Action Certificate verifier (demo)

Verify a certificate before any write

Paste a JSON Action Certificate to run quick structural checks (policy hash, approvals, signature metadata). For production, wire the @trustplane/sdk verifier or call your preferred COSE library. Learn more in the Action Certificates guide.

Certificate payload

Privacy: Verification runs entirely in your browser; no certificate data is transmitted to TrustPlane.

Checks performed: policy hash equals sha256:9c73…f5a0, approvals include security + finops + data-owner, signatures use COSE_Sign1 with Ed25519.

Production checklist

Perform full COSE signature validation using your HSM-backed key registry.
Match policy_version_hash to an approved boundary in your policy registry.
Emit verification status to Splunk/Datadog using trustplane.certificate_id attributes.
Log failures to your transparency log or revocation list.
Keep Learning Controls (evaluation contracts, drift monitors) aligned with certificate fields.