HBCE LAB · REPLICABLE PROTOCOL

EXPERIMENT-0002 — Evidence Pack (Offline Verify)

Generate a portable Evidence Pack (manifest + payload + sha256 + signature) and verify it offline. The verifier is deterministic and fail-closed: missing or mismatching proof → INVALID.

AUDIT-FIRST FAIL-CLOSED HASH-ONLY PORTABLE EVIDENCE ZERO DEPENDENCIES

1) Generate Evidence Pack

This produces a single JSON file you can store, email, archive, or attach to a registry entry (hash-only).

Scenario

Vector (comma numbers)

Decision / Output (text)

Notes (optional)

Status: MISSING IDENTITY KEYS

Field	Value
pubkey_jwk	—
payload_sha256	—
signature_b64	—

Crypto note: using WebCrypto ECDSA P-256 for broad browser support, zero deps. The evidence structure is algorithm-agnostic.

2) Offline Verifier

Load an Evidence Pack JSON file. The verifier recomputes SHA-256, checks signatures, and validates structural invariants.

Status: NO PACK LOADED

Pack (preview)

Fail-closed rules: missing fields → INVALID; hash mismatch → INVALID; signature mismatch → INVALID.

Acceptance Criteria

Replicable: anyone can verify a pack offline with deterministic results.
Portable: one JSON file contains all evidence (manifest + payload + proof).
Fail-closed: any missing or mismatching proof returns INVALID.
Hash-only ready: payload_sha256 can be published in a public registry without exposing private content.