Proof Exhibits

See how OpsProof handles the full spectrum of operations. Browse our library of sealed artifacts, then open any Portable Record to inspect the evidence and verify it offline.

Outcome • Timeline • Evidence • Sign-offs • Verify offline

Exhibit library

Compare outcomes across workflow types, then open the record to inspect evidence and sign-off requirements.

Zero-Trust Industrial Agent

Workflow: AutomatedOutcome: FINAL

The Scenario

An operator kicks off an access review run in OpsProof because it’s time to answer: who has admin-level access, and should they still? The run records the current baseline, captures the agent’s review trail and decisions, and stages controlled changes (rotation plan, policy change, rollback plan). With the operator in the loop, it executes a break-glass key rotation, validates the results, and produces an executive brief—then closes with the required sign-offs, sealed to the same record.

The Verdict: FINAL

This run is certifiable end-to-end. The AI-assisted workflow is human-in-the-loop closed: required human review is attached and verified.

OPEN FLIGHT RECORDER ↗

Digital Incident Rollback

Workflow: DigitalOutcome: PROVISIONAL

The Scenario

During a production incident, an operator runs the rollback procedure with OpsProof as the system of record. The run captures triage context, the rollback decision, and the rollback execution—then attaches recovery proof: before/after checks, test summaries, and service snapshots. The technical work is complete and the evidence is sealed, but the organization’s final closure step hasn’t been signed yet—so the record is “complete, but not closed.”

The Verdict: PROVISIONAL

The operational proof is intact, but the run cannot upgrade to FINAL until required closure sign-offs and verification receipts are appended.

OPEN FLIGHT RECORDER ↗

Resilient Handoff

Workflow: ManualOutcome: FINAL

The Scenario

A field workflow moves across devices mid-run: it starts on Device A, jumps to Device B for an early checkpoint, then resumes back on Device A. OpsProof keeps it as one continuous record—not “two stories” stitched together later. The handoff is visible in the timeline, and a continuity artifact proves the transfer didn’t fork the run or drop evidence.

The Verdict: FINAL

The run finalizes with no missing requirements. The verifier may surface non-blocking warnings, but the record remains sealed and certifiable.

OPEN FLIGHT RECORDER ↗

Rogue Refund: Prompt Injection - Not Certifiable

Workflow: AutomatedOutcome: FAIL

The Scenario

An operator initiates a support/refund run, and the record captures the session context and refund intent. When the workflow reaches the refund-policy hard gate, it fails—so OpsProof seals the run as not certifiable. A downstream processor event is still captured for investigation, and remediation notes are recorded, but the run stays FAIL.

The Verdict: FAIL

A hard policy gate was violated. The record preserves the exact cause and marks the blocking requirement as unsatisfied—so it cannot be finalized.

OPEN FLIGHT RECORDER ↗

Bundle Library (Audit Binder)

Bundle Library is your triage view across many sealed Proof Bundles. Instead of opening runs one-by-one, it gives you a single table that answers, across a set of runs: what passed, what’s pending closure, and what failed — and why.

Each row summarizes one Proof Bundle with:

Outcome: FAIL, PROVISIONAL, or FINAL (plus UNVERIFIED when applicable)
Primary reason (the top driver of the outcome)
Closure status: whether closure sign-offs are complete or missing
A one-click link to open the run in Flight Recorder (opens in a new tab, so you don’t lose your place)

How to use

Filter by Outcome to isolate failures or review what’s ready to close.
Filter by Closure status → Missing closure sign-offs to find runs that are intact but not yet closed under policy.
Search by Library ID, bundle name, or reason text to find what you need fast.

Bundle Library is built for review workflows: triage at the portfolio level, then jump into a single run’s Flight Recorder when you need the full story (timeline, evidence, and sign-offs).

Open full page ↗

How to Read a Flight Recorder

A Flight Recorder is OpsProof’s human-readable view of a sealed Proof Bundle: a read-only record of a real run that you can review, share, and defend. It’s designed so you can answer the questions that matter in operational work—what happened, what evidence supports it, and who signed—without having to trust a system-of-record summary or dig through raw logs.

The key idea is simple: policy comes first. Every Flight Recorder is evaluated under a specific policy profile. That profile defines what must be true for a run to be certifiable: which requirements must be met, which evidence must be attached (and where), which approvals are required for closure, and which violations are hard stops. When you see an outcome, you are seeing that policy profile applied to the recorded timeline, attached evidence, and recorded decisions—not a narrative someone typed after the fact.

Read a Flight Recorder in this order:

Quick Read: Start here. It shows the outcome and the reason, then links you to the exact steps, evidence, and sign-offs that support it.
Steps: This is the timeline. It shows what happened, in order, and where decisions, deviations, and checkpoints occurred.
Evidence: Evidence is attached to steps. Use it to confirm the claims the run is making—documents, reports, logs, snapshots, photos, and other artifacts tied to specific moments in the procedure.
Sign-offs: Sign-offs record decisions: who acted, what they decided, and when they recorded it. Some sign-offs are approvals—the specific decisions that satisfy the policy profile’s closure requirements for FINAL. Others exist to document awareness or response (especially after a FAIL) and do not convert a failure into an approval.
Record details: This is where integrity, provenance, and verification context live—what was sealed, what was checked, and which policy profile was applied.

What the outcomes mean

FINAL: The proof is complete under the policy profile. Required evidence is present, and required closure approvals are present.
PROVISIONAL: The proof is intact, but closure isn’t complete under the policy profile. Integrity and gates have passed, but one or more required approvals (for example, a quorum threshold) are still missing.
FAIL: A hard policy rule was violated. The record is preserved for investigation and response, but closure approvals are blocked until the underlying issue is remediated and the work is re-run under policy.

Hardcore audit details

Most readers should stay in the Flight Recorder UI—this is the whole point. But when you need maximum defensibility (external audit, incident review, dispute resolution), the bundle also includes machine-verifiable artifacts and deeper audit structures that let tooling validate the record independently:

Offline verification artifacts (canonical files that tooling can validate without trusting the UI): the recorded timeline, the verifier’s report, and the bundle’s sealed manifest + signature metadata.
Claim DAG: a requirements graph that shows exactly which requirements were satisfied, what evidence supports each claim, and what sign-offs close which requirements—useful when you need a precise “why” behind FINAL, PROVISIONAL, or FAIL.
Verification context: policy profile identifiers, verifier versioning, ordering/time confidence signals, and trust material identifiers—so you can see *what was checked* and *under what trust assumptions*.

These details exist so the record can be verified and exchanged as a portable, tamper-evident artifact—while the Flight Recorder remains the document a human can actually read.

Start a 7-day pilot End-to-end experience