Run it. Read it. Validate it.
Three paths to verify the numbers. Pick the depth that fits you. No install required.
Verify in your browser, or with cosign.
Two paths to the same answer. Most reviewers start in the browser. Engineers and auditors who want a command-line trace use cosign.
Verify in your browser.
Click any performance result below to verify it cryptographically. The verifier runs locally in your browser. No software install. No data sent anywhere.
Verify in browserOr run cosign on your machine.
Use the standard cosign tool to verify the entire test verification record from the command line.
$ curl -sLO https://github.com/COSIMOAI/validation/releases/latest/download/receipts.tar.gz $ curl -sLO https://github.com/COSIMOAI/validation/releases/latest/download/receipts.sigstore.json $ cosign verify-blob \ --bundle receipts.sigstore.json \ --certificate-identity-regexp '.*@cosimo\.ai$' \ --certificate-oidc-issuer https://accounts.google.com \ receipts.tar.gz Verified OK
What the Validation aims to prove.
Cryptographic verification is a strong signal. Here is what it delivers, in plain terms.
Proves
- The benchmark runs occurred on the hardware described.
- The published performance metrics match what the runs actually produced.
- No file in the bundle has been altered since publication.
- The same numbers reproduce under independent recomputation, hash check, and signature verification.
- Multiple independent runs produced consistent results.
For the matching list of what the Validation does not prove, see the FAQ.
What is verified now. What is coming.
Six cryptographic checks run live against the v1.0.0 bundle. One scheduled upgrade lands with v1.1.0. Listed honestly so a reviewer can calibrate.
Live now (6)
- File integrity: SHA-256 of every file in the manifest matches.
- Per-result recomputation: every metric reproduces from source data.
- Sigstore Fulcio identity: short-lived certificate bound to the COSIMO publishing identity via Google OIDC.
- Sigstore Rekor transparency log: signature publicly logged, cannot be forged after the fact.
- OpenTimestamps Bitcoin anchor: bundle hash committed to a Bitcoin block.
- Manifest hash chain: bundle byte-identical to what was signed.
Scheduled v1.1.0 (1)
- NVIDIA hardware attestation: re-run the canonical 5x40 protocol inside an H100 Confidential Compute enclave. NVIDIA's attestation service signs a statement binding the run to specific hardware, container, and driver state.
The v1.1.0 upgrade adds an additional cryptographic layer on top of the existing chain. Its current absence does not weaken what is verified today. The six live checks already deliver substantial cryptographic ground: bundle integrity, source-to-result traceability, signed identity, public transparency log, and Bitcoin-anchored time.
Six headline performance results.
Each card maps a performance result from the tests. These metrics are tied to a six-step verification chain: file integrity, per-result recomputation, Sigstore Fulcio identity, Sigstore Rekor transparency log, OpenTimestamps Bitcoin anchor, and the manifest hash chain. NVIDIA hardware attestation lands as a seventh layer with v1.1.0. Click any card to verify a specific metric in your browser. Or use the cosign command above to verify all six at once.
Layer 1 Validation is the first step.
Follow the sequence of increasing certainty by adding layers of verification. Each layer closes a different gap. Pick the layer that matches what you need to be convinced of.