PriviNet Lumra · ProofPack
Court-ready evidence export
Incident a22c11d5-842f-45bd-9066-cbe428d9a6c6
Generated 2026-07-09T08:29:51.673291 UTC

Incident evidence for Demo Voice Platform (synthetic data)

What this document proves, and what it does not

ProvesThe records below are exactly what was sealed at the stated times: any alteration since then, of even one byte, makes verification fail. Anyone can re-run that check with open tools and no PriviNet involvement.
Does not proveThat the underlying event was observed completely or accurately by the source system, what caused it, who is at fault, or that any tribunal will admit or credit these records. The automated analysis inside is context, not a finding. Authentication under FRE 902(13)/(14) addresses only whether records are what they claim to be.

1. The incident record

Incident IDa22c11d5-842f-45bd-9066-cbe428d9a6c6
Event typevoice.interaction
Event time (UTC)2026-07-09T08:29:51.481884
Received (UTC)2026-07-09T08:29:51.481955
Source typevoice
External referencen/a
Subjectn/a

1b. Conversation record (as supplied by the source platform)

Platformsynthetic_voice_platform
Call / session IDdemo-call-001
Transcript digest (SHA-256)4e4fba031122d30120d7dccb7b6e915756d1824aabdce7daace18fb54d447ab5
Audio digest (SHA-256)792522a13d9005835b836e293f4c9b87963f286ba3ca44bf3d8d302575690f0c
Audio duration (seconds)312
AI participationyes (agent)
Recording notice played (as asserted)yes
AI disclosure played (as asserted)yes
Customer acknowledged (as asserted)yes

This ProofPack verifies the sealed conversation record and its artifact hashes. It does not by itself prove transcript fidelity to the audio, speaker identity, consent legality, or legal admissibility. Consent and disclosure flags are recorded as asserted by the source platform, not verified by PriviNet.

2. Automated analysis (context only)

The analysis section is PriviNet Lumra's automated, ruleset-based classification produced at intake. It is provided for context only. It is not a determination of what occurred, whether any action was or was not required, or who is at fault, and it should not be read as one. The evidentiary value of this ProofPack is that the signed records are authentic and unaltered, which anyone can verify.

Risk score0.0
Urgencyunassessed
Classificationsealed_conversation_record
Escalation requiredFalse
Reasonn/a
Confidence
Second-opinion checknot run
Rulesetvoice_passthrough_v1 0.1.0

This record seals a conversation event supplied by the source platform, represented by transcript and audio hashes and interaction metadata. No automated analysis of conversation content is performed, and Lumra makes no determination of what was said, transcript accuracy, speaker identity, or consent. The evidentiary value is that the sealed record is unaltered and independently verifiable.

3. Proof of integrity

Signing classCloud-signed (PriviNet sealed this event at intake with a non-extractable HSM-held key; the source did not sign it)
Signature statuscloud_signed
Digests recomputed and matchedTrue
Signature validTrue
Checked at (UTC)2026-07-09T08:29:51.673221
Composite record digest (SHA-256)8d6af5028892f5530c9a574211fec0a1bb94e4342a5c26cb242f53a98cd46699
Signing key idkms-1944107aa98ec035
Algorithmecdsa-p256-sha256
Public verification key (hex)04bc55de97e806fbeaf95298588a87cf7f1404640f7b9d359fbbc0f1b2bf408f8be837d1cfa641778a11fd9776be566a2c938b8891d29a7182c15500a05b2e6655

PriviNet production key held in a cloud HSM (non-extractable; not itself a third-party time-stamp or CA anchor)

A manifest signature binds this entire document, not just the inner records: the displayed fields, the signing metadata, and the digests of every included object are covered, so altering anything shown here breaks verification.

Independent timestamp anchor: an RFC 3161 token from https://freetsa.org/tsr fixes this record in time without relying on PriviNet's clock. Verify it with the instructions in the machine data below.

4. How anyone can verify this, without needing PriviNet's servers or cooperation

This ProofPack is self-verifying with open tools and no PriviNet servers.
Hash the objects under canonical_inputs (NOT the human-readable bundle,
which is a display view). Use the canonicalization_spec exactly.
1. Recompute SHA-256 over the canonical JSON of canonical_inputs.normalized_payload, .analysis, and .evidence_window. Confirm each matches
   proof_record.normalized_payload_hash, analysis_hash, and
   evidence_window_hash respectively (an omitted evidence_window means the
   stored evidence_window_hash is null).
2. Recompute the composite: SHA-256 of the UTF-8 string
   'privinet.lumra.v1.event-proof|<payload_hash>|<analysis_hash>|<evidence_window_hash or empty>'.
   Confirm it matches proof_record.event_hash.
3. Verify proof_record.signature over the ASCII bytes of event_hash using
   proof_record.public_key_hex, per proof_record.algorithm:
   - ed25519: 32-byte public key (hex), 64-byte raw signature (hex).
   - ecdsa-p256-sha256: 65-byte uncompressed P-256 public key (hex,
     leading 04), DER-encoded ECDSA signature (hex), message hashed with
     SHA-256 (standard ECDSA verify over the ASCII bytes of event_hash).
A single altered byte in any canonical_inputs object breaks step 1, 2, or 3.

5. Certification template (FRE 902(13)/(14))

For review and signature by your qualified person (IT director, records custodian, or forensic expert). This is a template, not legal advice.

CERTIFICATION OF RECORD GENERATED BY AN ELECTRONIC PROCESS (template pursuant to Federal Rules of Evidence 902(13) and 902(14); for review and signature by a qualified person or records custodian; not legal advice; self-authentication does not guarantee admissibility) I, __________________________ [name], state that I am a qualified person with knowledge of the PriviNet Lumra system that produced the records described below, and I certify the following of my own knowledge: 1. Incident record identifier: a22c11d5-842f-45bd-9066-cbe428d9a6c6 2. Event type and time: voice.interaction at 2026-07-09T08:29:51.481884 (UTC) 3. The record was signed by key_id kms-1944107aa98ec035 using kms_hsm_key (ecdsa-p256-sha256) at 2026-07-09T08:29:51.596231 (UTC). The signing key is held in a cloud hardware security module and is non-extractable from it. This signature attests integrity; it is not itself a third-party time-stamp or certificate-authority anchor. 4. Composite record digest (SHA-256): 8d6af5028892f5530c9a574211fec0a1bb94e4342a5c26cb242f53a98cd46699 5. Public verification key (hex): 04bc55de97e806fbeaf95298588a87cf7f1404640f7b9d359fbbc0f1b2bf408f8be837d1cfa641778a11fd9776be566a2c938b8891d29a7182c15500a05b2e6655 6. The records are copies of data generated by an automated electronic process shown to produce an accurate result, and the digests above identify the records as unaltered. 7. On 2026-07-09T08:29:51.936362 (UTC) the digests were recomputed from the records and the signature was checked; the result was: integrity True, signature_valid True. I declare under penalty of perjury that the foregoing is true and correct. Signature: __________________________ Date: ______________ Title/Role: _________________________

6. Machine-verifiable data (for your technical reviewer)

The exact objects that were hashed, so a reviewer can reproduce every digest byte-for-byte. Hidden when printed.

Show machine data (JSON)
{
  "incident_id": "a22c11d5-842f-45bd-9066-cbe428d9a6c6",
  "canonical_inputs": {
    "normalized_payload": {
      "partner_id": "voice_demo",
      "source_id": "demo-call-001",
      "source_type": "voice",
      "event_type": "voice.interaction",
      "timestamp": "2026-07-09T08:29:51.481884",
      "received_at": "2026-07-09T08:29:51.481955",
      "trigger_timestamp": "2026-07-09T08:29:51.481884",
      "subject_id": null,
      "location": {
        "lat": null,
        "lng": null
      },
      "payload": {
        "partner_id": "voice_demo",
        "platform": "synthetic_voice_platform",
        "platform_call_id": "demo-call-001",
        "session_id": "demo-session-001",
        "event_type": "voice.interaction",
        "timestamp": "2026-07-09T08:29:51.481884",
        "trigger_timestamp": "2026-07-09T08:29:51.481884",
        "transcript_sha256": "4e4fba031122d30120d7dccb7b6e915756d1824aabdce7daace18fb54d447ab5",
        "audio_sha256": "792522a13d9005835b836e293f4c9b87963f286ba3ca44bf3d8d302575690f0c",
        "audio_duration_seconds": 312,
        "participants": [
          {
            "role": "agent",
            "id": "agent-demo-17",
            "speaker_type": "ai"
          },
          {
            "role": "customer",
            "id": "customer-pseudonym-91",
            "speaker_type": "unknown"
          }
        ],
        "ai_participation": {
          "present": true,
          "role": "agent",
          "model_or_vendor": "synthetic-demo"
        },
        "consent": {
          "recording_notice_played": true,
          "ai_disclosure_played": true,
          "customer_acknowledged": true
        },
        "transcript_redacted": true,
        "redaction_note": "Synthetic demo; hashes only, no raw transcript or audio exists."
      },
      "metadata": {
        "platform": "synthetic_voice_platform",
        "platform_call_id": "demo-call-001",
        "session_id": "demo-session-001",
        "transcript_sha256": "4e4fba031122d30120d7dccb7b6e915756d1824aabdce7daace18fb54d447ab5",
        "audio_sha256": "792522a13d9005835b836e293f4c9b87963f286ba3ca44bf3d8d302575690f0c",
        "audio_duration_seconds": 312,
        "participants": [
          {
            "role": "agent",
            "id": "agent-demo-17",
            "speaker_type": "ai"
          },
          {
            "role": "customer",
            "id": "customer-pseudonym-91",
            "speaker_type": "unknown"
          }
        ],
        "ai_participation": {
          "present": true,
          "role": "agent",
          "model_or_vendor": "synthetic-demo"
        },
        "consent": {
          "recording_notice_played": true,
          "ai_disclosure_played": true,
          "customer_acknowledged": true
        },
        "transcript_redacted": true,
        "redaction_note": "Synthetic demo; hashes only, no raw transcript or audio exists."
      },
      "evidence_window": {
        "pre_trigger_window_seconds": null,
        "post_trigger_window_seconds": null,
        "media_digest_trigger": "792522a13d9005835b836e293f4c9b87963f286ba3ca44bf3d8d302575690f0c",
        "proof_window_reference": null
      }
    },
    "analysis": {
      "risk_score": 0.0,
      "urgency": "unassessed",
      "classification": "sealed_conversation_record",
      "explanation": "This record seals a conversation event supplied by the source platform, represented by transcript and audio hashes and interaction metadata. No automated analysis of conversation content is performed, and Lumra makes no determination of what was said, transcript accuracy, speaker identity, or consent. The evidentiary value is that the sealed record is unaltered and independently verifiable.",
      "recommended_action": "None. This is a documentation and integrity record.",
      "confidence": 0.0,
      "watcher_score": 0,
      "escalation_required": false,
      "escalation_reason": null,
      "secondary_ai_status": "not_needed",
      "ruleset_name": "voice_passthrough_v1",
      "ruleset_version": "0.1.0",
      "analysis_version": "0.1.0"
    },
    "evidence_window": {
      "pre_trigger_window_seconds": null,
      "post_trigger_window_seconds": null,
      "evidence_window_start": null,
      "evidence_window_end": null,
      "proof_window_available": false,
      "proof_window_policy": null,
      "proof_window_reference": null,
      "media_digest_pre": null,
      "media_digest_trigger": "792522a13d9005835b836e293f4c9b87963f286ba3ca44bf3d8d302575690f0c",
      "media_digest_post": null
    }
  },
  "canonicalization_spec": "Canonical JSON, matching the producer exactly: json.dumps(obj, sort_keys=True, separators=(',', ':'), ensure_ascii=False), encoded UTF-8. datetimes are ISO-8601 strings as already serialized in canonical_inputs. Hash each canonical_inputs object exactly as given; do not re-map or reorder.",
  "proof_record": {
    "id": "1ec89bec-4904-4fa2-a792-0b2f885372cc",
    "event_hash": "8d6af5028892f5530c9a574211fec0a1bb94e4342a5c26cb242f53a98cd46699",
    "normalized_payload_hash": "a36b1db263767923dd7c34f5e2cf06d0ba9dc8a493e50d34b62e7fa4bf56bdda",
    "analysis_hash": "c6f604025247c8a12f500bb61a1d6cc0e1593af6c84445c37f8e7411dedd520a",
    "evidence_window_hash": "920123b3f7c79a75c89dcb8dcc262b27b9ad90184cc064cf7f851a2a1ee4f281",
    "signature": "3044022010f435aa587015e4ac36a475ad4dedf15aa06ffb7f2fe99e494d30244df4fead02207c7c3654a27df8663081263a600fc4272bc4fb12e6ded04f932be5c22fe67e05",
    "signer_type": "kms_hsm_key",
    "key_id": "kms-1944107aa98ec035",
    "public_key_hex": "04bc55de97e806fbeaf95298588a87cf7f1404640f7b9d359fbbc0f1b2bf408f8be837d1cfa641778a11fd9776be566a2c938b8891d29a7182c15500a05b2e6655",
    "algorithm": "ecdsa-p256-sha256",
    "signed_at": "2026-07-09T08:29:51.596231",
    "proof_mode": "cloud_signed",
    "raw_payload_hash": "7276c2d093cbb6d207efe0793fbce188a29047225ff56c816206518347238167",
    "hash_context": "privinet.lumra.v1.event-proof",
    "signer_note": "PriviNet production key held in a cloud HSM (non-extractable; not itself a third-party time-stamp or CA anchor)"
  },
  "manifest": {
    "manifest_version": "2",
    "incident_id": "a22c11d5-842f-45bd-9066-cbe428d9a6c6",
    "generated_at": "2026-07-09T08:29:51.673291",
    "event_hash": "8d6af5028892f5530c9a574211fec0a1bb94e4342a5c26cb242f53a98cd46699",
    "key_id": "kms-1944107aa98ec035",
    "signer_type": "kms_hsm_key",
    "algorithm": "ecdsa-p256-sha256",
    "public_key_hex": "04bc55de97e806fbeaf95298588a87cf7f1404640f7b9d359fbbc0f1b2bf408f8be837d1cfa641778a11fd9776be566a2c938b8891d29a7182c15500a05b2e6655",
    "signed_at": "2026-07-09T08:29:51.596231",
    "signing_class": "Cloud-signed (PriviNet sealed this event at intake with a non-extractable HSM-held key; the source did not sign it)",
    "canonical_inputs_sha256": "7db198cdada27ab5891dce3f12d089d3bb9db3d9955e3ee571036f80c0248765",
    "bundle_sha256": "319163c948c2c2d249df19d233e1dabecaaed07bf8024beaef460ce7c1065361",
    "timestamp_anchor_status": "anchored",
    "timestamp_anchor_imprint_sha256": "0ae76832218755121910ba2e73e9a6334033cf7e8eddc50880278f066891b8f7"
  },
  "manifest_signature": {
    "signs": "sha256 hex of the canonical JSON of `manifest`",
    "manifest_digest": "91529535b64ee5b5d6ec69aaf1717f984c18aeef9850fc234eabf1cb79d8e3d8",
    "signature": "30440220552443a0af6bee716eb3e452356fccd8fa1ad3d7f50c3ca8604978a213082f9a02200f9a021a043278d35f0636bf6bbead629ca56a10d384f5a5128ce7709172c074",
    "key_id": "kms-1944107aa98ec035",
    "public_key_hex": "04bc55de97e806fbeaf95298588a87cf7f1404640f7b9d359fbbc0f1b2bf408f8be837d1cfa641778a11fd9776be566a2c938b8891d29a7182c15500a05b2e6655",
    "algorithm": "ecdsa-p256-sha256"
  },
  "timestamp_anchor": {
    "status": "anchored",
    "standard": "RFC 3161",
    "authority": "https://freetsa.org/tsr",
    "authorities_tried": [
      "https://freetsa.org/tsr"
    ],
    "hashed_field": "sha256 of the ASCII bytes of event_hash",
    "imprint_sha256": "0ae76832218755121910ba2e73e9a6334033cf7e8eddc50880278f066891b8f7",
    "obtained_at": "2026-07-09T08:29:51.673326",
    "token_der_base64": "MIISFjADAgEAMIISDQYJKoZIhvcNAQcCoIIR/jCCEfoCAQMxDzANBglghkgBZQMEAgMFADCCAYYGCyqGSIb3DQEJEAEEoIIBdQSCAXEwggFtAgEBBgQqAwQBMDEwDQYJYIZIAWUDBAIBBQAEIArnaDIhh1USGRC6LnPppjNAM89+jt3FCIAnjwZokbj3AgQGEQlkGA8yMDI2MDcwOTA4Mjk1MVoBAf+gggETpIIBDzCCAQsxETAPBgNVBAoMCEZyZWUgVFNBMQwwCgYDVQQLDANUU0ExdjB0BgNVBA0MbVRoaXMgY2VydGlmaWNhdGUgZGlnaXRhbGx5IHNpZ25zIGRvY3VtZW50cyBhbmQgdGltZSBzdGFtcCByZXF1ZXN0cyBtYWRlIHVzaW5nIHRoZSBmcmVldHNhLm9yZyBvbmxpbmUgc2VydmljZXMxGDAWBgNVBAMMD3d3dy5mcmVldHNhLm9yZzEkMCIGCSqGSIb3DQEJARYVYnVzaWxlemFzQG1haWxib3gub3JnMRIwEAYDVQQHDAlXdWVyemJ1cmcxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZCYXllcm6ggg5nMIIGYDCCBEigAwIBAgIJAMLphhYNqOnNMA0GCSqGSIb3DQEBDQUAMIGVMREwDwYDVQQKEwhGcmVlIFRTQTEQMA4GA1UECxMHUm9vdCBDQTEYMBYGA1UEAxMPd3d3LmZyZWV0c2Eub3JnMSIwIAYJKoZIhvcNAQkBFhNidXNpbGV6YXNAZ21haWwuY29tMRIwEAYDVQQHEwlXdWVyemJ1cmcxDzANBgNVBAgTBkJheWVybjELMAkGA1UEBhMCREUwHhcNMjYwMjE1MTk0NDIyWhcNNDAwMjAyMTk0NDIyWjCCAQsxETAPBgNVBAoMCEZyZWUgVFNBMQwwCgYDVQQLDANUU0ExdjB0BgNVBA0MbVRoaXMgY2VydGlmaWNhdGUgZGlnaXRhbGx5IHNpZ25zIGRvY3VtZW50cyBhbmQgdGltZSBzdGFtcCByZXF1ZXN0cyBtYWRlIHVzaW5nIHRoZSBmcmVldHNhLm9yZyBvbmxpbmUgc2VydmljZXMxGDAWBgNVBAMMD3d3dy5mcmVldHNhLm9yZzEkMCIGCSqGSIb3DQEJARYVYnVzaWxlemFzQG1haWxib3gub3JnMRIwEAYDVQQHDAlXdWVyemJ1cmcxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZCYXllcm4wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASiFeGhstbLhxix0o4UAumNSwHUUlOe3DBvs8fYs580wADW59oqGSCx15bp61TSmXkwLm1JW48XnbLLizP6ZtjcvshV3H9uz2bS53sgDXhg1wLbIhAtraC+fHCytHeuVaujggHmMIIB4jAJBgNVHRMEAjAAMB0GA1UdDgQWBBQVwL0m69RdgtFdkyYxL+9wsotGXjAfBgNVHSMEGDAWgBT6VQ2MNGZRQ0z357OnbJWveuaklzALBgNVHQ8EBAMCBsAwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwgwbAYIKwYBBQUHAQEEYDBeMDMGCCsGAQUFBzAChidodHRwOi8vd3d3LmZyZWV0c2Eub3JnL2ZpbGVzL2NhY2VydC5wZW0wJwYIKwYBBQUHMAGGG2h0dHA6Ly93d3cuZnJlZXRzYS5vcmc6MjU2MDA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vd3d3LmZyZWV0c2Eub3JnL2NybC9yb290X2NhLmNybDCByAYDVR0gBIHAMIG9MIG6BgMrBQgwgbIwMwYIKwYBBQUHAgEWJ2h0dHA6Ly93d3cuZnJlZXRzYS5vcmcvZnJlZXRzYV9jcHMuaHRtbDAyBggrBgEFBQcCARYmaHR0cDovL3d3dy5mcmVldHNhLm9yZy9mcmVldHNhX2Nwcy5wZGYwRwYIKwYBBQUHAgIwOxo5RnJlZVRTQSB0cnVzdGVkIHRpbWVzdGFtcGluZyBTb2Z0d2FyZSBhcyBhIFNlcnZpY2UgKFNhYVMpMA0GCSqGSIb3DQEBDQUAA4ICAQBrMVS/YfnfMr0ziZnesBUOrDNRrNNgt3IgMNDwNhwl6oKWHVIhlYnM/5boljfbpZTAbqvxHI3ztT0/swxQOqTat5qBJRAY/VH1n/T4M9uDjSuu3qfh0ZH5PL9ENqoVW44i5NT/znQev2MGXOAHwz9kZwwzz9MFX6hbGhBqWa+nlAqb7Y72KFzj33m1OVHxV2Wl4YD9f91bZTFpUEGW4Ktbkmxpf/iGIPaf4WHpoBW/O6EzofMKYlz4yXyEBh0wRRVyXltLrj+MFHqhe+PsMBllq/dCaO4W/F+AuHElu7aUYWMASelphWAJiUsNMr5HAoeCSSgilqf1CSoWC+k6e4334Fym+Iy4csMex+PG4rSdqXJVQ+AWEdRajSPKh7yDfpNkdnO6yqQJ/tSd11XQ5cL0M9jWuCD1zHlgA+u+R2cry3yo23jD7qTGLhZqUvXCyWigH30/Q/RXjjDwrc4DJiQ+gRY0FhdTYqlvgMBPr4LcJKnNksivdj+kbz7bVSbrBAzRiazK9l841/5XMtP9BvD0hKCpQFvP9PSgCC8EQnKqgSe26FSJBaAQcA5TnK8NF4jkbElBxf/zyh7P3IjHso35jtgUWD1/itg9BJWbYUwJ4tfILpB2F0wbk1GcZDCDZoyW3Xf3trApz/Zd93gF3joc9Hh9RFveKRzWQ7ddUt3egTCCB/8wggXnoAMCAQICCQDB6YYWDajpgDANBgkqhkiG9w0BAQ0FADCBlTERMA8GA1UEChMIRnJlZSBUU0ExEDAOBgNVBAsTB1Jvb3QgQ0ExGDAWBgNVBAMTD3d3dy5mcmVldHNhLm9yZzEiMCAGCSqGSIb3DQEJARYTYnVzaWxlemFzQGdtYWlsLmNvbTESMBAGA1UEBxMJV3VlcnpidXJnMQ8wDQYDVQQIEwZCYXllcm4xCzAJBgNVBAYTAkRFMB4XDTE2MDMxMzAxNTIxM1oXDTQxMDMwNzAxNTIxM1owgZUxETAPBgNVBAoTCEZyZWUgVFNBMRAwDgYDVQQLEwdSb290IENBMRgwFgYDVQQDEw93d3cuZnJlZXRzYS5vcmcxIjAgBgkqhkiG9w0BCQEWE2J1c2lsZXphc0BnbWFpbC5jb20xEjAQBgNVBAcTCVd1ZXJ6YnVyZzEPMA0GA1UECBMGQmF5ZXJuMQswCQYDVQQGEwJERTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALYCjg4wMvERENlkzalLnQJ44ZQq6ROqpZkHzaaXk5lb2ax+M7rZ/jcE2hwBqY0hr+P1kaWdcGdwUWeZj1AWci4KtGKyH0ORcdLPzEWT83Na95SlqzEfbAEMeJjeM9dcRRDudvS9HRSYzxfTA/BqXdn3lsxsqbZXpW/j6k/vvnzmtqGNPjWjDO5f8XDRzzmjM9P9qJZNIttoWynlYb6JDwqoRYc7LoSrJquDn/6PrenSO7MeYdJzzJuIBkkYX6vs+gU0YAq6kBthTi6FRYLeoiJvwZzX31K+1Q2Hd82ZiMBTo/x9wyh6BopP8StxPNmANmbpVThUVv84+AKYz2uThW6SJHdKZs8c3RHC+O/YUgPXRYslZksT7WOc3tT/gRPWzFNT0nKUc8PDBxV8ciqltd0L+y1sOLG5N0nIgexgAm0IlRs4JL1xusvORzrr1jbwuRi0osj/RpTwdFevLW8c+CVU0XcP15/10xTc0QTN3KvJQTgFbfzwF+frhXL9UvcBRPGI2gX1gj9Y3QYpfnOHvtLXcsE9qCZmAQRf5BLdcJhsDJh7pzRLkDc4dRbSWOeIW1H4lot/JgEhO8TLTIX4/wuEr2qYgzfN+4GGj37PMdymcW1+wt2ALBZyYp5cAFLLNX3Smq/EP2FbOx/51OHOCMccc+H+u33FajNiEynp7WwjAgMBAAGjggJOMIICSjAMBgNVHRMEBTADAQH/MA4GA1UdDwEB/wQEAwIBxjAdBgNVHQ4EFgQU+lUNjDRmUUNM9+ezp2yVr3rmpJcwgcoGA1UdIwSBwjCBv4AU+lUNjDRmUUNM9+ezp2yVr3rmpJehgZukgZgwgZUxETAPBgNVBAoTCEZyZWUgVFNBMRAwDgYDVQQLEwdSb290IENBMRgwFgYDVQQDEw93d3cuZnJlZXRzYS5vcmcxIjAgBgkqhkiG9w0BCQEWE2J1c2lsZXphc0BnbWFpbC5jb20xEjAQBgNVBAcTCVd1ZXJ6YnVyZzEPMA0GA1UECBMGQmF5ZXJuMQswCQYDVQQGEwJERYIJAMHphhYNqOmAMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly93d3cuZnJlZXRzYS5vcmcvcm9vdF9jYS5jcmwwgc8GA1UdIASBxzCBxDCBwQYKKwYBBAGB8iQBATCBsjAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5mcmVldHNhLm9yZy9mcmVldHNhX2Nwcy5odG1sMDIGCCsGAQUFBwIBFiZodHRwOi8vd3d3LmZyZWV0c2Eub3JnL2ZyZWV0c2FfY3BzLnBkZjBHBggrBgEFBQcCAjA7GjlGcmVlVFNBIHRydXN0ZWQgdGltZXN0YW1waW5nIFNvZnR3YXJlIGFzIGEgU2VydmljZSAoU2FhUykwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8vd3d3LmZyZWV0c2Eub3JnOjI1NjAwDQYJKoZIhvcNAQENBQADggIBAGivfr+ThWLvTOs7WAvi+vbMNaJncpYvPZWQH6VjDIfQkZiYTOigajP4qcKC7Z8csRrGwj4XEI7k785vspTelcEzJiJVclUiymGXHUo7f3glDfuNSu7A+xlZsWQQBSC5wQ5kxiZi5K1NCrriKY/JSPxOmejZ5rj9vkQEEh7HwUIurLLJ1zKOBzluYLTzu4A61KVVyA/vtT+F53ZKCp+0r8OZ9M0vX79YcQXGCBzz0FM3trt9GwELdJ9IiMkS82lrobaQLXe338BGwEoMwexPjRheLaVd+3vCogNsYhkkak+Z3btvH4KTmPO4A9wK2Q3LWb70wnx3QEuZBDt4JxhnmRFSw5nxLL/ExiWtwJY1WuRONCEA7FF6UC4vBvlAuNQ1mbvBFU+K52GgsNVV+0oTkdTzQgr42/EvLX3bnXfc4VN4BAdK8XXk8tbVWzS11vfcvdMXMK9WSA1MDP8UP56DvBUYZtC6Dwu9xH/ieGQXa71sGrhd8yXt93eIm8RHG/P6c+VsxZHosWDNp7B4ah7ASsOyT6LijV0Z5eSABNXhZqg8guxv1U+zheuvcTOoW1LeRttSROHDSujTbnEvn84NST19Pt1YbGGY4+w+bpY0b0F6yfIh4K/zOo9qCx70wCNjC3atqo2RQzgl7MQcSaW5ixgcfaMOmXq5VMc8LNgFr9qZMYIB7TCCAekCAQEwgaMwgZUxETAPBgNVBAoTCEZyZWUgVFNBMRAwDgYDVQQLEwdSb290IENBMRgwFgYDVQQDEw93d3cuZnJlZXRzYS5vcmcxIjAgBgkqhkiG9w0BCQEWE2J1c2lsZXphc0BnbWFpbC5jb20xEjAQBgNVBAcTCVd1ZXJ6YnVyZzEPMA0GA1UECBMGQmF5ZXJuMQswCQYDVQQGEwJERQIJAMLphhYNqOnNMA0GCWCGSAFlAwQCAwUAoIG4MBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAcBgkqhkiG9w0BCQUxDxcNMjYwNzA5MDgyOTUxWjArBgsqhkiG9w0BCRACDDEcMBowGDAWBBRIH9U8U004QYDAKGUZoDb5iFRHZjBPBgkqhkiG9w0BCQQxQgRAEV8R5TvNr4HHt9CkZIA4TX1YSaVu45VdYicoq8lzE96eKR196B/aKNjaSFR+uASZruXy8Gyl077d1Qi3qRnvvTAKBggqhkjOPQQDBARoMGYCMQCB2m68c6CG1VAYGL2dNT2jSLQils/wJZBj82JuORaR+IGf9n9qEmF54R9/GNuvRpQCMQCIipNusXYgMYPA0dVRTfk2bsiQCutkOJQSkZ/u1EhnKGmU3rVEEsCPImjhqiKBMS0=",
    "verify_instructions": "This is a standard RFC 3161 timestamp response over sha256(event_hash). Decode token_der_base64 to a .tsr file and verify with the authority's certificate: openssl ts -verify -data <file-with-event_hash> -in token.tsr -CAfile <authority-ca.pem>. A valid token proves this event_hash existed no later than the token's time, independent of PriviNet."
  },
  "verification": {
    "intact": true,
    "components": {
      "normalized_payload": true,
      "analysis": true,
      "evidence_window": true,
      "composite": true
    },
    "recomputed_event_hash": "8d6af5028892f5530c9a574211fec0a1bb94e4342a5c26cb242f53a98cd46699",
    "stored_event_hash": "8d6af5028892f5530c9a574211fec0a1bb94e4342a5c26cb242f53a98cd46699",
    "signature_status": "cloud_signed",
    "signature_valid": true,
    "checked_at": "2026-07-09T08:29:51.673221"
  }
}
Verification of these records is free and requires no PriviNet servers. This assembled, certification-ready ProofPack is a paid deliverable. Records are signed with PriviNet's published signing key (directory at privinet.net/keys.txt; the production key is held in a cloud HSM and is non-extractable); a manifest signature binds the entire document, and an independent timestamp anchor, when present, fixes the record in time without relying on PriviNet's clock. The analysis section is an automated classification, not a determination of fact or liability. Self-authentication under FRE 902(13)/(14) is effected through a qualified person's written certification and does not by itself guarantee admissibility.