This repository contains code to read the transparency log for Binary Transparency for Pixel Factory Images. See the particular section for this tool here.
cmd/verifier/internal/This module requires Go 1.17. Install here, and run go build cmd/verifier/verifier.go.
An executable named verifier should be produced upon successful build.
The verifier uses the checkpoint and the log contents (found at the tile directory) to check that your image payload is in the transparency log, i.e. that it is published by Google.
To run the verifier after you have built it in the previous section:
$ ./verifier --payload_path=${PAYLOAD_PATH}
The verifier takes a payload_path as input.
Each Pixel Factory image corresponds to a payload stored in the transparency log, the format of which is:
<build_fingerprint>\n<vbmeta_digest>\n
See here for a few methods detailing how to extract this payload from an image.
The output of the command is written to stdout:
OK if the image is included in the log, i.e. that this claim is true,FAILURE otherwise.