1
Create IPR Base release
Use the generator to produce a private release JSON. The page computes payload_sha256 from that JSON.
Output you need
payload_sha256 + timestamp + signature
DOCS · QUICKSTART · 90 SECONDS · FAIL-CLOSED
Quickstart (90 seconds)
Do this once and you have a VALID public proof: generate a private release artifact, compute SHA-256, verify deterministically, then publish a minimized (hash-only) entry to the append-only registry.
If you miss a required field, the system denies: INVALID (fail-closed)
FAIL-CLOSED NOTICE · NO SOFT ACCEPTANCE
Required evidence is mandatory
HBCE requires deterministic evidence fields: payload_sha256, timestamp, signature. Missing/invalid evidence ⇒ INVALID.
Steps
2
Verify deterministically
Paste the evidence fields into Verify. The result is binary: VALID or INVALID.
Fail-closed rule
Missing evidence ⇒ INVALID (no partial validation)
3
Publish minimized proof (hash-only)
Build a minimized registry entry (public). Append it to /registry/registry.json.
Public fields
name (minimal) + payload_sha256 + timestamp (+ optional status)
4
Confirm public matching
Open the Registry viewer. It flags entries VALID/INVALID based on deterministic schema checks.
Append-only discipline
No edits. Changes become new entries/events.
Checklist (before you claim VALID)
- You kept the private release artifact private (not published publicly).
- payload_sha256 is 64-hex lowercase SHA-256.
- timestamp is ISO8601/RFC3339 parseable.
- You published a minimized entry to registry.json (append-only).
- Registry viewer shows your entry as VALID (format + presence of required evidence).
Where to go next
Protocol
Read the HBCE-CORE / VERIFY / REGISTRY stack in one page.
/protocol/Compliance posture
EU-first audit posture: hash-only, append-only, deterministic, fail-closed.
/compliance/Operator path
Operator license requires a VALID IPR Base (published proof).
/create/operator/