Verification

IPPAN L1 publishes cryptographic anchors that can be independently checked against signed evidence bundles. This page records what has actually been demonstrated — and, just as explicitly, what has not been claimed.

External verification — demonstrated

External verification has been demonstrated in a controlled off-host dry run (2026-06-11). This means an exported evidence bundle was verified away from the producing host and matched the public anchor gateway: 121 anchors, latest sequence 120, checksum integrity, dense sequencing, no duplicates, and commitment re-derivation all passed, with gateway result MATCH.

This is not a third-party audit, legal certification, financial audit, or carbon-credit certification. The dry run was controlled and operator-executed; independent third-party verification is the next step on the roadmap.

Signed evidence export

Evidence bundle exports are operator-signed: each export carries a detached signature over its checksums, verifiable against a published operator public key delivered out of band. The latest signed export (2026-06-11) covers 121 anchors (sequence 120) with freshness FRESH_MATCH against the public gateway.

Signer identity: production-operator
Signature namespace: ippan-external-bundle
Signing key fingerprint (confirm out of band before relying on it): SHA256:0aq2uakfhVejV56gS7qwqcRPobmcCp/O3RdLnadoAm8
Export checksum prefix: 6a896fe0…

The signature proves an export is the one the operator produced — it does not by itself certify anchor authorship or any business claim.

Claims boundary

What verification proves

Evidence bundle integrity (checksums)
Anchor-log consistency and dense sequencing
No duplicate anchor hashes
Commitment re-derivation for every anchor
Latest anchor matches the public gateway

What is not claimed

Independent third-party audit
Legal or regulatory certification
Financial audit opinion
Carbon-credit certification
Decentralized verification (single-operator network today)

Machine-readable status

Also served at /verification/latest.json.

verification/latest.json

{
  "off_host_verification": {
    "status": "demonstrated",
    "mode": "controlled_off_host_dry_run",
    "date": "2026-06-11",
    "anchor_count": 121,
    "latest_sequence": 120,
    "gateway_result": "MATCH",
    "report_commit": "b854611"
  },
  "signed_export": {
    "status": "validated",
    "date": "2026-06-11",
    "anchor_count": 121,
    "latest_sequence": 120,
    "freshness": "FRESH_MATCH",
    "tarball_sha256_prefix": "6a896fe0",
    "signer_identity": "production-operator",
    "signer_fingerprint": "SHA256:0aq2uakfhVejV56gS7qwqcRPobmcCp/O3RdLnadoAm8",
    "signature_namespace": "ippan-external-bundle",
    "report_commit": "03b619e"
  },
  "claims_boundary": {
    "third_party_audit": false,
    "public_verifier_portal": false,
    "legal_certification": false,
    "carbon_credit_certification": false,
    "decentralized_verification": false
  }
}

More on evidence semantics: Evidence · how it works: Technology

External verification — demonstrated

Signed evidence export

Signer identity

production-operator

Signature namespace

ippan-external-bundle

Signing key fingerprint (confirm out of band before relying on it)

SHA256:0aq2uakfhVejV56gS7qwqcRPobmcCp/O3RdLnadoAm8

Export checksum prefix

6a896fe0…