free · license-independent

Verify evidence without trusting its author.

Verification is free on purpose. Whoever receives a bundle should be able to check it without trusting — or paying — whoever produced it. Paste a license below, or verify a full .axy bundle from the CLI.

Try the validator

POST /api/validate
verified against the production key · offline logic
Verdict

Paste a license document and verify it. The verdict reports signature, validity window, and revocation separately.

What the verifier checks
  • StructureIs the bundle well-formed?
  • ContentDoes every file match its manifest hash?
  • SignatureIs the Ed25519 signature valid?
  • Signer trustDo you trust who signed it? (reported separately)
  • CoverageCopied verbatim from the bundle — never inflated.

Signature validity and signer trustare always reported as two different things. A cryptographically valid signature from a key you don't trust is not the same as a trusted one — and Axyvera never blurs them.

Verify a bundle from the CLI
zsh — axyvera verify
$ axyvera verify ./acme-session.axy
structure: valid
content: intact
signature: valid
signer_trust: unknown
coverage: partial
overall: PASS

The verifier ships free and needs no license or account. Install the axyvera package and run it against any bundle you receive.