{
  "type": "OrgAnchorVerifyIndex",
  "version": "1.0",
  "generated_at": "2026-07-16T17:48:58.806Z",
  "role": "adopting-organization-verify-index",
  "organization": {
    "name": "Northstar Motion Components",
    "display_name": "Northstar Motion Components",
    "description": "Fictional manufacturer used only for the OrgAnchor evidence-interpretation evaluation."
  },
  "statement": {
    "path": "official-endpoints.json",
    "hash": "sha256:bcf05755fadac013f5b032d10505703b986e9255bcbaef0966c921941ab43c5a"
  },
  "signature": {
    "path": "official-endpoints.json.sig",
    "hash": "sha256:5486ec8aa272759ec51b57cbf931ccb56efae4dcfc1a480e1cfefb71d0d0f550"
  },
  "root_authority": {
    "path": "root-authority.json",
    "hash": "sha256:5f9cc31cd32f4c3727c45a5e2552fe0f3615eeb4bbc1606e0f587591e468741a",
    "authority_id": "northstar-root-authority-2026",
    "threshold": {
      "required": 1,
      "total": 1
    }
  },
  "verification": {
    "command": "organchor statement verify --authority root-authority.json --expected-authority-hash sha256:5f9cc31cd32f4c3727c45a5e2552fe0f3615eeb4bbc1606e0f587591e468741a --in official-endpoints.json --sig official-endpoints.json.sig"
  },
  "agent_verification": {
    "contract": "https://organchor.org/specs/agent-verification.v1",
    "contract_version": "1.0",
    "primary_entrypoint": "/.well-known/organchor.json",
    "verify_base_path": "/verify/",
    "artifact_base_path": "/verify/",
    "command": "organchor verify url <organization-url>",
    "compact_command": "organchor verify url <organization-url> --compact",
    "result_type": "OrgAnchorAgentVerificationResult",
    "compact_result_type": "OrgAnchorAgentVerificationCompactResult",
    "trust_decision": "not_assigned_by_organchor",
    "summary": {
      "kind": "signed_organization_verification_index",
      "goal": "Verify organization identity continuity and inspect value evidence with minimal external-agent friction.",
      "identity_root": "root_authority",
      "final_trust_decision": "external_agent_policy",
      "required_identity_checks": [
        "statement_hash",
        "signature_hash",
        "authority_hash",
        "statement_authority_binding",
        "statement_signature_threshold"
      ],
      "optional_value_checks": [
        "claims_manifest",
        "evidence_manifest",
        "claims_evidence_references",
        "value_continuity"
      ],
      "optional_history_checks": [
        "lockfile_hash",
        "lockfile_signature",
        "carrier_receipts",
        "external_anchors"
      ],
      "preferred_first_pass": "compact"
    }
  },
  "visible_proof": {
    "status": "PASS",
    "generated_at": "2026-07-16T17:48:58.806Z",
    "checks": [
      {
        "label": "Official endpoint statement",
        "status": "PASS",
        "detail": "Canonical hash recorded as sha256:bcf05755fadac013f5b032d10505703b986e9255bcbaef0966c921941ab43c5a."
      },
      {
        "label": "Root authority binding",
        "status": "PASS",
        "detail": "Statement root authority hash matches sha256:5f9cc31cd32f4c3727c45a5e2552fe0f3615eeb4bbc1606e0f587591e468741a."
      },
      {
        "label": "Signature threshold",
        "status": "PASS",
        "detail": "1 valid signature(s) found; 1 required."
      },
      {
        "label": "Signature file",
        "status": "PASS",
        "detail": "Detached signature hash recorded as sha256:5486ec8aa272759ec51b57cbf931ccb56efae4dcfc1a480e1cfefb71d0d0f550."
      },
      {
        "label": "Claims manifest",
        "status": "PASS",
        "detail": "Signed claims manifest was included and verified against this root authority."
      },
      {
        "label": "Evidence manifest",
        "status": "PASS",
        "detail": "Signed evidence manifest was included and verified against this root authority."
      },
      {
        "label": "Value continuity report",
        "status": "PRESENT",
        "detail": "Value audit report included with 1 claim(s), 1 evidence-linked claim(s), and 0 unsupported claim(s)."
      },
      {
        "label": "Migration history",
        "status": "NOT_INCLUDED",
        "detail": "No migration history is included in this verify package yet."
      },
      {
        "label": "Carrier receipts",
        "status": "NOT_INCLUDED",
        "detail": "No IPFS, Arweave, OpenTimestamps, or other carrier receipts were included."
      },
      {
        "label": "Lockfile integrity",
        "status": "NOT_INCLUDED",
        "detail": "No signed publication receipt ledger was included."
      }
    ],
    "summary": {
      "statement_signed": true,
      "threshold_met": true,
      "valid_signature_count": 1,
      "required_signature_count": 1,
      "linked_artifact_count": 2,
      "migration_count": 0,
      "carrier_receipt_count": 0,
      "lockfile_status": "NOT_INCLUDED",
      "lockfile_hash": null,
      "lockfile_signed": false
    }
  },
  "agent_review": {
    "overall_status": "PASS",
    "identity_status": "PASS",
    "value_status": "PASS",
    "conformance_status": "FULL_COMPATIBLE",
    "trust_decision": "NOT_ASSIGNED_BY_ORGANCHOR",
    "status_scope": {
      "identity_status": "CRYPTOGRAPHIC_AUTHORITY_AND_CONTINUITY",
      "value_status": "REPORT_INTEGRITY_AND_DECLARED_RELATION_CHECKS",
      "conformance_status": "ORGANCHOR_PROTOCOL_COMPATIBILITY",
      "evidence_sufficiency": "EXTERNAL_POLICY_DECISION",
      "claim_truth": "NOT_PROVEN_BY_ORGANCHOR_STATUS"
    },
    "policy_route": {
      "route": "EXTERNAL_POLICY_REVIEW",
      "guidance": "Verification passed, but external policy still needs to decide whether the evidence is sufficient for the intended purpose.",
      "reasons": [
        "manual_checks_present"
      ]
    },
    "evidence_class_summary": [
      {
        "label": "S1 First-party",
        "status": "PRESENT",
        "count": 1,
        "detail": "Organization-submitted evidence. Useful for scope and integrity, but not independent by itself."
      },
      {
        "label": "S2 Third-party",
        "status": "MANUAL_CHECK_REQUIRED",
        "count": 1,
        "detail": "Organization-submitted third-party material with mechanical route and gap checks."
      },
      {
        "label": "S3 Sampling",
        "status": "NOT_INCLUDED",
        "count": 0,
        "detail": "Random purchase or sampling records. Current tooling checks declared gates; network slot ledgers are future work."
      },
      {
        "label": "S4 Observation",
        "status": "DESIGN_PREVIEW",
        "count": 0,
        "detail": "Real-use or delivery observation. Alpha support is partial and should be treated as a design-preview signal."
      },
      {
        "label": "S5 Challenge",
        "status": "DESIGN_PREVIEW",
        "count": 0,
        "detail": "Public challenge, correction, negative evidence, and historical accountability governance is documented but not implemented as a finished acceptance gate."
      }
    ],
    "next_best_actions": [
      "Request S3 random purchase or sampling support when anti-hand-picked-sample assurance matters.",
      "Route this signed, evidence-linked claim to the consuming agent's external policy; OrgAnchor has not established evidence sufficiency or claim truth.",
      "Bind every evidence item to the exact subject it supports, or mark it as broad organization material.",
      "Review S2 scope and limitations against the consuming agent's own policy; OrgAnchor does not assign final trust.",
      "No S3 sampling evidence is declared; request S3 only if the target purpose requires random sampling or anti-hand-picked-sample support.",
      "No S4 observation evidence is declared; request S4 only if the target purpose requires real delivery, use, support, uptime, or supply-continuity observation."
    ],
    "source_files": [
      "organchor.json",
      "reports/value-continuity-report.json",
      "reports/value-continuity-report.md"
    ]
  },
  "root_continuity": {
    "status": "CURRENT_ROOT_ONLY",
    "current_root_authority": {
      "path": "root-authority.json",
      "hash": "sha256:5f9cc31cd32f4c3727c45a5e2552fe0f3615eeb4bbc1606e0f587591e468741a",
      "authority_id": "northstar-root-authority-2026",
      "threshold": {
        "required": 1,
        "total": 1
      }
    },
    "previous_root_authorities": [],
    "migration_chain": [],
    "historical_verification_rule": "Historical statements use the root authority that signed them.",
    "future_statement_rule": "New statements should be verified against the current root authority unless a later valid migration supersedes it."
  },
  "carrier_receipts": {
    "status": "NOT_INCLUDED",
    "source_lockfile": null,
    "receipts": []
  },
  "lockfile_integrity": {
    "status": "NOT_INCLUDED",
    "note": "No lockfile snapshot was included."
  },
  "value_continuity": {
    "status": "PRESENT",
    "path": "reports/value-continuity-report.json",
    "hash": "sha256:e5996fcb89a62545808b478a53e1ccf90c63a1fd9bd047de3bbe2dd104e36c39",
    "markdown_path": "reports/value-continuity-report.md",
    "markdown_hash": "sha256:ed60b1043e86e7d612c5f81323c6ed2ec76612c57f601e64f09547d8e4dabbf6",
    "summary": {
      "total_claims": 1,
      "self_asserted_claims": 0,
      "evidence_linked_claims": 1,
      "third_party_claims": 1,
      "reproducible_claims": 1,
      "time_proven_claims": 0,
      "unsupported_claims": 0,
      "total_evidence_items": 2,
      "external_evidence_items": 2,
      "first_party_evidence_items": 1,
      "stale_evidence_items": 0,
      "profile_declared_claims": 0,
      "profile_pass_claims": 0,
      "profile_gap_claims": 0,
      "PASS": 27,
      "WARN": 0,
      "FAIL": 0,
      "MANUAL_CHECK_REQUIRED": 4
    },
    "claim_support_summary": {
      "support_levels": {
        "L0_UNSUPPORTED": 0,
        "L1_SIGNED_SELF_CLAIM": 0,
        "L2_HASH_BOUND_EVIDENCE": 0,
        "L3_REPRODUCIBLE_METHOD": 1,
        "L4_INDEPENDENT_ATTESTATION": 0,
        "TIME_OBSERVED": 0
      },
      "risk_gap_count": 1,
      "top_risk_gaps": [
        "Claim subject product:NMC-NA4908 or evidence subject product_model:NMC-NA4908 is unknown; mechanical coverage review is not possible."
      ],
      "next_best_actions": [
        "Route this signed, evidence-linked claim to the consuming agent's external policy; OrgAnchor has not established evidence sufficiency or claim truth.",
        "Bind every evidence item to the exact subject it supports, or mark it as broad organization material."
      ]
    },
    "s2_summary": {
      "effective_s2_count": 1,
      "candidate_unverified_external_material_count": 0,
      "s2_state_counts": {
        "S2_1_GENERIC_ROUTE_PROVIDED": 1,
        "S2_2_VERIFIED_ROUTE_CHECKED": 0,
        "S2_3_ISSUER_BACKED": 0
      },
      "expired_s2_count": 0,
      "broken_s2_anchor_count": 0,
      "manual_check_s2_count": 1,
      "unknown_sample_source_count": 0,
      "unknown_relationship_count": 0,
      "top_s2_gaps": [
        "S2_3 requires issuer-backed signature or issuer-hosted verification. Local audit records this as S2_1 until issuer-backed workflows are implemented."
      ],
      "next_actions": [
        "Review S2 scope and limitations against the consuming agent's own policy; OrgAnchor does not assign final trust."
      ],
      "not_a_trust_decision": true
    },
    "s3_summary": {
      "effective_s3_count": 0,
      "candidate_unverified_sampling_count": 0,
      "s3_state_counts": {
        "S3_1_SAMPLING_ROUTE_PROVIDED": 0,
        "S3_2_CUSTODY_DOCUMENTED": 0,
        "S3_3_INDEPENDENT_TEST_RECORDED": 0
      },
      "organization_selected_sample_count": 0,
      "organization_provided_sample_count": 0,
      "missing_sample_identity_count": 0,
      "missing_claim_binding_count": 0,
      "missing_sample_pool_count": 0,
      "missing_sample_slot_count": 0,
      "missing_finite_policy_count": 0,
      "missing_duplicate_control_count": 0,
      "missing_credential_binding_count": 0,
      "missing_sampling_plan_count": 0,
      "organization_can_choose_samples_count": 0,
      "missing_raw_evidence_reference_count": 0,
      "organization_controlled_storage_count": 0,
      "missing_custody_count": 0,
      "manual_check_s3_count": 0,
      "top_s3_gaps": [],
      "next_actions": [
        "No S3 sampling evidence is declared; request S3 only if the target purpose requires random sampling or anti-hand-picked-sample support."
      ],
      "not_a_trust_decision": true
    },
    "s4_summary": {
      "effective_s4_count": 0,
      "candidate_unverified_observation_count": 0,
      "s4_state_counts": {
        "S4_1_OBSERVATION_SUMMARY_PROVIDED": 0,
        "S4_2_RAW_BUNDLE_AVAILABLE": 0,
        "S4_3_OBSERVER_OR_DIRECTORY_REVIEWED": 0
      },
      "current_window_observation_count": 0,
      "historical_observation_count": 0,
      "raw_bundle_available_count": 0,
      "missing_subject_binding_count": 0,
      "manual_check_s4_count": 0,
      "top_s4_gaps": [],
      "next_actions": [
        "No S4 observation evidence is declared; request S4 only if the target purpose requires real delivery, use, support, uptime, or supply-continuity observation."
      ],
      "not_a_trust_decision": true
    }
  },
  "directory_discovery": {
    "status": "NOT_INCLUDED",
    "trust_boundary": {
      "directory_is_trust_root": false,
      "final_trust_decision": "EXTERNAL_AGENT",
      "records_must_verify_at_origin": true
    },
    "note": "No Directory snapshot was included in this verification index."
  },
  "linked_artifacts": {
    "claims": {
      "path": "claims/product-claims.json",
      "hash": "sha256:98a023ea4502937d257c802b6db9877226a4e6fe091f0862b1986bb8eb540145",
      "signature_path": "claims/product-claims.json.sig",
      "signature_hash": "sha256:bb319fb3db16cd4be5f35386268fc1fe856bd2d7119a36e28ecb0c5d8dc17e74"
    },
    "evidence": {
      "path": "evidence/evidence-manifest.json",
      "hash": "sha256:53a578a8eba28cba0d38a8cd9765f2e741c356affbb9a27bbbb11c66cd25205e",
      "signature_path": "evidence/evidence-manifest.json.sig",
      "signature_hash": "sha256:33d931e4d9293fb4b9a20d864ab6a8bbc4064325ea3dcad5d38e8ec332f041de"
    }
  },
  "migration_history": {
    "status": "NOT_INCLUDED",
    "migrations": []
  },
  "notes": [
    "This index belongs to the adopting organization using OrgAnchor.",
    "This index is not a trust root.",
    "Verify signatures and root authority before trusting endpoint claims."
  ]
}
