Skip to content

Certificate

Export a shareable snapshot of the workbook’s proof state — what was bound, what was signed, the coverage, and the ledger’s integrity verdict — as JSON, a branded Excel workbook, or PDF.

What it does

Builds a certificate from the current proof ledger and exports it. The certificate captures identity metadata, the ledger anchor (head hash, record count, first/last timestamps), the chain verdict (intact / tampered), coverage including percentages, and the lists of bound inputs, bound vectors, signed cells, and signed blocks. Issuing a certificate also appends a CertificateIssued record to the ledger, which is the tamper-evident audit trail (the exported file is a copy).

Export formats

  • JSON — for auditors and tooling.
  • Excel workbook — a branded multi-sheet summary (dashboard, bindings, vectors, signatures, signed blocks).
  • PDF — a printable bundle of those sheets.

Steps

  1. With proof records present in the workbook, ModelXcel Pro → Proof → Certificate.
  2. Optionally enter who it’s issued to and a purpose.
  3. Choose a format and save location.

The Certificate is self-hashed, not signed

The certificate carries a SHA-256 self-hash: serialize the canonical JSON with the hash field cleared, hash it, and store the digest. Editing an exported certificate changes its self-hash and fails the built-in check. But this is not an Ed25519 (or any public-key) signature, and the Certificate file is not externally verifiable — anyone can regenerate a self-hashed certificate. For an externally verifiable, signed artifact, use Replay Proof, which produces a .mxreplay.signed Ed25519 envelope.

What it proves

It attests the ledger state at a point in time: which inputs were bound (with SHA-256 snapshots), which cells were signed, the coverage, and that the chain was intact. It does not prove that formulas, assumptions, or outputs are correct, that source data is accurate, or anything about model design. See What proof proves — and what it doesn’t.