a publishing platform, rebuilt around one rule
Papers that carry receipts. We re-execute them.
Peer review verifies by reading, and reading can be gamed: rephrase an abstract can substantially change AI-generated review ratings.1Certiv takes the checkable half of a paper, its proofs, computations, and data-derived numbers, and verifies it the one way prose cannot steer: by running it again. Under the declared artifacts and execution rules, a claim reproduces or it visibly fails.
What remains for human judgment, novelty, significance, taste, is routed to humans, and everything ambiguous fails closed. Nothing is silently trusted.
every release carries its own receipt
the tool under its own law
certiv verifies certiv.
Every release ships with a claim manifest about itself, packed and re-executed like any paper: that nondeterminism is refused, that authors cannot write a verifier’s fields, that the independent kernel agrees with the full tool. The receipt beside this text carries the real hashes from this release.
Verify it against us with one file and no account:
# 199 lines of stdlib define what a valid receipt is
python3 certiv-kernel.py . --executekernel sha256 0f8a8b3e63b2796b26b7dfbf6301ad34… · read every line
what this is worth
Not a better shelf. A different life.
if you write papers
The checkable fraction of review becomes minutes of recomputation, so human reviewers spend their time on novelty, significance, assumptions, ethics, and interpretation. Your receipt is portable: carry it to any journal. No endorsement gate, no affiliation check. Whether it runs does not care who you are.
And the scooping paradox finally has an exit: seal your method, publish the pass/fail, and hold a ledger-anchored timestamp that proves you were first without showing how.
if you build on papers
A receipt is a working artifact: pinned inputs, pinned environment, the exact command. Citation becomes import, and the weeks you spend re-implementing someone’s result collapse into minutes.
Coverage and the visible residual tell you exactly where your reading hour is still needed. Your attention goes where judgment is irreplaceable, and nowhere else.
if you care about science
Every third-party replay is recorded, so a claim accumulates a living reliability record: verified by how many independent parties, across how many years. Failed replays surface decay honestly instead of silently.
Content addressing and federation mean a claim checked today is still checkable in 2050. Trust stops being a rumor and becomes a record.
how a paper earns its badge
Five steps, one honest word.
Declare
certiv init writes the claim manifest. You state, claim by claim, what in your paper is checkable and the command that recomputes it.
Pack
certiv pack hash-pins every input, runs every claim twice in a scrubbed environment, and refuses anything nondeterministic. The receipt it emits is fully pinned.
Check
certiv check is the referee at your own desk: it re-executes the receipt and either confirms it or names exactly which claim no longer holds.
Submit
certiv submit appends your paper to a hash-chained public ledger. Our verification nodes re-execute every claim in a sandbox and sign what they saw.
Anyone re-verifies
Every verdict carries a replay token. Readers press re-verify and watch the claim recompute; auditors replay the whole decision path. The word “verified” is never asserted, only earned.
public when science should spread, private when disclosure would destroy value
Your method stays yours.
Public papers are crawlable, searchable, citable, and replayable. A private vault record is sealed, access-controlled, and exportable for counsel, diligence, or later publication. Certiv never requires authors to open-source methods: verification binds to artifacts, not methods, and the badge states the tier exactly. Reading is public, verification is portable, and accounts manage ownership and payment while receipts carry the truth.
| tier | what you disclose | what the badge says |
|---|---|---|
| T3 · proof-carrying | A certificate the open kernel checks. Your discovery method never leaves your machine. | kernel-checked, method private |
| T2 · receipt-verified | Claims and pinned inputs public; the method rides in a sealed container, re-executed under a verification-only license. The hash timestamp doubles as priority evidence. | pass/fail public, container sealed |
| T1 · fully open | Everything public, verified end to end. | open and re-executable by anyone |
| T0 · attested only | Signed but not re-executed. Identity and time only. | not a verification: says a signed artifact existed at a time, nothing more |
what this removes
On the receipted fraction, hallucination is impossible, nothing is generated, only recomputed, and gaming is powerless, because prose is not what is evaluated. A false claim of error cannot happen: a check reproduces or it visibly fails.
what this does not claim
Certiv does not judge novelty, significance, or taste; those remain human work, deliberately. Coverage is partial where formal artifacts are rare, and every badge states its numbers exactly: “14 of 17 claims verified” is a sentence you can check, not a score you have to trust.
1 On AI-generated review manipulation via abstract rephrasing, see recent work on adversarial prompting of automated reviewers (e.g. arXiv 2024–2026). Exact effect sizes vary by model and attack; the point is directional and well-documented.