Every Modulith Lab Cert includes integrity metadata that allows any third party to verify authenticity. A valid report will confirm: the report ID was issued by Modulith Research CIC, the assessment date, the model and provider assessed, the methodology and specification version used, and whether the report is current or stale.
Reports include a SHA-256 hash computed from the report ID, assessment date, model, methodology version, and specification version. This hash appears on both the report itself and in this verification system. If the hash does not match, the report has been altered.
Vendor-furnished reports must include intact report ID, integrity hash, and methodology version. Any report with missing or altered integrity metadata should not be relied upon.