Cryptographic payload attestation
TopicFrom the PointSav Documentation
Cryptographic payload attestation is the mechanism by which PointSav edge nodes dynamically prove the integrity of their published text content to any viewer, using client-side SHA-256 hashing so that any auditor can independently verify a disclosure has not been altered in transit.
Cryptographic payload attestation is the mechanism by which PointSav edge nodes dynamically prove the integrity of their published text content to any viewer, using client-side SHA-256 hashing so that any auditor can independently verify a disclosure has not been altered in transit.
Cryptographic payload attestation is the process by which PointSav public-facing edge nodes prove the integrity of their textual content to any viewer without requiring trust in the server delivering the content. To fulfill the platform's DARP (Direct, Auditable, Reproducible, Plain-text) requirements, all public-facing edge nodes dynamically compute and display a SHA-256 hash of their visible language content. Any institutional investor, auditor, or counterparty can independently copy the text, compute the hash locally using any SHA-256 tool, and confirm that the displayed hash matches — proving the content has not been altered between publication and the viewer's screen. The operation runs entirely in the browser, with no server involvement in the hash computation itself, which means the attestation is independent of whether the serving infrastructure is trustworthy. See also cryptographic ledgers and zero-execution routing.
[edit]How It Works
The attestation mechanism uses the native browser crypto.subtle.digest('SHA-256') API:
- Extraction: The JavaScript engine reads the current
innerTextof the visible language block (English or Spanish). - Encoding: The text is encoded into a
Uint8Arrayusing UTF-8 encoding. - Hashing: The encoded array is processed through SHA-256 via
crypto.subtle.digest. - Display: The resulting hexadecimal string is injected live into the sidebar's metadata block, visible alongside the content it attests.
The computation happens at page render time and updates whenever the visible content changes. The hash displayed is always the hash of what the viewer is currently reading, not a cached value from a prior state.
[edit]Security Posture
The attestation is zero-execution-server for the hash computation: the server delivers the JavaScript and the content, but the hash is computed by the browser using only local data. This means:
- A man-in-the-middle attacker who modified the content in transit would produce a hash mismatch that any viewer could detect.
- The serving infrastructure cannot silently substitute different content without breaking the displayed hash.
- Any viewer with a SHA-256 calculator can independently verify the attestation without tools provided by PointSav.
This satisfies the BCSC continuous-disclosure requirement that public disclosures be independently verifiable, and the ADR-07 requirement that the integrity chain for content be externally provable without access to internal infrastructure.
[edit]Applications
Cryptographic payload attestation applies to:
- Public regulatory disclosures displayed on PointSav-operated edge nodes.
- Content wiki articles served at
documentation.pointsav.comwhere integrity verification matters to institutional readers. - Any content surface where a reader needs to confirm they are reading the published version and not an altered copy.
[edit]Limitations
The attestation proves integrity at the moment of viewing — it does not prove the content was published at a specific time or that it has not been legitimately updated since a prior version. For time-stamped proof of prior content states, the WORM ledger architecture (service-fs) and monthly Rekor anchoring provide the complementary mechanism.