LLMO LLMO

Validator

Reference validator for llmo.json documents. Checks structural conformance and cryptographic signature verification against the v0.1 specification.

This page checks whether an llmo.json document is well-formed, follows the v0.1 specification, and carries a valid cryptographic signature from the publisher.

In plain English: when an organization publishes an llmo.json file, they’re making structured claims about themselves. Things like which domains they operate, which products are theirs, and which channels are official.

The validator confirms three things:

  • Shape. The file parses against the v0.1 JSON Schema.
  • Conformance. The claims follow the rules at §5.1 Minimal, §5.2 Standard, or §5.3 Strict.
  • Signature. If the document is signed, the signature matches the contents and was made with a key the publisher hosts at their own domain. If individual claims carry their own signatures, those are also verified, letting publishers cryptographically attest specific claims independently of the document-level signature (per §4.3).

That last check is what makes the protocol useful. A signed llmo.json proves the document hasn’t been tampered with since the publisher signed it, and proves it was the publisher who signed it.

It does not prove the publisher’s claims are true (see §4.6 What trust does not mean). The validator gives you cryptographic confirmation of authorship, not adjudication of accuracy.

The validator runs in your browser. The publisher’s public key file (JWKS) is fetched server-side via a Cloudflare Pages Function on llmo.org to bypass cross-origin restrictions; no document content is uploaded to llmo.org.

Browser support note: EdDSA (Ed25519) signature verification requires WebCrypto Ed25519 support, available in Chrome 113+, Firefox 130+, and Safari 17+. Older browsers can still validate ES256-signed and ES384-signed documents normally; EdDSA-signed documents on unsupporting browsers report “browser limitation” rather than a signature failure, since the document itself isn’t broken. If you hit that case, try a current browser or use the LLMO CLI for verification.

Input

Loading AJV from esm.sh...

Self-test: strict conformance test vector

Click Load strict test vector above to populate the textarea with the strict test vector from /spec/v0.1/test-vectors/signed-strict.json, then click Validate. Expected: an amber Strict (partial, paste mode) badge. Every document-internal Strict-tier check (X1 signature shape, X4 domain-ownership) passes; the two URL-mode-only checks (X2 JWKS retrievability, X3 Cache-Control) are skipped because paste mode cannot fetch the JWKS. Any lower tier is a regression.

The strict test vector is embedded in this page as a <script type="application/json"> block, inlined at build time from the spec source via Hugo's readFile. No paired-PR sync is required when the test vector changes upstream.

Current limitations and future work

  1. Cryptographic signature verification requires URL mode. Paste mode validates document shape, conformance rules, and signature presence, but cannot fetch the publisher's JWKS without a known serving domain. URL mode performs full verification (X5 for the document, X6 for any per-claim signatures) by routing the JWKS fetch through a Cloudflare Pages Function on llmo.org that bypasses cross-origin restrictions on the publisher's /.well-known/llmo-keys.json endpoint.
  2. URL mode requires the target domain to permit cross-origin requests on the document itself. The validator fetches /.well-known/llmo.json directly from the publisher's domain; if that endpoint blocks cross-origin requests, paste mode is the fallback. Note that JWKS retrievability (X2) is independent: the JWKS fetch is proxied server-side and does not require CORS on the JWKS endpoint.
  3. Cryptographic verification currently supports ES256 only. §4.2 of the spec permits ES256, ES384, and EdDSA; the structural check (X1) accepts all three, but the cryptographic checks (X5 and X6) only verify ES256 in v0.1.5. Documents signed with ES384 or EdDSA pass X1 but receive SKIP on X5 and X6 with reason unsupported_alg. Full algorithm support is planned for a forthcoming patch.