Verifier Distribution

This document names the offline verifier artifacts that third parties should receive or build for Mandate Companion and Receipted Memory. Verifier results are evidence about signed bytes and local chains only; they are not safety, privacy, confidentiality, legal-compliance, or provider-behavior guarantees.

Shared release rules

Mandate Companion verifier

Artifact paths

The Mandate npm package `files` list includes `dist/src` and `web`. A publishable npm release must include built `dist/src` files and the static web verifier; do not publish an empty source-only verifier package. If the package remains marked `private`, treat npm distribution as not released and use the static or repository artifact instead.

For offline npm-style distribution, hand reviewers a prebuilt tarball such as `flow-memory-mandate-verifier-0.0.0.tgz` generated from `mandate/verifier` after build. Reviewers can install from that local tarball without network access and run the package bin:

```bash

npm install --global ./flow-memory-mandate-verifier-0.0.0.tgz

mandate-verify bundle path/to/mandate-bundle.json

```

Do not describe the npm package as publicly published while package metadata still contains `private: true`.

Export contents to preserve

A third-party Mandate review needs the redacted bundle JSON exactly as exported. The bundle root is `mandate-bundle/1` and includes the keyring public key, evaluator version, verifier reference, mandates, receipts, and revocations. Redacted action payloads may omit sensitive fields; when omitted evidence is needed to decide a rule, the verifier must report a gap rather than green.

The extension also keeps signed local `ledger-head/1` pointers for receipt and revocation logs. The public `mandate-bundle/1` export is the verifier artifact; if a release later exports signed heads or checkpoints, the verifier must understand them before they are relied on. Without a prior trusted head, count, or last hash, a third party cannot prove that an otherwise valid supplied bundle is not a tail-truncated subset of local history.

Offline CLI steps

From a machine that already has the built verifier files:

```bash

node mandate/verifier/dist/src/cli.js bundle path/to/mandate-bundle.json

```

Or, for the checked-in fixture:

```bash

node mandate/verifier/dist/src/cli.js bundle mandate/spec/sample-bundle.json

```

Expected vocabulary:

Offline static steps

1. Save the exported Mandate bundle as a local `.json` file.

2. Disconnect networking if the review requires a no-network check.

3. Open `mandate/verifier/web/index.html` from disk in Chrome or Edge.

4. Paste or load the bundle JSON and run verification.

5. Record the full status, counts, and reasons. Do not summarize a gap as valid.

Receipted Memory verifier

Artifact paths

The Receipted Memory npm package `files` list includes `dist/src` and `web`. A publishable npm release must include built `dist/src` files and the static web verifier; do not publish an empty source-only verifier package. If the package remains marked `private`, treat npm distribution as not released and use the static, ZIP, or repository artifact instead.

For offline npm-style distribution, hand reviewers a prebuilt tarball such as `flow-memory-receipted-memory-verifier-0.0.0.tgz` generated from `receipted-memory/verifier` after build. Reviewers can install from that local tarball without network access and run the package bin:

```bash

npm install --global ./flow-memory-receipted-memory-verifier-0.0.0.tgz

receipted-memory-verify chain path/to/receipts.jsonl

```

Do not describe the npm package as publicly published while package metadata still contains `private: true`.

Export contents to preserve

A compliance ZIP contains these offline artifacts:

Preserve the whole ZIP when possible. If files are extracted, keep `receipts.jsonl` and `public_key.txt` together and compare the public key with the signer key expected for the user or organization through a separate trusted channel.

No checked-in compliance ZIP sample is currently present. The checked-in verifier fixture is the single receipt at `receipted-memory/spec/sample-receipt.json`; reviewers should use a real exported compliance ZIP for end-to-end ZIP review.

Offline CLI steps

Verify one receipt, using the receipt's embedded public key or an explicit key from the ZIP:

```bash

node receipted-memory/verifier/dist/src/cli.js receipt path/to/receipt.json

node receipted-memory/verifier/dist/src/cli.js receipt path/to/receipt.json --public-key BASE64_X963_PUBLIC_KEY_FROM_PUBLIC_KEY_TXT

```

Verify an exported chain:

```bash

node receipted-memory/verifier/dist/src/cli.js chain path/to/receipts.jsonl

```

For the checked-in fixture:

```bash

node receipted-memory/verifier/dist/src/cli.js receipt receipted-memory/spec/sample-receipt.json

```

Expected vocabulary:

Offline static steps

1. Export a compliance ZIP from Receipted Memory and keep it local.

2. Disconnect networking if the review requires a no-network check.

3. Extract the ZIP and open its `verifier.html` from disk, or open `receipted-memory/verifier/web/index.html` from the release artifact.

4. Paste a receipt and the public key from `public_key.txt`, or use the page's chain flow if available for that release.

5. Record the full status and reason. A valid receipt does not prove confidentiality after the user sent released values to Claude, ChatGPT, or another provider.

Release checklist for verifier artifacts