In-application verification
When you open the Import Result tab or import an analysis in the Info tab, each result card displays a signature status indicator:
| Icon | Status | Meaning |
|---|---|---|
| Lock (green) | Valid | Signature verified successfully (including non-repudiation if present) |
| Shield-cross (red) | Tampered | File content has been modified after signing |
| Warning (orange) | Unknown Key | Signed with a key not recognized by this application |
| Warning (orange) | Non-Repudiation Invalid | Primary signature valid, but BYOK signature failed |
| Lock-open (grey) | Unsigned | Legacy file without a signature (generated before this feature) |
Exporting public keys for auditors
To share verification keys with auditors:
- In the application, click ? > Export log signing public keys
- Select a destination directory
- The embedded
mtc-*.pubfiles will be saved there
Share these files with your auditors so they can perform independent verification.