Paste the practice ID and the signature printed at the bottom of the badge. We recompute the signature server-side and tell you whether it matches — no login, no API keys.
Each badge SVG carries a 12-character SHA-256 prefix derived from (practice ID + current score + updated timestamp + server secret). The full 64-character signature is stored server-side.
Practice ID and the signature shown on the badge. No confidential data required — these are visible to any reader of the badge.
Server re-derives the signature using the current score on record and the stored secret. Match = authentic. Mismatch = tampered, expired, or stale score.
Every Moirai-verified practice has a public landing page at /certified/[practice-id]. If you have a practice ID, go directly there.