Assay Proof Gallery

AI systems are making decisions and taking actions. Sooner or later, someone asks: show me the proof.

Example proof packs generated by the real Assay toolchain. Locally verifiable. No account, no platform access, no trust in the vendor required.

The gap

That question — can you prove it? — comes from customers, auditors, regulators, compliance teams, security reviewers, and internal leadership.

Most teams answer with logs on their own servers, screenshots, dashboards, policy documents, and selectively presented evidence. All of it depends on trusting the vendor.

The core problem: there is no artifact a company can hand over that an outsider can independently verify. A company says "our AI controls ran" but cannot produce proof that someone else can check.

What Assay does

Assay is an evidence compiler. It records the important execution events, checks, and decisions during an AI workflow and packages them into a proof pack — a small, portable, cryptographically signed folder that anyone can verify offline.

Assay exists to bridge the gap between what a company says happened and what an outsider can independently verify.

Verify a real sample artifact in your browser. No install. Nothing uploaded.

REVIEWER PACKET PASS HONEST FAIL TAMPERED

Client-side verification. Reviewer packets and proof packs resolve to the same contract, just at different layers.

The proof pack

A proof pack is a small signed folder created from an AI workflow execution. It is the thing a buyer, auditor, or reviewer can actually hold, inspect, forward, and verify.

receipt_pack.jsonl The evidence trail. Line-by-line receipts of what happened during the run: model calls, checks, verdicts, capability uses.

pack_manifest.json The inventory sheet. Lists every file and its fingerprint, plus the pack identity and signer information.

pack_signature.sig The digital wax seal. Proves the manifest was signed by the pack creator and not changed afterward.

verify_report.json The machine-readable verdict. Structured results for software, automation, and CI pipelines.

verify_transcript.md The human-readable summary. The same verification story, written for people. Forwardable to auditors as-is.

How verification works

Every file gets a fingerprint (a hash). Change one byte and the fingerprint changes.

The manifest records the expected fingerprints for every file in the pack.

The manifest is digitally signed with the signer's private key.

The verifier recomputes fingerprints and checks the signature. If anything changed, verification fails.

If a file was changed, the fingerprint won't match. If someone edits the manifest to cover it, the signature breaks. That is how tampering is detected.

Three outcomes

PASS Authentic evidence, declared standards pass. The pack is intact, the signature is valid, and all claimed checks succeeded.

HONEST FAIL Authentic evidence, declared standards fail. The pack is intact, but the system violated its own standard. The failure is sealed — it cannot be rewritten after signing.

TAMPERED Evidence changed after signing. One or more files were modified. The pack cannot be trusted as authentic evidence.

Example scenarios

Six public artifacts from the real toolchain: three proof-pack verdicts, one reviewer packet, one insurance vertical mapping, and one MCP proxy scenario.

FintechCo Loan Approval

PASS

Five receipts across model calls, a guardian verdict, and a capability use. Integrity intact. All declared claims pass. This is what a clean, verifiable AI run looks like.

Verify in browser View pack

Details

assay verify-pack ./gallery/01-fintech-pass/proof_pack

IntegrityPASS

ClaimsPASS

Receipts5

Exit0

6e6b34e48dd13ae0… — signature_verified

InsuranceTech Claims Review

HONEST FAIL

The evidence is authentic and untampered. It proves the system missed its declared coverage standard: 3 receipts recorded, 10 required. The failure was sealed at runtime. Failure is provable, not suppressible.

Verify in browser View pack

Details

assay verify-pack ./gallery/02-insurance-honest-fail/proof_pack --require-claim-pass

IntegrityPASS

ClaimsFAIL

Receipts3 of 10

Exit1

d2dfa04aed0697cf… — signature_verified

DataCo Analytics — Tamper Detection

TAMPERED

A clean proof pack with one byte changed in the receipt file. The manifest and signature are untouched — the SHA-256 mismatch is all the verifier needs to detect the tamper. Anyone can detect altered evidence offline.

Verify in browser View pack Challenge

Details

assay verify-pack ./gallery/03-tamper-demo/good # exit 0 assay verify-pack ./gallery/03-tamper-demo/tampered # exit 2

CleanPASS

TamperedTAMPERED

Exit2

clean: d664115a7aaaedfb… — signature_verified

AcmeSaaS Support Workflow Reviewer Packet

VERIFIED WITH GAPS

A buyer-facing reviewer packet wrapped around a signed proof pack. The nested proof verifies cleanly, but one workflow boundary remains partial. This is the handoff artifact a buyer can forward and challenge.

Verify in browser View packet QA checklist

Details

assay reviewer verify ./gallery/05-reviewer-packet-gaps/reviewer_packet assay verify-pack ./gallery/05-reviewer-packet-gaps/reviewer_packet/proof_pack

PacketVERIFIED_WITH_GAPS

Nested proofPASS

Coverage1 evidenced / 1 partial

Packet warns that the packet manifest is unsigned; the nested proof pack remains signed and verifiable.

Insurance vertical mapping

NAIC AISET Questionnaire Packet

VERIFIED WITH GAPS

14 AISET-aligned questions mapped to proof-pack evidence. 8 are machine-provable. 3 require human attestation. 2 are explicitly out of scope. The first verifiable evidence format mapped to the insurance AI questionnaire shape.

View packet Coverage matrix

Details

assay vendorq export-reviewer \ --proof-pack ./proof_pack \ --boundary ./boundary.json \ --mapping src/assay/mappings/naic_aiset/question_mapping.json \ --out ./naic_aiset_packet

Evidenced8

Partial1

Human-attested3

Out of scope2

Agent / tool-call scenario

LogisticsCo MCP Notary Proxy

PASS

An AI agent calls three MCP tools through the Assay MCP Notary Proxy. Every tool call is receipted with arguments, results, timing, and server identity.

View pack

Details

assay verify-pack ./gallery/04-mcp-notary-proxy/proof_pack

MCP toolsweather, inventory, risk

Exit0

Get started

Install pip install assay-ai

Clone gallery git clone https://github.com/Haserjian/assay-proof-gallery

Verify online Browser verifier — client-side, nothing uploaded

Walkthrough Step-by-step guided verification

Trust boundary: Assay proves post-hoc integrity of the pack, not source honesty at creation time. If the instrumented code lies about what it called, the receipt will faithfully record that lie. The trust boundary is tamper-evidence, not omniscience.