Audit lineage
Miombo binds calculated outputs to canonical JSON manifests. Each manifest is hashed with SHA-256, signed using ECDSA P-256 and stored with a pointer to the preceding manifest when it supersedes an earlier result.
Manifest controls
- Canonical serialization produces deterministic bytes for identical inputs.
- The SHA-256 digest is the manifest's stable identifier.
- The signature binds the canonical bytes to a published signing key.
- The methodology name, version and methodology-pack reference are part of the signed body.
- Restatements append a new manifest and retain the preceding reference; signed history is not rewritten.
Verification surface
The public API provides:
| Endpoint | Purpose |
|---|---|
GET https://api.miombolabs.com/audit/manifest/{hash} | Retrieve the manifest, canonical bytes and signature. |
GET https://api.miombolabs.com/audit/manifest/{hash}/verify | Run server-side signature and key-window verification. |
GET https://api.miombolabs.com/audit/manifest/{hash}/chain | Walk the append-only predecessor chain. |
GET https://api.miombolabs.com/audit/keys.pem | Retrieve active and retired public verification keys. |
GET https://api.miombolabs.com/audit/methodology/{name}/{version} | Retrieve the registered methodology record. |
Assurance boundary
Cryptographic verification establishes that the canonical content has not changed and was signed by the identified key. It does not independently establish that an upstream observation was complete, correctly geolocated or fit for a particular decision. Those controls remain part of evidence review and assurance scope.