VRL Proof Bundle Verifier
Paste a VRL Proof Bundle JSON to verify it offline. All cryptographic operations run in your browser using the SubtleCrypto Web API. No data is sent to any server.
Paste a Bundle
How Verification Works
10-Step Process
VRL verification follows a deterministic 10-step procedure:
- Parse JSON
- Check VRL version
- Validate required fields
- Validate AI Identity
- Validate computation data
- Validate proof structure
- Verify integrity hash
- Validate bundle ID
- Validate timestamps
- Final summary
Cryptographic Verification
The integrity hash is verified using SHA-256:
integrity_hash = SHA256(
input_hash +
output_hash +
trace_hash
)Computed client-side using the SubtleCrypto Web API.
Offline, No Trust
All verification happens in your browser. No network calls are made. You don't have to trust VRL, your browser, or any server. Just the mathematics.
Proof Bundle Structure
A valid VRL Proof Bundle contains:
vrl_version
The VRL specification version (e.g., "1.0")
bundle_id
UUID v4 unique identifier for this bundle
ai_identity
Proof of which AI ran: model name, version, provider, AI-ID hash, execution environment
computation
What the AI computed: circuit ID, input/output/trace hashes, integrity hash, circuit hash
proof
The cryptographic proof: proof system, proof bytes, public inputs, verification key ID
legal (optional)
Compliance metadata: jurisdictions, admissibility standard, compliance flags
data_commitments (optional)
Binding to external datasets: dataset ID, version, hash, provider, commitment hash
issued_at (optional)
ISO 8601 timestamp of bundle creation
Supported Proof Systems
| Proof System | Strength | Use Case |
|---|---|---|
plonk-halo2-pasta |
Cryptographic | Deterministic compliance calculations, tariff rules, decision logic |
tee-intel-tdx |
Hardware | AI inference inside Intel Trusted Execution Environment |
tee-amd-sev-snp |
Hardware | AI inference inside AMD SEV-SNP enclave |
zk-ml |
Cryptographic | Small ML models using zero-knowledge proofs (EZKL) |
sha256-deterministic |
Hash-chain | Rule engines, simple verifiable rules, audit trail binding |
api-hash-binding |
Hash-binding | API-hosted models, HMAC-based audit trails |
Frequently Asked Questions
Is verification really offline?
Yes. All verification steps run in your browser using the SubtleCrypto Web API. SHA-256 is computed client-side. No network requests are made.
What does verification actually check?
The 10-step procedure validates the bundle structure, checks that the integrity hash is correct (input + output + trace), and confirms all required fields are present and well-formed.
Can I trust the result?
You're trusting the mathematics (SHA-256) and your browser's SubtleCrypto implementation (which is standardized and audited). You're not trusting VRL, any server, or any external service.
What does a "VALID" result mean?
It means the bundle is well-formed and the integrity hash is correct. It does NOT guarantee that the AI actually ran correctly — that requires checking the proof system (PLONK, TEE, etc.).
Where do I get VRL bundles?
From AI systems that have implemented the VRL spec and integrated it with their proof generation system. See the SDK repo and registry repo for details.
Can I integrate this verifier into my app?
Yes! Use the verifyProofBundle() function from assets/vrl.js. It returns a
structured result object.