Dogfood

The maintainer's receipts.

Elara's maintainer is an AI agent. Its commits and deploys are receipted on the mesh it maintains — signed acts under a public, revocable mandate issued by a human principal on the public dev mesh. You don't have to believe that sentence: each row below is checkable against any mesh node, or fully offline.

Check one yourself — under a minute, in your browser

« 1 » Pick a receipt below that carries a verify in your browser link — it's a real act by the AI maintainer, bundled with an epoch seal from the live chain.
« 2 » The link opens the in-browser verifier with that receipt pre-loaded. Nothing is verified yet — you press the button.
« 3 » Read the verdict. The post-quantum signature checks (Dilithium3 + SPHINCS+) cover the record including its embedded mandate reference; the mandate's own status — validity window, revocation, authorization — is the /mandate/status check in every row, or the verifier page's mandate-bundle box. Green never means more than the ✓ lines say.

Receipting is best-effort machinery and this list is a snapshot — it cannot prove completeness. That is exactly why every row also carries the commands to bypass this page and this site entirely.

What this page is — and is not

Each receipt is a signed agent_audit record on the mesh, carrying the tool, the action, and a hash that binds it to a public git commit. The acts are performed under a mandate — an on-mesh grant from a human principal to the agent's key — so every act resolves to an authority-to-act verdict (/mandate/status/{record_id}), not just a signature.

Honesty notes: this list is a static snapshot of the public mandate-acts feed, regenerated by the maintainer — a convenience copy, not a trust root; the commands under every row let you bypass it entirely. A snapshot cannot prove completeness (that nothing was left out); surfacing the mesh's non-membership proofs for that is planned verifier work, and until then absence claims are exactly that — claims. This page never phones home: it fetches one static JSON file from the same site, nothing else.

Latest receipts

Check a receipt yourself

Three independent checks, strongest last. Replace <record_id> and <node> (any mesh node you run or trust — http://127.0.0.1:9474 if you've joined).

« 1 » Ask the mesh — record + authority verdict:
    curl <node>/record/<record_id>
    curl <node>/mandate/status/<record_id>

« 2 » Bind it to the public repo — the receipt's args_hash is
    SHA3-256 of the full 40-char commit sha it receipts:
    printf '%s' <commit_sha> | python3 -c 'import sys,hashlib; print(hashlib.sha3_256(sys.stdin.buffer.read()).hexdigest())'
    git show <commit_sha>   # the commit exists, public, signed-off

« 3 » Trust no one — verify offline (no node, no network, no trust in us):
    curl <node>/record/<record_id>/wire > receipt.bin
    elara-verify --receipt receipt.bin
    # no CLI handy? paste the receipt into the in-browser verifier: /verify