Paste an R+2 receipt and its agent public key. The Ed25519 signature check, the RFC 8785 canonical form, the content ID — all of it runs in your browser using the Web Crypto API. Nothing is sent to DCS. Authentic and unmodified → you'll see it. Altered by a single byte → you'll see that too.
This page uses the browser's native crypto.subtle Ed25519 verification — no DCS code runs in the signature path, and the receipt never leaves your machine. Prefer a CLI or library? dcslabs-r2-verify on npm, or any of the reference verifiers (JS, Go, Rust, Java, C#, Swift) at github.com/DCS-LabsAI/r2-standard.