replace a C3PAO assessment, an RPO engagement, an FAA type certification, or any human assessor judgment. It does not guarantee mission outcomes, model accuracy, or safety properties.