Public verifier · no auth · no sign-up
Verify any Aqta receipt
Paste a receipt. The verifier runs in your browser against the published Ed25519 key. No Aqta server in the trust path.
Open spec: ATTESTATION-v1 · Same checks as aqta-verify-receipt v1.0.2 on PyPI and npm.
Verifier passes all 14 ATTESTATION-v1 conformance vectors (6 valid, 8 invalid).
- 01
Paste
Drop a receipt JSON, paste a receipt URL, or hit Sample to try one.
- 02
Verify in-browser
Signature check runs locally against the published Ed25519 key. No call to Aqta’s servers in the trust path.
- 03
Read the verdict
Pass, fail, or stale-key, with the specific check that fired and a sharable badge for the audit pack.
Regulator-shaped reading
Receipt fields mapped to the clauses an auditor will quote. Useful before a procurement review.
Article 12. Record-keeping
Identify situations that may present a risk under Art 79(1), facilitate Art 72 post-market monitoring, and monitor operation under Art 26(5). The receipt carries the decision, the inputs hash, the policy applied and the signing key.
Read the mapping →Article 14. Human oversight
Effective oversight by natural persons including the ability to disregard, override or reverse the output. The receipt records whether oversight fired and what the reviewer decided, signed at the time it happened.
Read the mapping →Article 28. ICT third-party register
Register of ICT third-party arrangements with evidence per function. The receipt names the model, the provider, the policy version and the signing key per request. Register row-level evidence, not a vendor dashboard pointer.
Read the mapping →Why this exists
Receipts you have already signed remain verifiable forever.
The open ATTESTATION-v1 spec was published in April 2026 to give regulated organisations a way to prove what their AI did without depending on a vendor dashboard. This page is the public, no-auth surface where anyone can verify any receipt. It works whether you bought Aqta, never bought Aqta, or switched away from Aqta.