askqp evidence bundle
=====================

This is a self-contained, offline-verifiable proof of a range of AskQP audit
capsules. It contains:

  manifest.json   the range, a SHA3-256 digest of capsules.jsonl, governance
                  gate metrics for the range, and a signature over the manifest
  capsules.jsonl  one capsule per line, canonical JSON, ascending sequence,
                  each carrying its own SHA3-256 hash and Ed25519 signature
  verify.py       a standalone verifier
  README.txt      this file

To verify (no AskQP install required):

  python3 verify.py

What a pass proves, standalone (no third-party packages):
  - capsules.jsonl is byte-for-byte the file the manifest describes
  - every capsule's content still hashes to its recorded SHA3-256 hash
  - the capsules form an unbroken, correctly ordered hash chain

With PyNaCl installed (pip install pynacl), verify.py additionally proves:
  - the manifest was signed by the holder of the stated Ed25519 key
  - each capsule signature is valid under that key

Post-quantum note: capsules and the manifest may also carry ML-DSA-65
(signature_pq) material. verify.py reports it but does not check it; verifying
it needs a FIPS-204 library. The absence of a PQ signature never fails a bundle.

A failed check prints FAIL and exits non-zero, naming the capsule at fault.
