Cvera

Overview

Verifiable human claims for independent trust systems

Cvera is a prototype system for user-held, cryptographically verifiable claims that enables trusted issuers to create signed records about individuals, which can be independently verified without relying on direct access to the issuing authority.

Cvera defines a generalized framework for portable, verifiable human claims across domains.

What this demo shows

  • Issuance of a verifiable claim token
  • User-held credential (portable JSON)

  • Independent verification

    signature validation

    trust chain evaluation

    revocation checking

Claim types

Professional employment roles and relationships

Academic qualifications and certifications

Licenses and regulatory status

Legal identity changes

Achievements and affiliations

Why this matters

AI is accelerating the creation of synthetic and unverifiable information. Trust in claims about individuals is eroding. Verification still depends on manual checks across fragmented systems.

Cvera introduces a model where claims are portable, verifiable, independent, and auditable.

This shifts systems from trusting claims to verifying proof.

Vision

A world where individuals hold their own verifiable records, and institutions rely on independent verification rather than intermediaries.

Architecture

System architecture

High-level system architecture illustrating identity, authentication, and backend API flows supporting claim issuance and verification.

Cvera system architecture showing the Expo iOS client, ingress and TLS layer, Kratos identity provider, EVT domain API, and associated Postgres data stores.
Expo iOS Client Ingress / TLS Identity Provider (Kratos) EVT Domain API Expo App React Native / SDK 54 Nginx auth.cvera.app Nginx api.cvera.app Kratos Public serve public :4434 Kratos Admin serve admin :4435 Postgres DB 'evt_kratos' identities, credentials, Kratos sessions EVT Go API api.cvera.app SQL domain data, refresh token hashes HTTP :4435 Kratos admin API session / identity lookup HTTPS email/password, self-service login flows HTTPS access_token (JWT), refresh_token (opaque hex) HTTP :4434 identities / sessions HTTP :8080 SQL identity state

Next steps

Explore the prototype, provide feedback.