Reference verifier
The independent verifier for BAINK evidence bundles.
A Rust-native command-line tool that checks bundle structure, artifact hashes, event hash chains, reference resolution, material claim support, required signoffs, and profile-specific rules.
Install
One binary. No account.
The reference verifier ships as a single static binary for Linux, macOS, and Windows, with a WASM build for browser-side verification.
cargo
$ cargo install baink-clidocker
$ docker run --rm -v $PWD:/work baink/verify ./loan_123_bundleUsage
Eleven commands.
Inspect, verify, diff, sign, and report on bundles from the command line.
cli surface
baink init
baink validate-schema
baink hash
baink pack
baink unpack
baink verify
baink inspect
baink diff
baink sign
baink attest
baink reportExample run
A full verification report.
command
$ baink verify ./loan_123_bundle --profile baink-cm-0.1output
BAINK Verification Report
Bundle: loan_123
Profile: BAINK-CM-0.1
Verifier: baink-verify 0.1.0
Status: FAIL
PASS bundle_manifest_valid
PASS artifact_hashes_match
PASS event_hash_chain_valid
PASS policy_refs_resolve
WARN low_materiality_claim_missing_source_span
FAIL unsupported_material_claim
FAIL missing_reviewer_signoff
Critical failures:
- claim_099 appears in final memo without support
- final recommendation lacks required reviewer signoffWhy Rust
Boring, deterministic, portable, and hard to corrupt.
Deterministic parsing
Two parties run the verifier and get the same answer.
Strict schemas
Status and types are enums, not strings.
Memory safety
The verifier inspects potentially hostile bundles.
Portable binaries
Linux, macOS, Windows, Docker, WASM.
Supply-chain audibility
Independent of any commercial implementation.
Low operational footprint
Runs locally without a SaaS account.
BAINK's open verifier should be boring, deterministic, portable, and hard to corrupt. That is exactly where Rust shines.