Metadata-Version: 2.4
Name: traceseal-verify
Version: 1.0.2
Summary: Verify Traceseal Execution Receipts — cryptographic proof of what your AI agent did
License: Apache-2.0
Project-URL: Homepage, https://traceseal.io
Project-URL: Specification, https://traceseal.io/spec
Project-URL: Source, https://github.com/traceseal/traceseal-verify
Keywords: ai,agents,trust,verification,receipts,ed25519,traceseal
Classifier: Development Status :: 4 - Beta
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Programming Language :: Python :: 3
Classifier: Topic :: Security :: Cryptography
Requires-Python: >=3.9
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: cryptography>=41.0
Dynamic: license-file

# traceseal-verify

Verify [Traceseal Execution Receipts](https://traceseal.io/spec) — cryptographic proof of what your AI agent did.

## What is an Execution Receipt?

Every AI agent framework can make agents *do things*. None of them can *prove what the agent did* to a third party. A Traceseal Execution Receipt is a signed JSON document that proves:

- **What code ran** — manifest hash over every source file
- **Who authorized it** — publisher's ed25519 signature in a transparency log
- **What sandbox it ran in** — hash of the kernel-namespace configuration
- **What it produced** — SHA-256 of inputs and outputs (not the values — privacy preserving)
- **Who vouches for it** — operator's ed25519 signature over everything above

Third parties verify the receipt with one command. No access to the operator's machine needed.

## Install

```bash
pip install traceseal-verify
```

## Verify a receipt

```bash
traceseal-verify receipt.json
```

```
[OK] receipt.json
  skill:     agentmail v1.2.0
  operator:  ed25519:f19bc125dcfdb2eb91e98da98d45bb7a
  publisher: ed25519:a07c7eb5f20f6b99d1914d7ec5221a25
```

## Python API

```python
from traceseal_verify import verify_receipt_file

result = verify_receipt_file("receipt.json")
if result.ok:
    print(f"Verified: {result.skill_name} v{result.skill_version}")
```

## What verification checks

1. **Structure** — required sections present, recognized version
2. **Consistency** — execution and provenance agree on which code was signed
3. **Signature** — operator's ed25519 signature is valid over the execution + provenance data

## What verification does NOT check

- Whether the operator's key is trusted (your policy decision)
- Whether the publisher's key is trusted (your policy decision)
- Whether specific inputs/outputs match expected values (your application logic)

## Generating receipts

Receipts are generated by [Traceseal](https://traceseal.io). This package is the verification side only — deliberately minimal so anyone can verify without installing the full toolchain.

## Spec

[Traceseal Execution Receipt Specification](https://traceseal.io/spec)

## License

Apache 2.0 — no barriers to verification in any context.
