Attested AIVerify Sample

What is Offline Verification?

Offline Verification is the ability to validate an Evidence Bundle completely without network connectivity. The verifier tool runs locally, with no calls to external servers.

Why Offline Matters

  • Air-Gapped Environments: Critical infrastructure and defense systems often operate without internet
  • No Trust in Third Parties: Verification doesn't depend on any external service availability
  • Independent Audit: Some audits require evidence that can be verified independently
  • Disaster Recovery: Verification works even when infrastructure is compromised

Quick Start

# 1. Unzip the verifier
unzip ag-verify-cli.zip

# 2. Run verification in PROOF_ONLY mode
./ag-verify sample_bundle.agb --mode PROOF_ONLY

# 3. Check the verdict
cat report.json | jq '.verdict'
# Expected: "PASS" or "PASS_WITH_CAVEATS"

# 4. Verify determinism (run twice, same hash)
./ag-verify sample_bundle.agb --mode PROOF_ONLY
cat report.json | jq '.report_hash'
# Hash should be identical on each run

Determinism Contract

A key property of offline verification is determinism: given the same bundle, the verifier will always produce the same report with the samereport_hash.

This means any party, including the organization, auditors, or third-party verifiers, can independently run the verifier and get mathematically identical results. There's no ambiguity about what the bundle proves.

What Gets Verified

Policy Artifact signature (Ed25519)
Receipt chain integrity (hash linking)
Individual receipt signatures
Manifest checksums
Enforcement action correctness
Time ordering consistency

Verification Modes

PROOF_ONLY:Validates cryptographic proofs without re-measuring subjects
FULL:Also re-measures subjects if they're available locally

Related Terms

Policy ArtifactEvidence BundleContinuity ChainSelective InterceptionOffline Verification

See It In Action

Download a sample Evidence Bundle and verify it offline with our CLI tool.

Download Sample Bundle