Certificate Guide

Understanding Prova Certificates

A Prova certificate is a permanent, tamper-evident record that a specific AI reasoning chain was formally analyzed and found to be structurally valid or invalid.

What a certificate proves — and what it doesn't

A VALID certificate proves:

  • The argument's claims form a directed acyclic dependency graph (H¹ = 0)
  • No claim uses its own conclusion as a premise (no circular reasoning)
  • No two premises make mutually exclusive assertions
  • Every claim is reachable from at least one stated premise

A certificate does NOT prove:

  • The facts in the argument are true (factual accuracy)
  • The conclusion is ethically appropriate
  • The reasoning complies with any specific regulation
  • The AI system is safe, aligned, or fit for purpose

Certificate fields explained

certificate_id

PRV-YYYY-XXXX format. The year and 4-character suffix derived from the SHA-256 hash. Permanent and unique.

timestamp

ISO 8601 UTC timestamp of when the analysis was run. This is the legal anchor — it proves verification occurred at this moment.

verdict

VALID or INVALID. The primary output of the analysis.

confidence_score

0–100. How reliably the argument graph was extracted from the text. 90+ is clean; 70–89 is good but some inference occurred.

prova_version

The version of Prova that generated this certificate. For legal traceability.

validator_version

The version of cobound-validator (the formal proof engine) used. The mathematical guarantee is tied to this version.

argument_graph

The extracted logical dependency graph: nodes (claims) and edges (dependencies). Use this to render your own visualisations.

failure

Null if VALID. On INVALID: type, location, description, affected nodes/edges, and known downstream consequence.

original_reasoning

The reasoning text as submitted. Null if retain=false was set.

certificate_url

Permanent public URL. Anyone with this URL can view the certificate. Never expires.

sha256

SHA-256 hash over the core analytical fields. Allows independent verification that the certificate has not been modified.

Interpreting the confidence score

The confidence score (0–100) reflects how reliably the argument graph was extracted from the original text — not how logically strong the argument is.

90–100Extraction was clean and unambiguous. All nodes and edges are clearly defined.
70–89Extraction was successful but some structure was inferred. The verdict is reliable.
0–69Extraction confidence was too low — Prova returns EXTRACTION_AMBIGUOUS instead of a certificate.

Failure types

CIRCULAR

The argument graph contains a cycle. A claim depends (directly or indirectly) on itself. This is circular reasoning — the conclusion cannot be established because it is assumed in the process of establishing it.

"This treatment is safe because it passed trials. It passed trials because it is safe."

CONTRADICTION

Two or more premises make mutually exclusive assertions. Both are treated as true, but they cannot simultaneously hold. Any conclusion built on contradictory premises is formally unsound.

"The patient has no fever (premise 1) and the patient has a high fever (premise 2), therefore..."

UNSUPPORTED_LEAP

A claim asserts it follows from prior claims, but there is no reasoning path connecting it to any stated premise. An intermediate step is missing.

"We observed increased web traffic. Therefore, we should acquire the company."

Independent verification

Every certificate includes a SHA-256 hash. To independently verify a certificate has not been tampered with, recompute the hash over the canonical JSON of these fields: timestamp + verdict + confidence_score + argument_graph + failure. The result must match the sha256 field in the certificate.

import hashlib, json

def verify_cert(cert: dict) -> bool:
    payload = {
        "timestamp":        cert["timestamp"],
        "verdict":          cert["verdict"],
        "confidence_score": cert["confidence_score"],
        "argument_graph":   cert["argument_graph"],
        "failure":          cert["failure"],
    }
    canonical = json.dumps(payload, sort_keys=True, separators=(",", ":"))
    computed = hashlib.sha256(canonical.encode()).hexdigest()
    return computed == cert["sha256"]

Using certificates in compliance documentation

For EU AI Act, FDA, or SEC compliance purposes, a Prova certificate provides:

  • A timestamped record of when reasoning was verified
  • The exact version of Prova and cobound-validator used (mathematical traceability)
  • A permanent URL that auditors can independently access and verify
  • A downloadable PDF suitable for inclusion in audit packages
  • A SHA-256 hash for cryptographic proof of non-tampering

Note: A Prova certificate demonstrates that AI reasoning was formally analyzed. It is one component of a compliance record — not a substitute for legal counsel or a complete regulatory compliance certification.