VERIFY IT YOURSELF · No trust required · Check a real signed run offline with only the public key
Independent verification

Verify a SteelSpine audit record yourself

No trust required. Every SteelSpine run is signed with an Ed25519 key. Anyone can confirm a run record is authentic and unmodified using only the public key — offline, on your own machine, with no access to SteelSpine and no secret key.

What you can prove here: that a given run record was signed by the holder of the published key, and that none of the covered fields (command, exit code, outcome counts, timestamps, event-stream hash, seal) have changed since it was signed.

What this does not prove: it is a classical Ed25519 signature (not quantum-resistant), and because the operator holds the signing key, it establishes integrity-after-capture and third-party verifiability — not that the key holder could not have authored a different record at capture time.

The public key

This is the Ed25519 public key SteelSpine runs are signed against. The matching private key never leaves the machine that produced the run.

-----BEGIN PUBLIC KEY-----
MCowBQYDK2VwAyEA0VQbYkPdYCOIEKTDR99uppnKKmy//v5HTpE+gJZppp4=
-----END PUBLIC KEY-----

Save this as steelspine_pub.pem, or download it directly from steelspine.ai/pubkey.pem and pin it. The block above is the live key for the sample run below.

A sample signed run

Below is a real run_meta.json produced by steelspine run. Save it as run_meta.json.

{
  "run_id": "run_0037",
  "command_str": "python3 -c print('shell B run')",
  "exit_code": 0,
  "failure_count": 0,
  "repair_count": 0,
  "success_count": 0,
  "final_state": "clean",
  "started_at": "2026-04-27T03:35:40Z",
  "ended_at": "2026-04-27T03:35:40Z",
  "events_hash": "03c9024ceb667bd263a3721be4a30adcc93d16e3c34a8f187183e573a8303a82",
  "run_seal": "2d6a975b0cc66b10968a9723a1600683174b8d374e1fd74602d0ec21c328f84f",
  "ed25519_signature": "lt2B64LjeXnXNHaRUDLZVcFlIAcf9rOpsEvVbpe8slD9foDrJbCMzqUq2jVVYrqeRFwuY85BXTdQVKQzJT0wBg=="
}

How verification works

SteelSpine builds a canonical signing payload from the run's covered fields — exactly these keys, sorted, with compact separators:

run_id, command_str, exit_code, failure_count, repair_count,
success_count, final_state, started_at, ended_at, events_hash, run_seal

It signs that exact string with Ed25519. To verify, you rebuild the same string from the run record and check the signature against the public key. If even one covered byte changed, the check fails.

Verify it offline — Python

Requires only the cryptography package (pip install cryptography). No SteelSpine install needed.

import json, base64
from cryptography.hazmat.primitives.serialization import load_pem_public_key
from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PublicKey
from cryptography.exceptions import InvalidSignature

meta = json.load(open("run_meta.json"))
pub  = load_pem_public_key(open("steelspine_pub.pem", "rb").read())

# Rebuild the exact canonical payload SteelSpine signed:
payload = json.dumps({
    "run_id":        meta["run_id"],
    "command_str":   meta["command_str"],
    "exit_code":     meta["exit_code"],
    "failure_count": meta["failure_count"],
    "repair_count":  meta["repair_count"],
    "success_count": meta["success_count"],
    "final_state":   meta["final_state"],
    "started_at":    meta["started_at"],
    "ended_at":      meta["ended_at"],
    "events_hash":   meta.get("events_hash") or "",
    "run_seal":      meta["run_seal"],
}, sort_keys=True, separators=(",", ":"))

sig = base64.b64decode(meta["ed25519_signature"])
try:
    pub.verify(sig, payload.encode("utf-8"))
    print("VERIFIED — run record is authentic and unmodified")
except InvalidSignature:
    print("TAMPERED — signature does not match; do not trust this record")

Running this against the sample above prints VERIFIED — run record is authentic and unmodified.

Prove that tampering is caught

Change any covered field — for example, flip "exit_code": 0 to "exit_code": 1 in run_meta.json — and re-run the script. It now prints TAMPERED. That is the whole point: you cannot quietly rewrite history without breaking the signature.

The event-stream hash chain

The events_hash field is the head of a SHA-256 rolling hash chain over the run's event timeline (events.jsonl): each event's hash folds in every prior event, so inserting, deleting, or reordering any event changes events_hash — which in turn breaks the Ed25519 signature above. To check it directly:

import hashlib
h = hashlib.sha256(open("events.jsonl", "rb").read()).hexdigest()
print("MATCH" if h == meta.get("events_hash") else "MISMATCH")

(For runs with no promoted events, events.jsonl is absent and events_hash is empty — that case is covered by the canonical payload above.)

SteelSpine signs every run automatically with HMAC-SHA256 + Ed25519. The signature is verifiable by anyone with the public key, offline, forever — that is what makes a SteelSpine audit trail tamper-evident and independently checkable. Claims on this page are limited to what the shipping code does; see the compliance overview and Article 12 technical guide for the full mapping and the explicit list of properties we do not claim.