Problem
The current verification page (cambriantech.github.io/forge-alloy/verify/) is a single point of failure and trust. If compromised, it shows fake provenance. The website should NOT be the authority — the math should be.
Design
Alloy is self-verifiable
The alloy JSON contains everything needed to verify itself:
- Model hash (SHA-256 of weights)
- Code hash (SHA-256 of forge binary)
- Attestation signature (ES256/EdDSA)
- Public key of the signer
Verification runs CLIENT-SIDE
The verification page is a static JS app that:
- Fetches the alloy from ANY source (URL param, file upload, QR scan)
- Recomputes hashes locally in the browser (Web Crypto API)
- Verifies signatures locally (no server round-trip)
- Displays results — green checkmarks or red X per claim
The page could be hosted anywhere — GitHub Pages, IPFS, locally. The JS is the same. If our page goes down, anyone can host a copy. The math doesn't change.
No single point of trust
| Component |
Trust Model |
| Alloy data |
Fetched from HF, IPFS, local — multiple sources |
| Verification logic |
Client-side JS, open source, anyone can audit |
| Hosting |
Static page, hostable anywhere, no server state |
| Signing keys |
Public keys in the alloy — verifiable by anyone |
| Model weights |
Hash in alloy vs actual file — user verifies locally |
QR code contains
Option A: Full compact alloy (<3KB, fits in high-density QR)
Option B: Hash + URL to fetch full alloy from HF/IPFS
CLI verification
forge-alloy verify model.alloy.json --model-dir ./weights/
# Checks: alloy signatures, model hash vs weights, code hash
# No network needed if alloy file is local
Spec
The alloy schema must define the verification algorithm so ANYONE can implement a verifier — not just our tools. The algorithm is:
- Parse alloy JSON
- Verify attestation signature against public key
- Recompute model hash from weight files
- Compare computed hash to claimed hash
- Check code hash against known forge binaries
- Verify Merkle chain if present
Same principle as bitcoin: you don't trust a website to verify transactions. You run the math yourself.
Priority
High — trust infrastructure must be right before public grid economy (#716).
Related
Problem
The current verification page (cambriantech.github.io/forge-alloy/verify/) is a single point of failure and trust. If compromised, it shows fake provenance. The website should NOT be the authority — the math should be.
Design
Alloy is self-verifiable
The alloy JSON contains everything needed to verify itself:
Verification runs CLIENT-SIDE
The verification page is a static JS app that:
The page could be hosted anywhere — GitHub Pages, IPFS, locally. The JS is the same. If our page goes down, anyone can host a copy. The math doesn't change.
No single point of trust
QR code contains
Option A: Full compact alloy (<3KB, fits in high-density QR)
Option B: Hash + URL to fetch full alloy from HF/IPFS
CLI verification
Spec
The alloy schema must define the verification algorithm so ANYONE can implement a verifier — not just our tools. The algorithm is:
Same principle as bitcoin: you don't trust a website to verify transactions. You run the math yourself.
Priority
High — trust infrastructure must be right before public grid economy (#716).
Related