H33
H33 Portability Verifier · v0.1.0 · released 2026-06-04

Verify portable artifacts independently.

Bundle + Attestation + Submission + Verifier all agree. No H33 contact required.

A carrier, auditor, regulator, PE partner, or CISO downloads this binary, points it at an H33 enterprise bundle, and confirms the bundle replays to its SACRED state_id byte-identically — with no H33 contact, no database access, no vendor service call. The artifact survives us. "H33 issued the attestation. H33 is not required to verify the attestation."

Constitutional invariants this release embodies

Q0 — Who bears risk? Never H33. This binary bears the risk of verifier correctness — same input → same output, byte-identically. Nothing else.

Q0.5 — Who owns the decision? Always the decision owner. The verifier surfaces structural replay verdicts. It never judges whether a decision was wise, correct, fair, lawful, or compliant.

v0.1.0 release

PLATFORM aarch64-apple-darwin (macOS · Apple Silicon)
h33-independent-canonical-replay-v0.1.0-aarch64-apple-darwin
size1,149,600 bytes  ·  sha3-2564b7e3576b3756f54990853abc418b2473640a521d3541bb8b5dc9b180c194361
Binary ⬇
h33-verifier-source-v0.1.0.tar.gz
size55,283,352 bytes  ·  sha3-25698d4ce874bbace0b7e6fc04ef4d321a4730cbcc4eba252da36a8ecf6c89647a5
Source ⬇
{ }
release_manifest.json
all hashes · build environment · capabilities · v0.2 deferrals
Manifest ⬇
README.md
step-by-step instructions · quick-start commands · honest v0.1 caveats
README ⬇
example-output-claim-84711.json
verifier output captured against the canonical-continuity-tenant case · "PASS — H33 was removed from the process and the organization replayed identically"
Example ⬇

Verify a shipped enterprise bundle in five commands

1

Download the Portability Verifier + enterprise bundle

curl -O https://h33.ai/verifier/v0.1.0/h33-independent-canonical-replay-v0.1.0-aarch64-apple-darwin
curl -O https://h33.ai/workspace/portability/bundles/tenant_insurance_claim_44962d9b-25f5-5622-bd9a-98d5580bb8a2_enterprise_bundle.tar.gz
2

Confirm the binary's SHA3-256 matches the manifest

python3 -c "import hashlib; print(hashlib.sha3_256(open('h33-independent-canonical-replay-v0.1.0-aarch64-apple-darwin','rb').read()).hexdigest())"
# Expected: 4b7e3576b3756f54990853abc418b2473640a521d3541bb8b5dc9b180c194361
3

Walk the three-layer enterprise bundle extraction

chmod +x h33-independent-canonical-replay-v0.1.0-aarch64-apple-darwin
mkdir work && cd work
tar -xzf ../tenant_insurance_claim_*_enterprise_bundle.tar.gz
tar -xzf cases/claim-84711/submission.tar.gz -C cases/claim-84711/
tar -xzf cases/claim-84711/evidence_package.tar.gz -C cases/claim-84711/
4

Run the Portability Verifier

../h33-independent-canonical-replay-v0.1.0-aarch64-apple-darwin \
    --events-file cases/claim-84711/events.json \
    --manifest-file cases/claim-84711/manifest.json
5

Confirm the verdict

The verifier prints a JSON report. The two load-bearing fields:

"overall_pass": true
"determination": "PASS — H33 was removed from the process and the organization replayed identically."

If you see those two, you have independently verified the case. You did not contact H33 at any step. That is the property the entire Trustless Decision Attestation category rests on.

What the Portability Verifier verifies

Structural replay determinism. Five locked checks: policy_version_ref resolves · model_version_ref resolves · decision_lineage resolves · decisions made during active authority · state_id reproduces byte-identically. Plus per-event PQ signature verification (ML-DSA-65 + FALCON-512 + SLH-DSA-128f) with the --verify-signatures flag.

What the Portability Verifier does NOT verify · ever (Q0.5)

The verifier surfaces structural replay verdicts. It does not — and will never — surface judgments about whether a decision was wise · correct · fair · lawful · compliant · likely to hold up in court. Those judgments belong to carriers, auditors, regulators, and acquirers. The verifier provides the substrate; the judgment is theirs.

Honest v0.2 deferrals