Reader's guide · v2 · 2026

How to read Crovia

A practical guide to a signed temporal ledger. Twelve minutes to understand the whole system.

Contents

01What Crovia actually is
02The AxiomEnvelope
03Five envelope types
04Reading a chain
05Why silence is evidence
06What «signed» means here
07The Bitcoin anchor
08Verify it yourself
09Who writes the entries
10Why this is legal evidence

01 · What Crovia actually is

Crovia is a single, append-only ledger of signed observations about AI models, datasets, papers, organizations, and the public record around them. Every entry is timestamped, hashed, signed, chained to the entry before it, and (every few hours) anchored on the Bitcoin blockchain.

There is exactly one ledger. It lives at /opt/crovia/substrate/axiom_ledger.jsonl on a single, write-locked machine, replicated to GitHub for tri-local survivability, and exposed publicly through the cockpits at /substrate/, /chains/, and /v/.

What Crovia does not do: judge, accuse, label models «bad», or sell scoring services. The ledger only records what was observed and what remained unobserved — with cryptographic proof of when each was true.

02 · The AxiomEnvelope

Every entry in the ledger is an AxiomEnvelope — a small, self-describing record. Schematically:

{
  "axiom_id":     "axm_576738ade605b1a2307308bca05271cd9ee2b286",
  "axiom_type":   "AX.OBS",
  "subject":      { "target": "deepset/roberta-base-squad2",
                    "source_collector": "spider:vendor_press" },
  "object":       { "url": "https://...", "fingerprint": "sha256:..." },
  "body":         { ... whatever the agent observed ... },
  "issued_at":    "2026-05-03T17:43:29Z",
  "anchors":      { "predecessor": "axm_...", "tsa": "...", "btc": "..." },
  "signer":       "crovia.substrate.v1",
  "signature":    "Ed25519:..."
}

The fields you need to know:

axiom_id — SHA-256 fingerprint of canonical content. Unique. The envelope's name.
axiom_type — what kind of statement this envelope makes (see §3).
subject.target — what the envelope is about (a model, a paper, a docket entry, an organization).
issued_at — UTC timestamp at moment of signing. Cannot be rewritten without invalidating the chain.
anchors.predecessor — the previous envelope in this target's chain (or null for the first).
signature — Ed25519 over the canonicalized envelope. Verifiable with our public key.

03 · Five envelope types

Type	Meaning	Example
`AX.OBS`	Observation. Something was seen at this URL at this time.	OpenAI published a blog post on 2026-05-01 14:22Z (sha256:…).
`AX.ABS`	Absence. After systematic check, no evidence of X was found.	Model foo still has no published training-data manifest after 1,891 days.
`AX.NEC`	Necessity. A logical or legal claim derived from the chain.	If A and B both observed, then C necessarily holds.
`AX.LAC`	Lacuna. A monitored agent has gone silent past its declared cadence.	Collector `arxiv_paper_collector` silent for 1,113 hours (threshold 200 h).
`AX.RTR`	Retraction. A previously-observed object has been withdrawn or removed.	Paper arXiv:2401.12345 marked withdrawn on 2026-04-12.

Each type has the same envelope schema and the same signature requirement. What changes is the meaning the type assigns to the body content.

04 · Reading a chain

Every envelope points to its predecessor — the previous envelope about the same target_id. Walk the predecessors backwards and you get the chain: the full history of every signed observation ever made about that target.

Open /registry/chains/, search a model name, and you'll see something like this for deepset/roberta-base-squad2:

175 envelopes · first observed 2020-10-01 · latest 2026-05-03 · five years and seven months of continuously-signed history for one model.

Each envelope in the chain can be examined and verified individually. But the chain itself, taken whole, is a stronger object than its parts: to forge a single entry you would have to forge every entry that follows it, and re-sign all of them, against a public key you do not hold.

05 · Why silence is evidence

A model that fails for years to disclose its training data does not stop being observable just because nothing new is happening. Crovia turns that silence into a record.

Eight independent agents, each running on its own schedule, look for the information that would change the picture. When the cadence elapses with no new finding, an AX.LAC envelope is signed and added to the ledger, followed the next day by an AX.ABS envelope that re-asserts the absence. Across years, this becomes:

«On the following 1,891 consecutive checks, this model produced no disclosable training-data manifest. Each check is signed. The intervals are bounded. The chain is intact.»

That is not the absence of evidence. That is evidence of absence. The Latin phrase Crovia uses for it is lex temporum: time is the law.

06 · What «signed» means here

Every envelope is signed with an Ed25519 private key held on a single hardened machine. The matching public key is published at /opt/crovia/keys/substrate/public.pem and mirrored to GitHub. You can hold the public key in your hand. Crovia cannot retroactively change what it has signed, because every signature is computed over a canonical SHA-256 of the entire envelope, including the predecessor's id.

Once an hour, a continuous validator picks 5,000 random envelopes from the ledger via reservoir sampling, recomputes each signature, and publishes the result at /data/substrate/quality_report.json. At the moment of writing, every recent run reads "signature_sample": { "verdicts": { "ok": 5000 } }.

07 · The Bitcoin anchor

Periodically, the most recent chain head hash is committed to a Bitcoin transaction. The transaction id and block height become part of the next envelope's anchors.btc field. After enough confirmations, the anchor is effectively immutable.

Why Bitcoin and not a private timestamp authority? Because Bitcoin is the only timestamp service whose history we cannot rewrite even if we wanted to. Any auditor can walk to a block explorer and confirm that a given chain head was already committed at a given block height, without trusting Crovia.

08 · Verify it yourself

You do not have to trust us. You can verify any envelope from your browser:

Open /registry/v/.
Paste an axiom_id — for example axm_576738ade605b1a2307308bca05271cd9ee2b286.
The page recomputes the SHA-256 of the canonical envelope client-side.
It loads our public key.
It verifies the signature in your browser, with no trust in our server.

The verifier is a single, reviewable HTML page. There is no backend you have to take our word for. If the signature does not verify, the page tells you so.

09 · Who writes the entries

Eight automated agents currently feed the ledger, each declared in our domain language Axiom Language v0.1 (a simple YAML «genome» that defines sources, cadence, fingerprint method, and emission rules):

vendor_press — AI vendor blogs (4 RSS feeds, hourly).
vendor_tos, vendor_pricing — legal terms and pricing pages (weekly).
arena_drift — HuggingFace Hub model rank by downloads/likes/last-modified (daily).
model_card_drift — git-sha changes on 30 high-impact model cards (daily).
court_dockets — CourtListener feeds for AI litigation (daily).
arxiv_retraction — arXiv withdrawn/retracted papers (daily).
silence_witness — emits AX.LAC when other collectors fall silent (hourly, deduplicated).

No agent has write access to envelopes outside its own source_collector namespace. No agent can produce a signature. Signing happens once, at the substrate layer, after the agent's output has been canonicalized.

10 · Why this is legal evidence

A signed Crovia envelope satisfies the practical criteria a court or a regulator would care about:

Authenticity. Provable origin via Ed25519 signature against a published public key.
Integrity. SHA-256 over canonicalized content; any byte change breaks the signature.
Temporal anchoring. Bitcoin commitments make the chain head impossible to backdate.
Reproducibility. Raw observations, public sources, deterministic agents — the same input on the same day produces the same envelope.
Independence. No vendor pays Crovia to record or omit anything; the ledger has no edit endpoint, only an append endpoint.

This is the document a litigator wants when arguing about training data; the document a regulator wants when measuring compliance over time; the document a publisher wants when establishing prior disclosure or its absence. That is what we mean by «public legal instrument».

For deeper architectural detail, read the whitepaper. For raw envelopes, browse the substrate cockpit. For chain-by-chain views, open the chains explorer. For litigation-ready dossiers, see forensics.