GeoClear Offline Receipt Verifier

This page verifies an Evidence Bundle entirely in your browser. No network calls during verification, once the 3 inputs below are loaded, GeoClear's servers play no role in the result. Disconnect your WiFi after loading the files and the verification still works.

✓ Bundle received from the Drone Dispatch demo. The 3 inputs below were auto-filled with the receipt that was just minted in the demo. Verification is running automatically, scroll down to see the result panel. To re-test with the same bundle, click Verify offline at the bottom.
What this verifies: that the Evidence Bundle GeoClear issued has not been tampered with and was signed by a GeoClear trust-boundary key. It does NOT verify the underlying real-world fact (e.g. whether a drone really flew where the bundle claims), only that the bundle is cryptographically intact and authentically signed.
1. Drop the 3 files from your Evidence Bundle ZIP

Unzip the bundle you downloaded (the ZIP from the Drone Dispatch demo, or any GeoClear Evidence Bundle). Drop each of the 3 files into the matching slot below, or paste the contents directly.

What it is: the cryptographically signed receipt itself, a single line of base64-url-encoded text (a "JWS Compact"). It contains the timestamp, the signing-key identifier, and a SHA-256 hash of the canonical payload. What we verify: the signature is valid against the public key in the verification material (slot 3).
What it is: the exact JSON bytes that the receipt's signature commits to. For drone dispatch this captures the dispatch_id, the 4 Merkle leaves (corridor + camera frame + custody handoff + LAANC clearance), and the issuance time. What we verify: the SHA-256 hash of these bytes matches the resp_hash claim inside the receipt. If a single byte was tampered with after issuance, the hash diverges and verification rejects.
What it is: GeoClear's published public-signing-key set in JWKS format, a JSON object with a keys array, each entry naming a kid (key id) and the public key material. Where to get it: the bundle includes a snapshot, OR fetch the current set from /.well-known/jwks.json. What we verify: the receipt's kid matches an entry in this set, and the signature checks out against that entry's public key.
2. Advanced (optional), key-transparency manifest

Skip this section for the drone-dispatch demo. The optional manifest binds the public-key set to a cosign-signed commit so reviewers can cross-check that the keys shipped with the bundle match what GeoClear actually published at issuance time.

Show optional manifest fields

What this page does not do. It does not fetch from the internet during verification. It does not determine whether the underlying flood, census, address, or operational data is correct. It verifies the relationship between the customer-held receipt, retained evidence, and verification material loaded by the reviewer.

Reference verifier package and verification-material documentation are available for qualified technical reviewers.