The Vera Trust Model
Trust Model
Vera never decides whether you're trustworthy. It keeps an honest, inspectable record of what actually ran while you played, so trust is something you can show, not something anyone has to argue about.
Vera doesn't judge your gameplay, score you, or call anyone a cheater.
It records what was actually running on your system while you played, and makes that record open for anyone to inspect.
So the day your legitimacy is questioned, the facts are already there, exactly as they were.
The asymmetry we exist to fix
An accusation is cheap. Demonstrating you didn't is expensive, public, and after the fact. The cost is in the order of operations, not the content; it favors whoever speaks first.
Vera changes the order. The record exists before anyone thinks to ask, gathered while you played, with nothing to spin after the fact. When a question comes, you don't argue. You point to what was already there.
That is the whole model. Get the record there first, and the rest is just looking it up.
Evidence, never a verdict
Vera surfaces facts. It does not decide what they mean. A thing being present is not proof it was used for harm, and good is not a crime. Plenty of honest software looks exactly like the thing someone is afraid of.
So when Vera finds something, it shows it as neutral evidence with its context attached, the way an honest record should, and leaves the judgment to the people who have the context to make it.
Neutrality here is not timidity. It is the entire point. The moment a record starts accusing, it stops being a record.
From observation to open record
Every piece of evidence on a Vera profile follows the same path, in the open. Nothing is hidden, nothing is invented, and every finding traces back to the raw observation it came from.
- CollectThe agent observes what's running, processes, drivers, system posture, while you play. It watches; it never interferes.
- DetectReal play is recognized by matching activity against an open set of rules, so a record is anchored to an actual session.
- AnalyzeEvidence is checked against the current trust model. Every raw data point is kept, so nothing is lost behind a conclusion.
- PublishThe result lands on your public profile, fully inspectable, every finding linked back to the evidence beneath it.
Two kinds of evidence, never blurred
Observed
Captured directly from your system during a verified session. The foundation: raw fact, not interpretation. What actually happened, before anyone reads anything into it.
- Process names, paths, and publishers
- Kernel driver inventory and signatures
- Secure Boot, HVCI, and testsigning posture
Correlated
What you get when curated rules are applied to the observed facts. Useful, but one step removed, so its confidence is only ever as good as the rules and the catalog behind it. Vera always shows you which is which.
- Known-risk driver matches
- Session detection via catalog rules
- Finding severity tied to a specific threat-model version
What Vera Can't Prove
Every honest record names what it cannot see. Here is where ours stops.
- Vera can't prove the absence of cheating. It shows what was observed, and silence is no more innocence than presence is guilt.
- Vera can't see everything. Every way of observing has limits, and we would rather name ours than pretend they aren't there.
- Vera can't hand down verdicts. It presents evidence for people to weigh. That line is deliberate, and we will not cross it.
- Vera can't replace judgment or context. A record is the start of a fair conversation, never the end of one.
How to Read a Vera Profile
- 1Read it in context. A single session is a snapshot, not a sentence.
- 2Look across time. Patterns over many sessions say more than any one moment.
- 3Take the whole picture together: processes, drivers, and integrity posture, not one line in isolation.
- 4Remember there's a real person on the other end, brave enough to show their work. Treat the evidence as the start of a fair conversation, not ammunition.
