Trust Center
The Trust Center is the place in the console where the platform's cryptographic material is shown, not asserted. Every value is read live from the running system each time you open it, fingerprints are recomputed on the server, and it exposes public material only — key identifiers, fingerprints, thresholds and expiry. No private key is ever shown, here or over the API.
You will find it in the console under Trust. It requires the evidence-read permission.
Update trust
The first panel lays out the update-signing roles and their custody:
- root and targets are marked offline · air-gapped — their keys are produced in a ceremony and never touch the backend.
- snapshot, timestamp and the delegated publisher are marked online.
For each role you see its key identifiers, key type, signature threshold, current version and expiry. This is the property that contains a supply-chain compromise, made directly inspectable: you can see for yourself which keys are offline.
Device identity
The second panel shows the certificate authority that signs device identities, as a chain of certificates. Each node shows its subject, issuer, serial number, SHA-256 fingerprint, validity window, key algorithm, and whether it is a certificate authority — with the computed expiry status so an approaching renewal is visible, not a surprise.
More to come
The Trust Center is built to grow. Planned panels include per-device attestation and secure-boot state where the hardware supports it, artifact provenance (signature, software bill of materials and vulnerability posture in one view), and the hash-chained audit log as a first-class, verifiable object. Each panel ships only once the capability behind it is real — for example, the attestation panel arrives with hardware-backed key support, not before.