Skip to content
Verify

Take the evidence. Run the scorer. Get the same number.

A CAI is worth citing because it can be checked. There are two checks: reproduce a survey (the number is honest arithmetic over the evidence) and verify a signed delivery (the package is ours and unedited). Both are yours to run — no account, no permission.

Check one

Reproduce a survey.

The reproducibility invariant: same commit + frozen rubric → same number.

Obtain the evidence

Every survey publishes the evidence package behind its score — the measured dimensions, the lens folds, the pinned rubric version.

Run the open scorer

Run the open-source reference scorer over the evidence, pinned to the survey's rubric version. The scoring math is public and re-implementable.

Compare

Same commit + frozen rubric must yield the same number. If it doesn't, you've found a discrepancy — and that's worth reporting, because the standard's guarantee failed.

Check two

Verify a signed delivery.

A shared CAI-delivery package is tamper-evident. Two checks confirm it.

Check the signature

Ed25519-verify the package signature against the issuer public key. A valid signature proves the package was produced — and is reproducible — by the issuer, not assembled by whoever shared it.

Check the content hash

The package is content-hashed; recompute the hash over the manifest and compare. A single edited byte breaks it — the package is unedited by the sharer, or the check fails.

What the two checks prove together: the number came from the standard, and nobody between the issuer and you touched it.

Who this page is for.This is the page a buyer's or acquirer's own advisors use. Assay links here as "verify any number yourself"; Watchdog links here from its methodology and evidence pages. The check is the same for everyone — that's the point.

Don't take the number on faith. Run the check.

How the number is computed → /spec