Open, verifiable, agent-ready
ARD & Agentic Conformance
SnowSure publishes its ski & snow resources so AI agents can both find them and trust them — by recomputing the proof from the bytes, without taking our word for it. Everything below is independently runnable. The trust model is Agentic Resource Discovery (ARD): signed did:web catalogs an agent can verify with no call back to us.
Verify it yourself
Don’t trust — recompute
A standalone, dependency-free verifier (Node ≥ 18, no install). It fetches a catalog, resolves the issuer’s did:web document itself, re-canonicalizes each entry, content-addresses it, and checks the Ed25519 signature — no issuer in the loop.
curl -s https://www.snowsure.ai/ard-verify.mjs | node - https://www.snowsure.ai/.well-known/ai-catalog.jsonThe same verifier runs against any producer’s catalog — proof the check is carrier-agnostic:
curl -s https://www.snowsure.ai/ard-verify.mjs | node - https://lux.ski/.well-known/ai-catalog.json
curl -s https://www.snowsure.ai/ard-verify.mjs | node - https://afo.re/.well-known/ai-catalog.jsonRunnable conformance
A conformance corpus, not a claim
snowsure-did-web-conformance (v1.0.0) is a standalone, versioned corpus — it imports no SnowSure code, so passing it is conformance to the published fixtures, not to us. Two suites: per-record recompute (content address + result re-derivation + signature) and record-set completeness (duplicates, authorized-with-no-outcome, executed-with-no-result, and dropped records all detected — “absent never means clean”).
curl -sL https://www.snowsure.ai/conformance/snowsure-did-web-conformance-v1.0.0.tgz \
| tar -xz && node snowsure-did-web-conformance/run.mjscorpusDigest sha256:b6f24a00cfdb9f08058cc8f8c61fa9ea6c0d6495384d5eb8a64cb9518edfd61a · browse the corpus. The content addresses are deterministic SHA-256 over the canonical bytes, so a different-language tool (we used a std-lib Python generator) re-mints them with no shared code — the vectors are independently producible, not just checkable.
The proposed contract
Seven checkable properties
The shared idea under discussion: pin a small set of checkable properties and let every format be an instance under it — none of them the envelope. The checker and the generator are both commodities; the normative artifact is the content-addressed, digest-pinned vector set that any runner reproduces.
The record declares exactly which canonicalization produced the bytes being addressed (here: JCS / RFC 8785).
A digest taken over those canonical artifact bytes — not over a producer’s later assertion about the result.
The record names the kind of evidence it carries and the schema/version a consumer reads it under.
It states the boundary it covers and when the observation was made or expires.
A consumer can re-derive the claimed result from the bytes — or the record says it is issuer-attested rather than independently re-derived.
Missing or unchecked coverage is explicit, so absent never quietly reads as clean.
The record states what it does not cover — anything outside scope, freshness, or coverage.
Follow or join the discussion on ARD spec issue #7.
The network
Signed across the family
Every catalog below is published with a signed did:web trust manifest and is independently verifiable with the command above. Discovery across the network runs through the SnowData Network.
More
- ARD spec issue #7 — the open contract discussion.
- opensourcesnow.com — the open-standard editorial home.
- SnowData Network — publish a signed catalog and get discovered.
- SnowSure Answer Engine — the grounded Q&A agents reach.
