CONTINUOUS INTERNET TELEMETRY24H4,347 material changesacross 3,410 domains · +372 vs yesterdayMOVES47 domains changed DNS providertop destination dns.br · +8 vs yesterdayMOVES12 domains switched email providertop destination 365cool.comTLS14 domains switched issuing CA24h · -1 vs yesterdayNOW9,759 curated domains not answeringlast probe, steadyMOVERgov.brDNS provider changed: gov.br → dns.br24H4,347 material changesacross 3,410 domains · +372 vs yesterdayMOVES47 domains changed DNS providertop destination dns.br · +8 vs yesterdayMOVES12 domains switched email providertop destination 365cool.comTLS14 domains switched issuing CA24h · -1 vs yesterdayNOW9,759 curated domains not answeringlast probe, steadyMOVERgov.brDNS provider changed: gov.br → dns.br
Verify a Connor bundle
Paste any Connor signed bundle below. Every receipt is verified in your browser using the public Ed25519 keys. Nothing is sent to a server. This page works offline once loaded.
Formats: connor.signed-bundle.v1 (full) · connor.signed-bundle-compact.v2 (Merkle rollup) · Algorithm: Ed25519 · Trust model: zero-trust
or paste below
How verification works
  1. Each observation in the bundle includes a receipt_json with a payload, a signature, and the public_key that produced it.
  2. This page calls DRM3Provenance.verifySignature(receipt) from the open-source drm3-provenance WASM SDK loaded with this page.
  3. The SDK reproduces the canonicalized payload, computes its hash, and verifies the signature against the public key.
  4. The page also fetches Connor's published key registry at /.well-known/connor-keys.json and grades every signing key's lifecycle: current keys verify, rotated keys verify for receipts inside their validity window (marked "key since rotated"), and compromised, revoked, or unregistered keys FAIL even when the signature math passes. If the registry is unreachable the result is reported as signature-only.
  5. Want to verify with your own tools? The SDK is at github.com/DRM3Labs/drm3-releases.