A lightweight toolkit for creating verifiable evidence bundles, designed for workflows where file integrity and reproducibility matter.
Create and verify reproducible evidence bundles using a simple CLI workflow.
Define input and output paths along with the bundle name.
input_dir: data/input
output_dir: data/output
bundle_name: bundleCollect files, compute SHA256 hashes, generate a manifest, and anchor a timestamp.
veribundle --config config/example.yaml --buildA deterministic bundle is produced in the configured output directory. Optional ZIP and report files can also be generated.
Recompute hashes and compare against the manifest to validate integrity.
veribundle --config config/example.yaml --verifyVerification produces a binary outcome:
VERIFICATION PASSED
or
VERIFICATION FAILED$ veribundle --config config/example.yaml --build
✔ collecting files
✔ hashing (SHA256)
✔ bundling manifest
✔ anchoring timestamp
Bundle created: ./dist/evidence.vbundle
$ veribundle --config config/example.yaml --verify
✔ recalculating hashes
✔ comparing manifest
VERIFICATION PASSEDBundle files, hashes, and timestamps into a verifiable artifact for legal, investigative, and audit workflows.
Package data and outputs so results can be independently verified and reproduced deterministically.
Ensure artifacts match their source by bundling outputs with manifests for reproducible builds.
Share files with cryptographic integrity guarantees — any modification fails verification.
Maintain traceable integrity records across workflows with deterministic verification outcomes.
Detect corruption and ensure long-term data integrity through reproducible verification checks.
Veribundle is open-source. Your contribution will help support ongoing maintenance and future development.