Seal of Truth
Tamper-proof integrity verification without decryption.
The Seal of Truth is a SHA3-256 content-addressed integrity fingerprint embedded in every .0nv container. It allows anyone to verify that a container has not been tampered with, without needing the decryption key.
The Formula
SHA3-256(header || manifest || sorted_layer_hashes || signatures)headerContainer header bytes including version, flags, and timestamp
manifestLayer index with types, sizes, and encryption parameters
sorted_layer_hashesSHA3-256 hash of each encrypted layer, sorted by layer ID for deterministic ordering
signaturesAll Ed25519 digital signatures from creator and escrow parties
Properties
Content-Addressed
The seal is derived from the container's actual content, not metadata. Two containers with identical content produce identical seals.
Tamper-Evident
Any modification to any byte in the container -- header, layers, signatures, or metadata -- produces a completely different seal.
Public Verification
Verification requires only the container file and the published seal. No decryption keys, no private information, no network access.
Collision Resistant
SHA3-256 provides 128-bit collision resistance. Finding two different containers that produce the same seal is computationally infeasible.
Prior Patent
Patent #63/968,814 — Seal of Truth: Content-Addressed Integrity Verification for Encrypted Containers
Filed: December 2025 | Status: Filed | Inventor: Michael A Mento Jr.
Verification Example
$ 0nmcp vault verify container.0nvComputing Seal of Truth...Seal: a3f8c2d1e9b7...4f6a (SHA3-256)Comparing with embedded seal...VERIFIED: Container integrity confirmed.