Lumra signs events at their origin, links them into a hash-chained ledger, and exports bundles that verify with no PriviNet servers, accounts, or goodwill involved. This page is the engineering view of how.
A cryptographically verifiable event record is an event that is digitally signed where it happens and linked by hash to the record before it. The signature proves which device or person created it, and the hash chain proves nothing was altered, inserted, or deleted afterward. Verification requires only the exported records and open cryptographic checks (Ed25519 signatures and SHA-256 hashes), not access to the vendor's systems.
Signed at the source · linked into the chain · verifiable without us
Ed25519 signatures are generated where the event occurs: biometric-gated on worker phones, device-bound per-tenant keys on gateways. The signature is born with the event, not added later in someone's cloud.
Webhook ingest accepts events from MIOTY networks, sensors, cameras, and dashcams. Vendor signatures we cannot yet verify are marked exactly that way (vendorSignatureUnverified) and preserved, never upgraded or discarded. Honest status is a feature, not a gap.
Every 60 seconds, a Merkle root of the telemetry anchors into the permanent ledger, so even the readings that expire leave a fingerprint that can't be rewritten.
The verifier is a standalone zero-dependency tool. No PriviNet servers, databases, accounts, or API keys involved.
Auditors, insurers, regulators, opposing counsel: the people who shouldn't have to trust you are exactly who it's built for.
Exported bundles verify even if PriviNet ceases to exist. Change one byte in the export and verification fails, naming the broken entry.
We will not describe a capability as available until it is. Shipped: source signing, the hash-chained ledger, Merkle-anchored telemetry, MIOTY and HTTP webhook ingest, and the standalone verifier. Everything else is labeled roadmap, here and in every demo.
A phone tap becomes a signed, chained, independently verifiable record while you watch. Sixty days, twenty-five devices, zero dollars.