Skip to content

cloud verify

NAME

phyware cloud verify — verify the hash-chain integrity of a PhyCloud dataset.

SYNOPSIS

phyware cloud verify [OPTIONS]

DESCRIPTION

Fetches the event hash-chain from PhyCloud and cryptographically verifies that every block is correctly linked to the previous one. Reports the first broken link (if any) and exits with code 0 on success, 1 on failure.

Useful in compliance workflows to produce tamper-evidence attestations.

OPTIONS

Flag Type Required Default Env
--url string No http://localhost:8000 PHYCLOUD_URL
--api-key string No PHYCLOUD_API_KEY
--output enum No table

| --tenant-id | string | No | (active tenant) | — | | --from | string | No | — | — | | --to | string | No | — | — |

ARGUMENTS

None.

INPUT

None.

OUTPUT

Table (default) or JSON with fields:

Field Type Description
status string ok or broken
checked integer Number of blocks verified
first_bad string ID of first broken block, or null

EXIT CODES

Code Meaning
0 Success
1 Generic / connection error
2 Authentication / authorisation error
3 Resource not found
4 Validation error
5 Server-side error

EXAMPLES

# Basic verify (uses env vars)
phyware cloud verify

# Verify a specific tenant
phyware cloud verify --tenant-id ten_abc123

# Verify with JSON output
phyware cloud verify --output json

# Verify a date range
phyware cloud verify --from 2024-01-01 --to 2024-01-31

# Verify against a custom PhyCloud instance
phyware cloud verify --url https://cloud.phyware.io --api-key phk_live_...

AGENT NOTES

Use this command to produce tamper-evidence attestations before generating compliance reports. Always pass --output json for machine consumption. Requires read:events scope. If exit code is 1 and first_bad is non-null, the hash chain is broken — escalate to an administrator.

SEE ALSO

ERRORS

Code Message Remediation
NOT_FOUND Tenant not found Check --tenant-id
UNAUTHORIZED Invalid or missing API key Run phyware auth login
SERVER_ERROR Upstream service error Retry; check service health