Docs / Verify

Verify the ledger yourself

An audit trail you have to trust is not an audit trail. Every decision Countersign makes lands in an append-only, hash-chained, Ed25519-signed ledger — and any entry in it can be proven, offline, by a third party who trusts nothing about us. Trust is verification, not faith.

What you can prove

The ledger publishes an RFC 6962 Merkle inclusion proof for any row, committed under a signed checkpoint. With the proof bundle and the public key, you can independently confirm three things:

Tamper with the payload, the proof path, or the root and verification fails. There is no way to forge an entry into a committed checkpoint without the signing key.

Pull a proof from the live ledger

# the public key — GET /ledger returns it alongside the rows
curl -s https://app.countersign.network/ledger \
  -H "authorization: Bearer $KEY" | jq .publicKey

# an inclusion proof for one row (record + Merkle path + signed checkpoint + key)
curl -s https://app.countersign.network/ledger/proof/2 \
  -H "authorization: Bearer $KEY" > proof.json

Verify it offline — no trust in Countersign

# zero-install; the CLI does all the crypto locally
npx @countersign/verify proof.json

#   row #2 of 52 (checkpoint ts …)
#     chain hashes recompute   ✓
#     Merkle inclusion         ✓
#     checkpoint signature     ✓
#   VERIFIED — this entry is committed by the ledger.

Exit codes are CI-friendly: 0 verified, 1 tampered (do not trust), 2 malformed input. So npx @countersign/verify proof.json && release-funds refuses to proceed on a proof that doesn't check out. Pin the key you expect with --public-key <base64> to catch a swapped signer, or the root with --root <hex>.

Why this matters

The ledger is three things at once: the audit trail (what every agent actually did), the compliance artifact (a signed, tamper-evident record), and — because it captures exactly what was evaluated — the usage meter. Making it independently verifiable means none of those rests on trusting the operator. A neutral control plane earns the "neutral" by being checkable. Checkpoint roots also carry an on-chain / transparency-log anchoring seam, so history can be pinned to a witness outside Countersign entirely.

Honest scope: everything here is testnet-only — no mainnet, no custody, no PII. The hosted sandbox seeds a mock three-backend fleet so you can exercise policy, guard, freeze, and ledger end-to-end. Mainnet follows a third-party security audit.

Try it in 60 seconds — no account, no human

Self-serve key, an isolated sandbox tenant with a three-backend demo fleet, testnet only.

Get a free key → Watch the freeze GitHub