Below are three signed “deletion certificates” and one public key. One is genuine; one was edited after signing; one was minted with a different key. Verify them yourself — pip install lethe-delete, no database, no account — and prove which is which. The point isn’t to trust us. It’s that you don’t have to.
Pinned operator public key (an unpinned check only proves self-consistency, never authenticity):
# installs the same code that mints the certs pip install lethe-delete # fetch the three certs, then check each against the pinned key for n in 1 2 3; do curl -sO https://lethe-delete.com/demo/cert-$n.json; done lethe verify cert-1.json --public-key MPCX5IuKiJ2radV/O3x/LRyk7mTt4wPzLNtOpnQmLU8= lethe verify cert-2.json --public-key MPCX5IuKiJ2radV/O3x/LRyk7mTt4wPzLNtOpnQmLU8= lethe verify cert-3.json --public-key MPCX5IuKiJ2radV/O3x/LRyk7mTt4wPzLNtOpnQmLU8=
import json, urllib.request
from lethe.cert_schema import verify_certificate_json # pip install "lethe-delete[mcp]"
PUB = "MPCX5IuKiJ2radV/O3x/LRyk7mTt4wPzLNtOpnQmLU8="
for n in (1, 2, 3):
url = f"https://lethe-delete.com/demo/cert-{n}.json"
cert = json.load(urllib.request.urlopen(url))
print(n, verify_certificate_json(cert, trusted_public_key=PUB))
Found the real one? Post which cert verified and how you knew — or try to slip a forgery past the pin. Both are the point.