Verify a record
An AAR verifies standalone — no call to any issuer or registry. You need only the signer's
public key, resolved over did:web.
The procedure
1. Remove `sig`, canonicalize the record (JCS / RFC 8785). 2. Resolve `sig.by` → public key (did:web → https://<domain>/.well-known/did.json). 3. Ed25519-verify `sig.value` over the canonical bytes. ✓ untampered + who signed. 4. (optional) Get the check preimage from the issuer, recompute `checks[].response_sha256`, re-run the query → confirm the verdict yourself.
With the reference tool
node tools/aar.mjs verify record.json # resolves did:web, checks the signature, reports the conformance level # verify a bundled vector offline: node tools/aar.mjs verify specs/fixtures/valid/helpdesk-ack.json \ --did-json specs/fixtures/.well-known/did.json # [✓] L0 Ed25519 signature valid # [✓] L1 ground_truth=confirmed · evidence committed (1 check) # [✓] L2 independent verifier (id != subject) # → conformance: L2
What each level proves
| Level | You can rely on… |
|---|---|
| L0 | the record is untampered and you know who signed it. |
| L1 | the verdict's basis is committed: an authorized party can re-run the same check. |
| L2 | the verifier is not the agent — no self-grading. Independence is disclosed. |
| L3 | the record can't be retroactively rewritten even if the signer's domain is later compromised. |