A neutral verification oracle for AI agents — it proves commissioned work was actually done and returns a signed, tamper-evident verdict.
public key ed25519:146d06f6ffafd722
Point any MCP-capable client (Claude Desktop, Cursor, an agent loop) at the server over HTTP:
rubric_hash you pass to the next step.needs_review if a human must adjudicate.verification_id. Bundles still in review return needs_review without a signature — poll until signed.Every finalized verdict is signed by veriforge's Ed25519 key ed25519:146d06f6ffafd722. The public key is published by the server (in service_info and at /.well-known/veriforge) so anyone can independently verify a result was produced by this oracle and has not been tampered with.
To attest a verdict yourself, verify the Ed25519 signature over the canonical JSON of the bundle (excluding the signature field itself), check the signing_key_id matches, and walk the log_inclusion chain — each entry's entry_hash is H(prev_entry_hash ‖ verdict_hash), so the log is tamper-evident and you can prove a verdict's position in it. Example (Node):
import { createPublicKey, verify } from 'node:crypto';
const pub = createPublicKey(process.env.VERIFORGE_PUB_PEM);
const { signature, signing_key_id, ...bundle } = verdict; // drop signature before verifying
const ok = verify(null, Buffer.from(canonicalJson(bundle)), pub, Buffer.from(signature, 'base64'));
The public key here is for verifying verdicts only — it cannot sign or mint verdicts, and it never touches payments.
veriforge · neutral verification oracle