@meta
  v: 1
  route: /verify
  generated: 2026-06-07T00:00:00Z
  ttl: 1h

@intent
  purpose:    Verify a signed Agent Attestation Record (AAR) in the browser — Ed25519 signature over the JCS-canonicalized record, and conformance tier (L0/L1/L2). No backend; nothing leaves the page.
  audience:   security-pro, auditor, agent
  capability: verify, evaluate

@state
  engine:     client-side WebCrypto Ed25519 + minimal JCS (RFC 8785 subset), byte-identical to the reference tools/aar.mjs
  inputs[2]{id,required,summary}:
    record,true,"the AAR record JSON to verify"
    did_json,false,"the signer's did.json; omit to resolve did:web online from sig.by"
  tiers[4]{level,means}:
    L0,"signature valid + required fields present (aar/subject/principal/task/verdict/reason/issued)"
    L1,"L0 + ground_truth present and, for confirmed/contradicted, committed checks[] evidence"
    L2,"L1 + independent verifier (verifier.id != subject)"
    FAIL,"does not verify — e.g. tampered, wrong key, or symmetric MAC (HMAC rejected at L0)"
  not_checked[2]:
    - "L3 transparency-log inclusion proof (v2)"
    - "re-hashing checks[].response_sha256 preimage — travels point-to-point with the issuer (v2)"
  examples[4]{id,expect}:
    helpdesk,L2
    fabrication,L2
    self-verified,L1
    symmetric-mac,FAIL

@actions
  - id: verify_record
    method: POST
    note: client-side only — paste a record (+ optional did.json) and verify in-browser; no network call required when did.json is provided
  - id: spec
    method: GET
    href: https://github.com/frontier-infra/agentcontrolplane
  - id: roadmap
    method: GET
    href: /projects.html

@context
  > The Verify page is a no-backend, client-side verifier for Agent Attestation Records (AAR). It strips the signature, re-canonicalizes the record (JCS / RFC 8785), checks the Ed25519 signature against the signer's did:web public key, and reports the conformance tier (L0/L1/L2) — the same logic as the reference tools/aar.mjs. Verifying never requires the ability to issue (no symmetric secrets). It proves the project's "provable" claim: a third party can confirm exactly what an agent/deck did, offline, without trusting the issuer. The L3 transparency-log inclusion proof and the checks preimage re-hash are out of scope for this v1 page.

@nav
  self:    /verify.agent
  parents: [/.agent]
  peers:   [/projects.agent, /charter.agent, /warlock.agent, /deck.agent, /index.agent]