Offline verifier

Verify a Sanad artifact

Paste a signed Sanad artifact below. Your browser verifies the Ed25519 signature locally — Sanad's servers are not contacted. You can disconnect from the internet after this page loads and the verification still works.

Looking up an artifact by reference number instead? Browse the public registry or open a verify-by-number link like /verify/CR-2026-000123.

How this verification works

  1. The browser parses the artifact JSON and extracts signed_payload, signature, and public_key.
  2. The signed payload is canonicalised — JSON serialised with sorted keys and no whitespace. This is exactly what Sanad's signer signs server-side.
  3. The public key (32-byte raw Ed25519, hex-encoded) is wrapped in SPKI prefix and imported into Web Crypto.
  4. Web Crypto verifies the Ed25519 signature against the canonical bytes using crypto.subtle.verify("Ed25519", ...).
  5. Result: verifies means the holder of the corresponding private key signed exactly this payload, and it has not been tampered.

Browser support: Ed25519 in Web Crypto requires Chrome 113+, Firefox 122+, or Safari 17+. Older browsers will see an import error. For air-gapped offline verification (e.g. inside a regulator's secure lab), use the open-source verifier SDK in JS / Python / Go — see /docs/verifier-sdk.

Public registry · Security policy · About CognoShift