MnemoPay
Article 12 · verifier

Drop a bundle.
Get a verdict.

This page recomputes the Merkle root, re-verifies every Ed25519 signature, and self-certifies the agent DID — entirely inside your browser. Nothing is uploaded.

Drag & drop · or click to browse
Article 12 bundle (.json)
Or use the shipped demo bundle below.
Download article12-demo.json
No bundle loaded yet.
Awaiting bundle…
Drop your Article 12 export, or use the demo button above.
What this verifier checks
  1. Parses the JSON and confirms version: 2.
  2. Re-canonicalises every event (sorted-key JSON, no whitespace) and rebuilds the tree-Merkle root.
  3. Compares the recomputed root against bundle.merkle_root.
  4. Confirms the agent's DID did:mp:<32-hex> hashes back to its public key (SHA-256 of SPKI-DER, first 16 bytes).
  5. Re-verifies the Ed25519 signature on every event against the agent's public key.
  6. Re-verifies the bundle-level signature over canonicalize({meta, merkle_root, built_at}).

All cryptography runs in crypto.subtle (WebCrypto). Ed25519 is supported in Chrome 137+, Firefox 130+, and Safari 17+. The verifier is ~10 KB of vanilla JS — view source on verify.js to audit.

Demo key disclosure

The shipped article12-demo.json is signed with a public demo Ed25519 key. The private key is derived from a fixed seed in scripts/generate-article12-demo.mjs — anyone can re-sign their own forged bundle with it. This is intentional. Real customer bundles are signed with the customer's own wallet (see @mnemopay/sdkWallet.create()). The demo proves the verification mechanics, not the trust anchor.