NUCLEUS VERIFY

Certificate Verification

Verify a certificate you received, or see the machine work on code you paste in. Every scan records which tools ran, signs the aggregate, and publishes the entry to a public transparency log.

Have a certificate?

Cert IDs are on your result page and inside your certificate PDF.

Or see it run

Paste a file of code. Nucleus runs Semgrep, Bandit, Gitleaks, OSV-Scanner and a sandboxed compile — then hands you back a signed in-toto attestation you can verify offline. ~5 seconds, no signup.

Open the live demo →

Transparency log  ·  Public keys  ·  Scan a full repo on altermenta.com →

What is a Nucleus Verify certificate?

Cryptographically signed

Every certificate is signed with Ed25519. The signature can be verified independently using the public key at verify.altermenta.com/.well-known/nucleus-pubkey.json

Independently replayable

Every certificate includes a proof pack containing all artifacts needed to replay the verification independently.

Honest scope disclosure

Every certificate explicitly lists what was NOT verified. No false claims of completeness.

Transparency log

Every signed certificate is appended to a hash-chained public log at /transparency-log. Forgery is detectable with a historical snapshot.

Nucleus Verify · Alter Menta Technologies Ltd · altermenta.com