local-first and self-hosted

Keep source, data, receipts, and control in your environment.

Certiv Core runs locally. Certiv.org does not accept uploads, create accounts, hold keys, store private receipts, or operate a verification queue. Organizations that deploy a node own its complete control plane.

reference flow

Evidence moves only where you send it.

three deployment surfaces

Available

Local CLI and kernel

Pack and check projects on a trusted workstation or CI runner. Structural kernel validation executes no claim commands unless its explicit execution mode is selected.

Operator-controlled

Read API and verifier worker

Components for a dedicated deployment. The operator must provide workload isolation, authentication, authorization, signing keys, retention, monitoring, backups, and incident response.

Unavailable

Hosted Certiv cloud

No managed SaaS, enterprise tenant, SSO integration, support SLA, custody service, or paid plan is currently offered.

operator checklist

Controls to settle before production use.

  1. Classify every input, receipt, archive, log, and signing key.
  2. Run untrusted claim code only inside a disposable, resource-bounded isolation boundary.
  3. Pin reviewed runtime images by digest and deny ambient network access unless explicitly required.
  4. Define identity, authorization, retention, deletion, backup, and audit-log policies.
  5. Separate author evidence from node verdicts in storage and user interfaces.
  6. Exercise rollback, key rotation, incident response, and restore procedures.