Skip to content

ModelDirectory/verify

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 

Repository files navigation

verify

Check a 3D model file against the ModelDirectory provenance registry without trusting ModelDirectory.

When a creator stamps a model, its SHA-256 goes into a registry contract on Polygon: 0x687F2e6F96288Ac58fe22E2Eb000D1a628aEEB65. That contract is public. This script hashes your local file and reads the contract through a public RPC node of your choice, so the answer comes from the chain, not from us. If you don't trust our default RPC list, pass your own node with --rpc. If you don't trust this script, it's short enough to read in a couple of minutes, and the one contract call it makes is documented in the source.

Use

No install, no dependencies, Python 3.8 or newer:

python3 verify.py model.stl

Output looks like this:

file:      model.stl
sha256:    1fdb7a9029014badd25226298a2aebd605a6d254e5b7897fb27f8a2aa2279f2f
contract:  0x687F2e6F96288Ac58fe22E2Eb000D1a628aEEB65 (via https://polygon-bor-rpc.publicnode.com)
polygon:   REGISTERED at 2026-02-27T19:10:29+00:00 by 0xe44b46fbff780439ececd7bb26de1a5209a43f8f

Exit code 0 means the hash is in the registry, 2 means it is not.

If you know the model's ModelDirectory id (it's in the page URL), you can also check the signed certificate and the Bitcoin timestamp:

python3 verify.py model.stl --id 7154ac9f-4092-4d4d-b325-2fbf5d1ff9bf

The certificate check needs one extra package (pip install cryptography) because Ed25519 is not in the Python standard library. Without it the signature check is skipped and everything else still works.

What each check proves

  • polygon: this exact byte sequence was registered at that time. The timestamp comes from the Polygon blockchain, not from our database.
  • cert: the certificate the API serves for this model is signed by the ModelDirectory key and covers the same hash as your file.
  • bitcoin: the hash is also anchored through OpenTimestamps. The script reports our verification result and gives you the raw .ots proof URL so you can run ots verify yourself with the independent client.

What this does not prove

A registry entry proves the file existed at a point in time and who submitted it. It does not by itself prove authorship, and it says nothing about files that were never stamped. ModelDirectory also runs geometric shape matching (re-export and re-mesh detection) on the catalog; that happens server side and is not part of this tool. Details: how verification works.

License

MIT

About

Check a 3D model file against the ModelDirectory provenance registry

Resources

License

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages