Sovereign installer + reproducibility receipts

One-line install

Pinned to a content-addressed release. The installer script is fetched, hash-checked against the pin below, and only then executed. No curl | sh trust.

REL=v0.1.0
SHA=def537f597ef116bc682b6271acc8e9103ecd825000505b1beb72e9ace6f339f
curl -fsSL -o sf-install.sh https://frontier.example.org/install/${'$'}{REL}/sf-install.sh
echo "${'$'}{SHA}  sf-install.sh" | sha256sum -c -
sh sf-install.sh
sf --version

All releases also ship as a single tarball signed with the substrate publisher key. Use sf verify-release ./sf-${'$'}{REL}.tar.gz for an offline integrity check.

Bring up a sovereign mirror

One-process binary, embedded transparency log, zero external services. Re-anchors against the upstream substrate every 30s and writes its own checkpoint to the local rekor instance.

sf mirror init --data-dir ./sf-data --upstream https://frontier.example.org
sf mirror serve --bind 127.0.0.1:8080
# in another shell:
sf mirror status
sf mirror checkpoint --emit-rekor

Reproducibility receipts

Every Hardened or Sealed artifact carries at least one build-repro attestation. Replay it locally; the receipt embeds the exact toolchain hash, source tree commit and dataset hash so the bytes must match.

sf repro replay models/mayo-jhu/meridian-med-13b-v2 --jobs 16
# fetches the build attestation, the source tree, the toolchain
# image (also content-addressed), and rebuilds. Exit 0 only when the
# resulting weight hash matches the AIEM content_hash.

If you don't have the hardware to rebuild a 70B-parameter model, you can still verify the signature chain on the receipt itself with sf verify --receipt in milliseconds.

Air-gapped install

Take the latest release bundle, the substrate snapshot, and the trust root to a clean host. Nothing leaves the trusted network.

sf airgap import --release ./sf-v0.1.0.tar.gz --trust-root ./trust-root.tar.gz
sf airgap verify --substrate ./frontier.json --checkpoint ./checkpoint.rekor
sf serve --offline --bind 127.0.0.1:8080

Backend health