SEED / Clearance
developer preview
Trust

Verify a release before running it

SEED publishes signed release files. Before you run them, you can check that the files match the public release key and were not changed after publication.

What's in a release

contents
seed-clearance-0.7.0/
  SHA256SUMS
  SHA256SUMS.sig
  release-manifest.json
  bin/seed
  bin/seed-clearance-starter
  bin/seed-cryptops
  bin/seed-hw
  bin/seed-runner
  bin/seed-zkvm-client
  bin/seed-zkvm-verify
  bin/seed-browser-host
  bin/seed-local-bridge
  lib/base.wasm
  packages/seed-mcp.tgz
  packages/seed-vscode.tgz
  packages/seed-browser.tgz
  packages/seed-custom-gpt.tgz
  packages/seed-sdk-js.tgz
  packages/seed-sdk-rust.tar.gz
  evidence/trust-loop-local/evidence.json

Verify it

sh
# Public release key
curl -fsSL https://seedid.xyz/releases/tier1/latest/seed-release-public.pem > seed-release-public.pem

# Verify checksums and signature
sha256sum -c SHA256SUMS
openssl dgst -sha256 -verify seed-release-public.pem -signature SHA256SUMS.sig SHA256SUMS

release-manifest.json

The manifest is a machine-readable status file for a release. Do not treat the P1 canary as proof that production clearance verification, rewards, claims, private payments, or live receipt lookup are complete:

release-manifest.json
{
  "version": "0.7.0",
  "build_id": "2026-04-29.release-candidate.4",
  "signed_control_plane_packet": true,
  "install_default_artifacts": [
    "bin/seed",
    "bin/seed-clearance-starter",
    "bin/seed-cryptops",
    "bin/seed-browser-host",
    "bin/seed-local-bridge",
    "lib/base.wasm"
  ],
  "evidence": {
    "source": "pass",
    "local_signed_fixture": "pass",
    "local_trust_loop_signature": "pass",
    "accept_bbs_selective_disclosure": "pass",
    "published_like_install_smoke": "pass",
    "hosted_release": "pass"
  },
  "clearance_wave_gates": {
    "seed_clear_earth_runtime": "live_p2_p3",
    "seed_clear_release_grade_artifact": "no_go",
    "p2_p3_public_live_production": "go_signed_receipt",
    "r1_p6_p7_protocol_source_surface": "bounded_chain_bridge_claimable_query",
    "a3_g4_chain_sequence": "consume_final_materialize_final_fund_final_release_final",
    "a3_g4_claimable_balance_query": "positive_22500useed",
    "validator_binary_alignment": "done_earth_mars_e63c2a0",
    "product_origin_chain_payout": "no_go_msg_claim_not_executed",
    "hosted_economic_proof_surface": "live_bounded_a3_g4_evidence",
    "public_economic_claim": "no_go",
    "p6_p7_live_rewards_claims": "no_go",
    "w7_private_payments": "hold_until_explicit_go"
  }
}
Current wave gates stay narrow. The P1 Earth runtime now serves the public-live P2/P3 challenge, verify and signed receipt path. This still does not claim product-origin chain payout, hosted CVD rewards, public pending reward claims, private payments, Adseed economy, validator incentives, permissionless decentralization, auto-renew, provider-native assurance, regulated provider assurance, full revocation ZK presentation, or live settlement payout.

Local test vs hosted release

Local test evidence exists today: the local release builder and verifier succeed against a clean tree. That is the floor.

Hosted release evidence requires a signed packet served from seedid.xyz and verified end-to-end. That evidence can exist for a control-plane packet while the R1/P6/P7 local-contract economics and bounded A3-G4 chain bridge proof are separate evidence. Earth/Mars validator runtime alignment is now proven on e63c2a0, and the hosted economic proof route is public `200`; however `MsgClaim`, payout, hosted rewards, and private payments remain blocked until their own evidence closes.