Certificate transparency

How registry signatures and fingerprints work.

What is verified

The registry reviews submitted evidence, dates, trail selection, recipient details, and the selected verification level before issue.

What is not claimed

Most certificates are independent evidence-reviewed records. They are not official trail authority certificates unless explicitly marked partner or authority confirmed.

Evidence review

Reviewers check GPS/activity files, photos, stamps, permits, guide or partner confirmation, and clarification replies where needed.

Verification levels

Evidence Reviewed, GPS Evidence Reviewed, Photo + GPS Reviewed, Partner Confirmed, and Authority Confirmed describe exactly what supported the record.

QR verification

Certificate QR codes resolve to the short canonical route /v/{certificateId} and show privacy-safe status metadata.

PDF fingerprint

Each issued PDF is hashed with SHA-256. The certificate shows a short fingerprint while the verification page can display the full hash for transparency.

Registry-signed metadata

Certificate-critical metadata is canonicalized and signed using an Ed25519 registry key. Retired public keys remain available so old records can still be checked.

Revocation and reissue

Revoked and reissued certificates remain verifiable as historical records. Reissued records link to their replacement where public.

Privacy boundary

Verification confirms status, trail, level, fingerprint, and signature state. It never exposes uploaded GPS files, photos, documents, email, payment data, or reviewer notes.

Report concerns

Suspicious certificates, incorrect trail facts, privacy concerns, or officialness disputes can be reported for registry review.

Private beta transparency metrics

Certificates issued
Private beta in progress
Valid
0
Reissued
0
Revoked
0
Partner-confirmed
0
Authority-confirmed
0

Sample safe verification payload

{
  "certificateId": "VHR-EBC-2026-SAMPLE",
  "status": "valid",
  "trailName": "Everest Base Camp Trek",
  "recipientDisplayName": "A.M.",
  "verificationLevel": "GPS Evidence Reviewed",
  "pdfFingerprint": "f9b07490...8cb1",
  "signedMetadataHash": "sample_metadata_hash",
  "signatureValid": true
}

Status and privacy modes

Public status values include valid, revoked, reissued, superseded, and hidden. Public name display can show full name, first name and last initial, initials, private recipient, or a private certificate page.