Verify a receipt

Don't trust us. Re-derive it.

Drop a Compass receipt bundle (JSON) below. Your browser re-runs the same four cryptographic checks the verify-receipt CLI does — no server calls, nothing leaves the page. The same evidence that backs the on-chain audit log.

Receipt bundle JSON

Choose fileor drag-drop a .json file

Expected composeHash

Out-of-band trust anchor. Defaults to Compass' live Phala dstack TDX image. Try sample swaps this to the test-fixture composeHash so the bundled sample verifies cleanly; reset to the default when verifying a real receipt.

What this verifier checks

01 attestationDigest = sha256(canonicalize(receipt))
02 ECDSA.recover(attestationDigest, signature) == signerAddress
03 receipt.quoteCommitment = sha256(perReceiptQuoteHex)
04 extractReportData(quote)[0:32] = sha256(signer || composeHash || receiptId)

Out of scope: Intel DCAP signature-chain verification on the TDX quote itself (use DStack Verifier or Intel QVL externally), and dstack signature_chain validation on the key derivation. Same posture as the Node CLI at enclave/scripts/verify-receipt.ts.