SifrBolt Documentation
Documentation to understand the SifrBolt platform and use it effectively.
Why it matters
Every external promise about SifrBolt’s performance or governance links back to an artifact here. Share this hub with compliance teams, auditors, and stakeholders so they can verify trust on their own terms.
What You Can Do Here
- Download signed license manifests and inspect plan entitlements before procurement.
- Trace rulepack releases, signatures, and hashes without leaving the page.
- Pull telemetry attestations that back up our performance and uptime claims.
- Learn how to re-run every proof locally using the same scripts our team relies on.
Live Proof Feed
License Feature Manifest
The license service publishes a signed manifest at
https://data.sifrbolt.com/trust-center/manifest/license.manifest.latest.json (latest pointer) and retains a versioned copy at
https://data.sifrbolt.com/trust-center/manifest/license.manifest.v2025.09.0.json. The signature is produced with Ed25519 key
license-prod-20250915 and expires at UNIX epoch 1757980800.
{
"version": "2025.09.0",
"published_at": "2025-09-15T00:00:00Z",
"plans": {
"spark": {
"features": [
"critical_css",
"html_minify",
"async_fonts"
],
"limits": {
"domains": 1,
"pages": 1000
},
"packs": {
"speed_packs": false,
"edge_packs": false,
"security_packs": false,
"db_packs": false,
"zk_packs": false,
"agency_packs": false,
"enterprise_packs": false
},
"enterprise": {
"sso_saml": false,
"waf_rulesets": false
}
},
"surge": {
"features": [
"critical_css",
"html_minify",
"async_fonts",
"image_optimization",
"edge_cache",
"autoload_inspector_write",
"js_scheduler",
"image_iq"
],
"limits": {
"domains": 5,
"pages": 10000
},
"packs": {
"speed_packs": true,
"edge_packs": true,
"security_packs": false,
"db_packs": false,
"zk_packs": false,
"agency_packs": false,
"enterprise_packs": false
},
"enterprise": {
"sso_saml": false,
"waf_rulesets": false
}
},
"storm": {
"features": [
"critical_css",
"html_minify",
"async_fonts",
"image_optimization",
"edge_cache",
"ai_performance_audits",
"autoload_inspector_write",
"js_scheduler",
"image_iq",
"index_pack",
"redis_advanced"
],
"limits": {
"domains": 20,
"pages": 50000
},
"packs": {
"speed_packs": true,
"edge_packs": true,
"security_packs": true,
"db_packs": true,
"zk_packs": false,
"agency_packs": true,
"enterprise_packs": false
},
"enterprise": {
"sso_saml": false,
"waf_rulesets": false
}
},
"citadel": {
"features": [
"critical_css",
"html_minify",
"async_fonts",
"image_optimization",
"edge_cache",
"ai_performance_audits",
"sla_priority",
"autoload_inspector_write",
"js_scheduler",
"image_iq",
"index_pack",
"redis_advanced"
],
"limits": {
"domains": 50,
"pages": 200000
},
"packs": {
"speed_packs": true,
"edge_packs": true,
"security_packs": true,
"db_packs": true,
"zk_packs": true,
"agency_packs": true,
"enterprise_packs": true
},
"enterprise": {
"sso_saml": true,
"waf_rulesets": true
}
}
}
}| Plan | Features | Limits | Pack Flags |
|---|---|---|---|
citadel |
|
|
|
spark |
|
| None |
storm |
|
|
|
surge |
|
|
|
Signature (base64url): YQ8Mkw5DOaV8qUviPHfggCzajuZTy0tAg2b1OKBdi-ln-YRZmqkYuTvgnMqLjFx_5hpR35SJ8ViZY14p8EWDDw
License JWKS
JWKS endpoint: https://data.sifrbolt.com/trust-center/manifest/license.jwks.json
{
"keys": [
{
"kty": "OKP",
"crv": "Ed25519",
"kid": "license-prod-20250915",
"x": "2ao9DVn-dQL2HMYKvsDkgZDIirSQGD214qzrO7dY8f0"
}
]
}Rulepack Channel: stable
Verifying key (base64): A6TF8Uo99DehlAX+r2w9E/gdIewFUpiLdusmOfAOvwQ=
| Rulepack | Version | Created | Rules | Highest Severity | SHA256 | Artifact | Signature |
|---|---|---|---|---|---|---|---|
stable-1.0.0 | 1.0.0 | 2025-09-18T04:56:00.86179Z | 2 | high | 5fd0cb… | JSON |
Signature
T5ObbV… |
stable-1.0.1 | 1.0.1 | 2025-09-18T04:55:28.932061Z | 2 | high | cbde73… | JSON |
Signature
88+MSe… |
Hash Ledger
Ledger: /trust-center/rulepacks/stable/hashes.txt · Signature: /trust-center/rulepacks/stable/hashes.txt.sig
SHA256 (ledger file): 2dfd9b8369cf3ee80c028cb095172082548ddb3694d66af71b203d11940c1d1c
-
5cc4c61afb252a51bc4b5d76e45f1b19f53b2b857563da09d874c8e5d808502d· hashes.txt -
d231e6a48468af7569c8a8261945e3c8ce0692fb6df7fbf505d313a2eeb2b9cd· stable-1.0.0.json -
8a2b6a9dcc9cfb5261359bf95275320aa46821544ed52f29f8421c2193609a2d· stable-1.0.1.json
Telemetry SpeedDelta Attestation
Latest attestation: /trust-center/telemetry/speed-attestation.json
-
Delta:
0ms (baseline2500ms) -
Signature:
_nQK1kjEdi5txOgRJBQRQgn5xKGXFrnh3YgMGQQjLOLKmLaZ9n8fktwY9v0Vw9-4_REtC2bvAHOXA49Nv4oCAA -
Key ID:
telemetry-key-20250921
Pilot Artifacts
publisher-001
- baseline.json · SHA256
c81077b2cbfa09ac0e4c8c57cc180178ed95176d0a688f5c7ba32a82959cd145 - canary.json · SHA256
9d9daedbb05eaa0f1bfaeb5f7a55647fa48b225cb64c42a05907c00cadbc98a0 - speeddelta-stage-final.json · SHA256
e506094a6c8d7cb5bf12b6d30062f2f22cbf187d19288970144e32e6db73d287
woo-hpos-001
- baseline.json · SHA256
c45823a9bead7c3424c15bfa33ad7bdfd9b0b7ed2027f2be8eec151b9e0c1929 - canary.json · SHA256
b6632686d5d068fa804110d76f4ac12ab14df6acc7d85513a9d80de40664ac38 - redis.json · SHA256
44980ab628e70baa0168550fc76f06d28eef15c22cbddff5fc4b290e7f663698 - speeddelta.json · SHA256
11acbc75a7cd535848d619386236f169e3f178fe8c3796f6786b3735af82b210
Self-Serve Verification
Run it yourself
- Copy the artifact URL and signature from the tables above.
- Run the verification CLI (e.g.,
bunx @sifrbolt/verify signature --artifact <code>URL</code> --signature <code>BASE64</code>) to confirm authenticity. - Match the SHA256 you compute with the ledger entries provided.
Need something we have not published yet? Email the trust desk and we will add it here with a signed entry.
Add vertical- or customer-specific attestations under docs/src/pages/trust-center/ so every customer segment can validate what matters most to them.