Trust Center

Verifier-first trust model

Attesto output is designed to be checked. A recipient should be able to verify receipts, stream order, checkpoint consistency, witness quorum, anchors, fork evidence, and bundle manifests without being granted access to a private tenant account.

Independent verification

Independent verification means the verifier receives evidence objects and checks the cryptographic and structural relationships locally. The verifier does not need to trust a screenshot or dashboard status.

attesto verify bundle ./attesto-bundle.json --report ./verification-report.json

Verification report shape

{
  "ok": true,
  "kind": "bundle",
  "checked": [
    "manifest_digest",
    "receipt_signatures",
    "stream_sequence",
    "window_inclusion",
    "checkpoint_consistency",
    "witness_quorum",
    "anchor_reference"
  ],
  "problems": []
}

Recommended external workflow

1. Receive a bundle from the tenant or auditor workflow.
2. Record the bundle digest before inspection.
3. Run offline verification locally.
4. Review witness/quorum and fork-evidence sections.
5. Optionally re-check anchor references online.
6. Store the verification report alongside the received bundle.

Trust boundaries

Verification proves integrity relationships inside the evidence pack. It does not prove that the original source system was truthful, that legal obligations are fully satisfied, or that an AI decision was substantively correct. Those remain customer and reviewer responsibilities.