Verify an in-toto Statement SLSA provenance attestation: _type, predicateType, subject SHA-256 digest match, builder.id present, and declared SLSA build level (0–3). Zero network. Second node of the sbom-provenance-attestation chain.
🔒 All inputs are processed locally in your browser. No data is transmitted. Do not enter real personal data — use synthetic or anonymised inputs only.
Scope
Second node of the sbom-provenance-attestation chain (art-135→136→137). Validates that an in-toto SLSA provenance statement is correctly typed, that the subject digest matches the provided artifact SHA-256, and that a builder.id is declared. SLSA build level (0–3) is asserted from input — level ≥2 means two independent parties for the build process, ≥3 adds tamper-resistance for the build platform.