Cryptographic Proof of Hardware-Attested Reserves
Hardware-attested proof for real-world custody.
CPHAR turns sealed real-world inventory into verifiable digital evidence using cryptographic seals, hardware attestation, and privacy-preserving proof layers.
- Hardware-backed
- Tamper-evident
- Commodity-neutral
- ZK-compatible
- Audit-friendly

CPHAR /siːˈfɑːr/ - is a protocol pattern for proving claims about sealed physical reserves, regulated inventory, and real-world asset lots.
It connects a physical object or batch to a cryptographic seal. While the seal remains intact, it can produce verifiable evidence of continuity. If the seal is broken or tampered with, the device disables or destroys its signing capability.
The result is a stronger bridge between physical custody and digital verification.
What CPHAR does
CPHAR helps answer a hard real-world question:
Can a digital claim still be linked to the same sealed physical reserve?
A CPHAR-compatible system binds sealed physical lots to cryptographic identities, tracks their attestation status, and supports verifiable reserve claims across custody, audit, and reporting workflows.
It can be used for materials, pharmaceuticals, high-value inventory, regulated goods, sealed samples, warehouse lots, and other physical assets where integrity and reserve status matter.
What CPHAR can support
- Proof that sealed physical lots remain cryptographically responsive
- Evidence that a reserve claim is backed by currently attested units
- Tamper-aware custody and inventory workflows
- Privacy-preserving claims over sensitive reserve data
- Audit trails for inspection, sealing, transfer, breakage, and retirement
- Sector-neutral deployment across regulated and high-value physical assets
What CPHAR does not claim
CPHAR is evidence infrastructure.
It does not prove by itself:
- That an initial inspection was correct
- That a lab result was honest
- That legal ownership is uncontested, or
- That the sealed asset has a specific market value.
Instead, CPHAR makes the state of sealed reserves easier to verify, harder to fake, and safer to prove selectively.
How the attestation flow works
This sequence diagram illustrates the core attestation flow between a verifier, registry, cryptographic seal, and optional auditor. The verifier can be a regulator, customer, counterparty, or auditor who wants to check the status of a reserve claim. The registry manages seal provisioning, lot registration, and reserve claims. The cryptographic seal is attached to the physical reserve and can respond to challenges. The auditor can optionally provide additional evidence about inspections, custody, or breakage.
sequenceDiagram
participant V as Verifier
participant R as Registry
participant S as Cryptographic Seal
participant A as Auditor
V ->> R: Request active reserve claim
R ->> V: Seal public keys + lot commitments
V ->> S: Random challenge
S ->> V: Signature over challenge
V ->> R: Check status and revocation
A ->> V: Optional audit evidence
V ->> V: Verify reserve claim
Example: fertilizer reserve lots
A nitrogen-fertilizer reserve operator can attach a CPHAR-compatible seal to each storage container after an inspector confirms quantity and grade. A verifier — a regulator, customer, or counterparty — can later challenge each seal and prove that the registered lots are still cryptographically responsive. A zero-knowledge proof can then attest that the total registered reserves exceed a threshold without revealing individual lot identifiers.
See the fertilizer example for the full scenario, actors, and failure cases.
Protocol layers
CPHAR separates the physical world from the proof layer.
- Physical inspection establishes the initial fact.
- Cryptographic sealing preserves evidence of continuity.
- Hardware attestation proves the seal is still alive.
- Reserve accounting maps live seals to digital claims.
- Zero-knowledge proofs can hide sensitive details while proving selected statements.
Threat model
CPHAR pages document what each mechanism proves under defined assumptions, what it does not prove, what can go wrong, and how it is verified. Read the threat model before relying on CPHAR for any production system.
Reference architecture
The reference architecture describes the seal device, registry, verifier, oracle layer, and audit interface, plus the trust boundaries between them.
FAQ
The FAQ collects common questions about what CPHAR is, what it is not, and how it compares to other reserve-proof approaches.