{"schema":"szl.public-receipt-verifier/manifest/v1","state":"LIVE","purpose":"Independently verify a pasted DSSE receipt or receipt id.","try":{"method":"POST","endpoint":"/api/a11oy/v1/verify/receipt","body":{"envelope":{"payloadType":"...","payload":"...","signatures":[]}}},"evidence":["signature","payload_digest","hash_chain"],"limits":"PASS means every check that could run passed and none mismatched; it does not prove the model output is factually correct.","reproduce":{"public_key":"/cosign.pub","human_ui":"/verify","shareable_get":"/api/a11oy/v1/verify/receipt/{receipt_id}"},"doctrine":{"lambda":"Conjecture 1 (NOT a theorem)","locked_proven":{"count":8,"kernel":"c7c0ba17","public_numbers":"749/14/163","note":"public verifier adds NOTHING to the locked-8"},"trust_ceiling":"never 100%","signature":"ECDSA-P256-SHA256 over DSSE PAE vs published SZLHOLDINGS cosign.pub","payload_digest_compare":"recomputed payload digest vs the DECLARED payload_digest (NOT the chain seal id — that was the old simultaneous VERIFIED+MISMATCH bug, fixed and not reintroduced)","hash_chain":"re-walk prev-links to genesis + recompute each seal (szl_khipu_verify)","fabricated_data":false,"runtime_cdn":0}}