#!/bin/sh
# JYOTINT — one-command independent verification.
# 100% READ-ONLY and SAFE: it only downloads JYOTINT's PUBLIC files and recomputes
# SHA-256 hashes locally with a zero-dependency Node script. No secrets, no writes
# outside this folder, no network calls except fetching the public artifacts below.
# Requires: curl + node (v18+). Run it anywhere — an air-gapped box is fine after the fetch.
set -eu
BASE="https://jyotishintelligence.com"
echo "→ fetching public, CC-BY artifacts from $BASE ..."
curl -fsSL "$BASE/seal-manifest.json"      -o seal-manifest.json
curl -fsSL "$BASE/seal-manifest.json.ots"  -o seal-manifest.json.ots
curl -fsSL "$BASE/grading-ledger.json"     -o grading-ledger.json
curl -fsSL "$BASE/calibration.json"        -o calibration.json
curl -fsSL "$BASE/verify-jyotint.mjs"      -o verify-jyotint.mjs
echo "→ recomputing every seal hash + checking the Bitcoin (OpenTimestamps) anchor ..."
node verify-jyotint.mjs --manifest seal-manifest.json --ots seal-manifest.json.ots
echo ""
echo "Expected (report MATCH/MISMATCH):"
echo "  manifestHash = 8589328931f1f968927cbac643aa516b053165ae82c65b9c616115da8d9058fd"
echo "  78 sealed / 68 graded · 58 HIT / 4 MISS / 3 NEAR / 3 PARTIAL · Brier 0.0717"
echo "The verifier exits NON-ZERO on any drift. Draw your own conclusion."