Proof Gallery is the public verification demo in the Assay ecosystem.
This gallery contains synthetic but real Assay artifacts. Each scenario is generated by the actual toolchain and can be verified locally with the public CLI.
Use this repo when you want to see, verify, and demo real proof artifacts without first instrumenting your own codebase. It is the fastest no-integration way to understand what Assay produces across tutorial proofs, engineering verification, reviewer packets, and regulatory/control mappings.
# macOS / Linux
python3 -m pip install assay-ai# Windows
py -m pip install assay-aiassay verify-pack ./gallery/01-fintech-pass/proof_pack # exit 0 — PASS
assay verify-pack ./gallery/02-insurance-honest-fail/proof_pack \
--require-claim-pass # exit 1 — HONEST FAIL
assay verify-pack ./gallery/03-tamper-demo/tampered # exit 2 — TAMPERED
assay verify-pack ./gallery/04-mcp-notary-proxy/proof_pack # exit 0 — MCP NOTARY
assay reviewer verify ./gallery/05-reviewer-packet-gaps/reviewer_packet # VERIFIED_WITH_GAPS
assay reviewer verify ./gallery/06-naic-aiset-mapping/reviewer_packet # VERIFIED_WITH_GAPSNo account. No API call. No vendor-hosted logs or vendor dashboard required.
No install at all? Verify any proof pack in your browser — client-side only, nothing uploaded.
| Exit | Verdict | What it means |
|---|---|---|
0 |
PASS | Integrity intact, all declared claims pass |
1 |
HONEST FAIL | Pack intact, behavioral claims failed — sealed, cannot be rewritten |
2 |
TAMPERED | Evidence bytes altered after signing — integrity broken |
Exit 1 is not tool failure. It is the tool working correctly to report that the AI system did not meet its own declared standards.
See GALLERY_VOCABULARY.md for the full vocabulary and what verification does and does not prove.
| Class | Scenarios | Role |
|---|---|---|
tutorial_demo |
01, 03 | Small tactile proof: pass, tamper, and verification basics |
engineering_verification |
02, 04 | Honest-fail and MCP/tool-use verification for engineering teams |
reviewer_packet |
05 | Canonical buyer/reviewer packet with explicit scope and gaps |
regulatory_control_mapping |
06 | Canonical compliance/control mapping packet (NAIC AISET example) |
All evidence present, all claims pass. 5 receipts: 3 model calls, 1 guardian verdict, 1 capability use. Ed25519 signature valid, all hashes match.
| Field | Value |
|---|---|
| Verification | PASS |
| Proves | Evidence integrity intact; declared behavioral claims satisfied |
| Does not prove | AI behavior was correct; signer is authorized; evidence was honestly created |
Evidence intact, declared coverage claim fails. The run recorded 3 receipts; the run-card required 10. The failure is sealed at runtime — it cannot be edited after signing.
This is the most important scenario: honest failure is audit gold. The evidence proves the system violated its own declared standard, and that proof cannot be altered.
| Field | Value |
|---|---|
| Verification | HONEST_FAIL |
| Proves | Evidence integrity intact; behavioral claim failure is sealed and verifiable |
| Does not prove | Why the claim failed; whether the failure matters for your use case |
→ gallery/02-insurance-honest-fail/
A clean proof pack, then one byte changed in receipt_pack.jsonl. The
verifier returns exit 2. The manifest and signature are untouched — the
SHA-256 mismatch is all that is needed to detect the tamper.
| Field | Value |
|---|---|
| Verification | TAMPERED |
| Proves | Evidence bytes were altered after signing; integrity is broken |
| Does not prove | Who tampered; when; whether the original was correct |
An AI agent calls three MCP tools — weather, inventory, risk — through the Assay MCP Notary Proxy. Every tool call is receipted with arguments, results, timing, and server identity. The proof pack is signed and verifiable without trusting the agent, the tool server, or the platform.
| Field | Value |
|---|---|
| Verification | PASS |
| Proves | Tool call evidence was receipted and integrity is intact |
| Does not prove | Tool responses were correct; agent reasoning was sound |
→ gallery/04-mcp-notary-proxy/
This is the canonical buyer/reviewer packet example. The nested proof pack
verifies cleanly, but the reviewer settlement is VERIFIED_WITH_GAPS because
coverage inside the declared workflow boundary is intentionally partial.
| Field | Value |
|---|---|
| Verification | VERIFIED_WITH_GAPS |
| Proves | Another team can verify the packet offline, see what is in scope, and see what remains partial |
| Does not prove | Legal compliance; full production-path coverage; cryptographic attestation of the unsigned packet manifest |
→ gallery/05-reviewer-packet-gaps/
This is the canonical buyer/compliance example. A reviewer packet maps insurance-specific AISET questions to proof-pack evidence and makes the line between machine-proven, human-attested, partial, and out-of-scope claims explicit.
| Field | Value |
|---|---|
| Verification | VERIFIED_WITH_GAPS |
| Proves | A control/questionnaire mapping can be grounded in signed runtime evidence without pretending every control is machine-proven |
| Does not prove | NAIC compliance, legal sufficiency, or regulator endorsement |
→ gallery/06-naic-aiset-mapping/
Browser (zero install): haserjian.github.io/assay-proof-gallery/verify.html — drop a proof pack folder, get a verdict. Client-side SHA-256 + Ed25519. Nothing leaves your browser.
CLI: Clone this repo and run:
git clone https://github.com/Haserjian/assay-proof-gallery
cd assay-proof-gallery
python3 -m pip install assay-ai # on Windows: py -m pip install assay-ai
# Check all scenarios against the contract
python scripts/check_gallery.py --verboseOr rebuild from scratch:
python scripts/build_gallery.pyEach scenario is generated by assay run, assay demo-challenge,
assay mcp-proxy, or the reviewer-packet compiler using synthetic agents and
checked-in packet inputs that produce schema-valid receipts without real API calls.
The resulting proof packs are signed with Ed25519 and committed to this repo.
CI verifies the committed artifacts on every push. If a scenario stops returning its expected exit code or expected reviewer settlement, CI fails.
The gallery does not use screenshots, mock data, or post-hoc report generation. The artifacts are the product.
Gallery packs (scenarios 01, 02, 03/good) are anchored in the
Assay public ledger with
witness_status: signature_verified. The ledger records each pack's fingerprint,
integrity result, and claim result as an independent, append-only witness.
| Scenario | pack_root_sha256 | claim_check |
|---|---|---|
| 01 | 6e6b34e48dd13ae0... |
PASS |
| 02 | d2dfa04aed0697cf... |
FAIL (honest) |
| 03/good | d664115a7aaaedfb... |
PASS |
The tampered variant of scenario 03 is not submitted. The ledger anchors the authentic pack; the tampered copy demonstrates local integrity detection against that anchored baseline.
| Repo | Role |
|---|---|
| assay | Core CLI + SDK (canonical source) |
| assay-verify-action | GitHub Action for CI verification |
| assay-ledger | Public transparency ledger |
| assay-proof-gallery | Live demo packs (this repo) |
Walkthrough · Web Verifier · PyPI · Assay repo · CI runs