Don’t trust the claim. Verify the pack.

This is a real Proofpane Evidence Pack — exported by the production code path and signed with Ed25519. Download it with the standalone verifier, disconnect from the internet if you like, and check it on your own machine: manifest signature, every file hash, and the full audit hash chain, re-computed locally. No Proofpane account. No API. No trusting us.

Download sample pack (.zip, 12 KB) Download verifier (verify_evidence_pack.py)

sha256(pack) = 88a097acb6ba453a8bc48ed1dd7189949d566034c0afd3e56cf02b8e1191da4c

Verify it (two commands)

pip install cryptography        # the only dependency (Ed25519)
python3 verify_evidence_pack.py proofpane-sample-evidence-pack.zip --verbose

What you should see — this is the verifier’s actual output for this exact file

Manifest version: evidence-pack/1.4
Exported at:      2026-07-09T21:38:57.121730Z
Records claimed:  16
Key fingerprint:  67ff4fa702e8eb1a

✓ Signature valid (Ed25519, key fingerprint 67ff4fa702e8eb1a)
✓ All 12 file hashes match manifest
✓ Audit chain re-verified: 16 records, all hashes match
✓ Chain anchors line up with slice boundaries

Slice details:
  first id=1 at 2026-07-09T21:38:57.013539Z
  last  id=16 at 2026-07-09T21:38:57.102009Z
  audit.integrity.checked: 1
  budget.blocked: 1
  cp.dlp.redact: 1
  cp.egress.deny: 1
  cp.hitl.resolve: 2
  mcp.client.connected: 1
  mcp.tool_call: 3
  mcp.tools.discovered: 1
  risk_threshold.detected: 1
  skill.execute: 3
  validation.error: 1

PASS — bundle integrity confirmed.

Then try to break it

  1. Unzip the pack and open audit/records.json.
  2. Change any byte — a timestamp digit, one character of a payload.
  3. Re-zip and run the verifier again.

It fails. That is the entire product in one experiment: a record that cannot be quietly rewritten — not by an employee, not by an attacker with database access, not by us.

What’s inside

Sixteen audit records telling one afternoon of governed AI work: a coding agent (Cursor, via the MCP daemon) reads source files, then gets denied on .env by the policy gate; a human approves a review-gated retry and DLP redacts the AWS key before any model sees it; governance skills run with cost and tokens metered; a high-risk output triggers a risk-tier human review; an over-budget model call is refused — and the refusal itself is on the chain; an egress-gateway block stops a credit-card number leaving via an n8n workflow; and the daily integrity cron re-verifies the chain. Plus: the manifest, per-file hashes, chain anchors, Ed25519 notary anchors, skill snapshots, and the control-mapping coverage (NIST AI RMF · ISO/IEC 42001 · EU AI Act · GDPR · SOC 2) for the skills in the slice.

Honest labeling. The events in this pack are a seeded demo narrative (the same dataset class as the public demo org) — no real customer data. Everything else is production-real: the export code path, the hash chain, the manifest, the Ed25519 signature (a sample key; each deployment signs with its own), and the verifier — byte-for-byte the tool an auditor would run on a real engagement.

Trust Center · What is Proofpane? · Live demo (no signup)

Pack generated and verified 2026-07-09 · manifest evidence-pack/1.4 · verifier requires only Python 3 + the cryptography package