Downloads

Downloads.

Public‑safe artifacts for procurement + security review. Designed to be verifiable offline and safe to mirror.

Offline verifiers (/verify)Research & DOIsWhy nowContact security

Files

Public‑safe artifacts hosted on this site. For integrity verification, see SHA256SUMS.txt and README. Legal policies are published under /legal/.

ZIPAPEX

HALTSEAL Pilot‑in‑a‑Box (Self‑serve)

~30‑minute buyer‑run pilot: fail‑closed gateway + deterministic PASS/FAIL/HOLD vectors + receipts + DSSE signing request (no host Python required; hardened docker‑compose defaults). Generates a Conformance Pack for /verify.

Download ZIP Download SHA256SUMS
SHA256SUMS includes hashRedirect from v1.0.0
Air‑gapped
Offline‑completeNo uploadsNo network

Air‑gapped verifier kit (Public) v1.0.0

Run the MVG verifiers in an isolated environment: /verify‑assurance, /verify‑diligence, and /verify‑trust. Includes printer‑friendly audit summaries with QR re‑verification and ticket binding.

Download kit ZIP Verify kit signature Verify overview Verify commitments
Attachable approvalsThreshold policyJIRA/ServiceNow binding
Assurance
Offline‑verifiableDSSE (Ed25519)Keyring + transparency

Assurance Pack (Public) v1.0.0

Procurement‑grade evidence bundle for offline review: signed keyring snapshot + key transparency log + executive summary. Built for skeptical security teams (no uploads, no third‑party scripts).

Download ZIP Verify offline Verify overview Download countersign spec Download hardware attestation spec Download org keyring spec Download ticket binding spec Download sample keyring
Signed keyringHash‑chained logOrg threshold policyTicket binding
Licensing
Offline‑verifiableDSSE (Ed25519)Blinded commitments

Licensing Diligence Teaser (Public) v1.0.0

Public-safe demonstration of the MVG licensing diligence format: pack ZIP + private receipt DSSE + optional blinded commitment log. Designed to let enterprise security/procurement verify evidence offline.

Download ZIP Verify offline Verify commitments Download sample receipt Download two‑layer spec
Two‑layer commitmentAppend‑only log headNo pack hash leakage
ZIP

MVG Trust Pack v31

Public-safe trust artifacts bundle for offline review.
DSSE

Trust Pack Signature (DSSE)

Signed digest binding for MVG Trust Pack v31.
DSSE

Trust Anchor Snapshot v31

Pinned public keys + witness threshold for verification.
ZIPCLI

Org Signer CLI (v21)

No‑dependency Node CLI to sign DSSE requests and reproduce anchored PASS end‑to‑end.

DownloadOpen
MDSpec

Org Signing Service Spec (v21)

Request/response format for KMS/HSM‑backed signing services (DSSEv1 PAE).

DownloadOpen
ZIPMockHTTP

Org Signer Mock Server (v23)

Local no‑deps signing service for PoC: bootstrap key + trust‑anchor snapshot + DSSE(PAE) report signing.

DownloadOpen
YAMLOpenAPI

Org Signer OpenAPI (v23)

Endpoint schema for a KMS/HSM‑backed org signing service (DSSEv1 + PAE).

DownloadOpen
MDcurl

Org Signer curl examples (v23)

Copy/paste commands: signing request → HTTP signer → anchored PASS in-browser.

DownloadOpen
MDSpec

Org Signing Service Spec (v23)

Minimal PoC spec linking OpenAPI + mock server + curl for anchored report verification.

DownloadOpen

Org Signer CLI (v23)

No-dependency Node.js CLI to sign /verify requests (PoC).
ZIPStrictHTTP

Org Signer Mock Server (v23.5 strict)

Intake template: idempotency, replay protection, audit fields, and key‑alias policy (DSSEv1 PAE).

DownloadOpen
OpenAPIStrict

Org Signer OpenAPI (v23.5 strict)

Strict schema + Idempotency‑Key header + policy endpoints.
MDStrict

Org Signer curl examples (v23.5 strict)

Copy/paste flow: signing request → sign → extract DSSE → upload to /verify.
SpecStrict

Org Signer Integration Spec (v23.5 strict)

Idempotency, nonce replay protection, audit fields, and KMS key alias policy.
ZIP

HALTSEAL Sample Conformance Pack (public‑safe)

Use with /verify for 30‑second offline proof.

DownloadVerify
ZIPFAIL

HALTSEAL Test Vector (FAIL — tampered)

For security review: deterministic FAIL due to SHA256SUM mismatch.

DownloadVerify
DSSERelease

Release signature (v31)

Signed binding for this site’s artifacts manifest.

DownloadOpen
JSONSigned

Artifacts manifest (SHA‑256)

Hash inventory + DSSE signatures (browser-verifiable).

DownloadOpen
JSONSBOM

Offline verifier SBOM

CycloneDX SBOM for verifier assets.

DownloadOpen
JSONKeys

Verifier trust anchors

Publishes the verifier signing key used for signed exports.

DownloadOpen
PDF

Kingdom Conformance RFC v1.3.6

Standards‑track draft (PDF). Includes an official‑channels cover sheet.

DownloadOpen
PDF

CTC AAS Constitution v1.0

Admissible Automation Standard (PDF). Includes an official‑channels cover sheet.

DownloadOpen
PDF

HALTSEAL — Outreach Brief

1‑pager for Security review.

DownloadOpen
PDF

HALTSEAL — Outreach Deck

Deck (PDF).

DownloadOpen
PDF

Trust — Security posture

Printable trust brief (PDF).

DownloadOpen