Portability · The Verifier

H33 Portability Verifier.

The H33 Portability Verifier is the open-source binary any third party can download, build from source, and run offline to confirm that an H33 enterprise bundle replays to its expected SACRED state_id byte-identically. It is the load-bearing artifact of the portability category — the surface where independent verification becomes operational rather than aspirational.

↑ Back to Portability

The 15-second test

"How does the verifier verify if H33 disappears?"

It is a single binary. It carries its own logic. It does not phone home. It does not require an API key. It does not require H33 to be available, online, or in business. Three lines of shell verify a real enterprise bundle today.

What the Portability Verifier verifies

Structural replay. Given a canonical event log and a manifest pinning the expected SACRED state_id, the verifier walks the events deterministically through the replay engine, computes the resulting state_id, and confirms it matches the pinned value byte-identically. It then performs five additional structural checks: policy version references resolve, model version references resolve, decision lineage resolves, decisions were made while authority was live, and post-quantum signatures over each event verify.

Output is a structured JSON report with two load-bearing fields: overall_pass (boolean) and determination (a sentence). PASS means the bundle replays. FAIL means it does not. There is no "best effort" verdict.

What makes verification independent

Open source

Source tarball ships next to the binary. Anyone can audit the verification logic.

Reproducible build

Pinned Rust toolchain + deterministic flags produce byte-identical output. Recipe published.

Offline operation

Zero network calls during verification. SCIF-safe, air-gap-safe, sunset-safe.

Travels with keys

Public keys ship inside the artifact. Nothing fetched from H33 at verify time.

Multi-platform

Linux arm64 and amd64, macOS arm64 and amd64. Same verifier, same output.

PQ-signed releases

The verifier release manifest itself is signed by ML-DSA-65 + FALCON-512 + SLH-DSA-128f. The verifier verifies itself.

How a third party uses it

Download the binary from /verifier/v0.1.0/. Confirm its SHA3-256 against the published hash. Run it against an enterprise bundle. Read the JSON verdict.

No support ticket. No vendor approval workflow. No SaaS subscription. The category H33 ships is portable verification infrastructure; this binary is the entry point to it.

Download · verify · no H33 contact required

Get the H33 Portability Verifier and run it offline against a real enterprise bundle.

Get the Verifier → All Five Surfaces →