Third-Party Verification Guide — A Movable-Asset Digital Ledger Anyone Can Verify
This page is a guide to verifying, on your own and without trusting AURAM, the ownership and authenticity of the gold ingot recorded in this PoC. Verification has two layers.
- Public (anyone): Using only the public records on Snowtrace, you can trace the ownership and possession-transfer history and the status (no account needed; an internet connection and a SHA-256 tool are enough).
- Permissioned (industry participants): Using the original photo and serial number from the permissioned registry, compute the identification hash (identificationHash) from the 5 elements (manufacturer, serial number, weight stamp, purity stamp, photo hash (photoHash)) and check it against the on-chain value to confirm the authenticity of the physical item (specially disclosed for hands-on experience in this PoC).
The concrete steps are as follows.
Note: The gold ingot used in this PoC is a demonstration sample. The manufacturer name, serial number, and original photo are all samples and do not represent any real product.
Verification steps (permissioned: for industry participants)
Obtain the 5 elements and the original photo from the permissioned registry
An industry participant obtains, from the permissioned registry, the serial number of the target NFT and an original photo in which the serial number is visible. This makes it possible to verify whether a bar brought into a shop corresponds to the genuine NFT #1, both by visual comparison with the physical item and by cryptographic verification.
Compute the SHA-256 of the original photo
The input for computing the photo hash (photoHash) is the original photo downloaded in Step 1(the side on which the serial number is visible). Compute SHA-256 locally over the entire binary of the original photo and check whether it matches the on-chain photo hash (photoHash). This cryptographically proves that the original photo is the legitimate one registered by AURAM.
Compute SHA-256 over the entire binary of the downloaded original photo:
Get-FileHash -Algorithm SHA256 photo.jpgshasum -a 256 photo.jpg✅ If it is an exact match with the value above, the photo has not been tampered with.
Check the ownership-transfer history
On the NFT page on Snowtrace, you can check the ownership-transfer history for this NFT (ERC-721 Transfer events).
* Under Article 184 of the Japanese Civil Code, consent = transfer of ownership (Transfer event) is shown in this Transfers tab. instruction = setStatus (Instructing)is a state-change event rather than a Transfer, so it can be checked in the contract's "Events" tab, or on the public timeline of the Ownership & Collateral Record page (confirming the possession agent is out of scope and off-chain, so it does not appear on Snowtrace).
Query the on-chain values directly
Pass the 5 elements (manufacturer, serial number, weight stamp, purity stamp, photo hash (photoHash)) toverifyIdentification(tokenId, ...)and verify against the on-chain identification hash (identificationHash). It is a view function, so no gas and no signature are required.
Access the public RPC of Avalanche Fuji testnet directly from your browser and call the view function. It does not go through AURAM's servers.
Method B: enter the values manually in Snowtrace's Read Contract tab
Since Snowtrace has no URL spec for prefilling view-function inputs, open the relevant function below (verifyIdentification or assets) and copy each value to paste it into the input fields.
Use in-page search (Ctrl+F) for "verifyIdentification" or "assets" to jump to the relevant row.
(bool matched, uint8 currentStatus) — if matched is true, the 5 elements exactly match those registered on-chain.How tamper detection works (demonstration)
If someone alters the photo or swaps in a photo of a different bar, the SHA-256 hash will inevitably no longer match.
Example: if you callverifyIdentificationwith a value where the last character of the photo hash (photoHash) above has been changed, the return value becomes [false, ...]. This is a mechanism that lets a third party detect such a violation instantly.
The basis of trust
Future vision — the permissioned registry
In production, the authoritative data for the 5 elements is stored in a permissioned registry (consortium type) for industry participants. Serial numbers are not disclosed publicly because of theft and forgery risk, and the registry state is periodically committed to the public chain to guarantee tamper-proofness. We envision AURAM developing this as a PoC and then transferring it to, for example, an industry-operated consortium.