the terms you agree to, and what we can and cannot see
Terms, privacy, and policies.
These are the operative terms for certiv. They are written to be read, not to be hidden behind. Where they describe how the system behaves, that behavior is enforced in code you can audit; where they state a commitment, we hold ourselves to it publicly.
Privacy
The website sets no cookies and runs no analytics or third-party scripts. The server keeps ordinary access logs (the page requested and the time) and nothing else. When you submit, we store what you upload: the manuscript, the receipt, the pinned inputs, and, for tier T2, the sealed container. We never sell data, and there is no account, mailing list, or tracking to opt out of.
What we can and cannot see, by tier
T1: everything is public. T2: a verification node has custody of your sealed container only while it re-executes it, under the verification-only license below; the container is never published. T3: we receive only your certificate, never your method. The full trust analysis per tier is on the threat-model page.
Verification-only license (tier T2)
By submitting a sealed container you grant certiv one right and no others: to execute the container in an isolated sandbox for the sole purpose of producing verification verdicts. No right to redistribute, publish, extract, decompile, reverse-engineer, or use your method for any other purpose is granted or implied. You retain all intellectual property. You may set an embargo date, an auto-open date, or neither. The hash commitment recorded at submission is timestamped in the public ledger and serves as priority evidence.
Submission terms
You warrant that you have the right to submit the work and its artifacts and that doing so infringes no one’s rights. Paper text is offered under ordinary preprint terms (CC-BY unless you state otherwise); code retains whatever license you ship with it. A verdict certifies recomputation only: it makes no representation about novelty, significance, correctness of interpretation, data provenance, or ethics. Corrections are new ledger entries, never edits.
Acceptable use, takedown, and abuse
Submissions execute in isolation with no network and no secrets; artifacts identified as malware are removed and reported. Do not submit content you lack the right to distribute, material subject to export control, or anything intended to attack the verification infrastructure. To request correction or takedown of specific content, or to assert a rights claim, write to legal@certiv.org; the request and its resolution are handled as new, visible ledger events rather than silent deletions, consistent with an append-only record.
Security and disclosure
Vulnerability reports and safe-harbor terms are on the security page, machine-readable at /.well-known/security.txt. The platform runs untrusted code by design; the isolation contract that makes that safe is published there.