QR-V™ • QVS-1 Standard • Registry-Based Verification

QR-V Verification Standard (QVS-1)

QVS-1 defines the rules, structure, and validation requirements for registry-based QR verification within the QR-V™ network.

Standard Overview

The QR-V Verification Standard (QVS-1) establishes a deterministic framework for validating QR-linked records through a registry-backed system.

The standard defines:

verification flow requirements
registry dependency rules
issuer validation conditions
hash integrity requirements
timestamp validation rules
verification response structure

QVS-1 ensures that QR verification is not dependent on visual codes or webpage content, but on authoritative registry records.

Core Principle

Verification must resolve to a registry-backed record and produce a deterministic result.

Verification Model

All QR-V verification follows a defined sequence:

Identifier → Resolver → Registry → Validation → Response

Each step must be executed in accordance with QVS-1 requirements.

Mandatory Requirements

Registry-backed record required
Unique identifier per record
Issuer must be associated with record
Verification must not rely on external webpage content
Status must be retrievable (active, revoked, expired)

Validation Requirements

Hash integrity must be verifiable
Timestamp must be present and valid
Record must resolve through registry
Verification result must be deterministic
Response must include issuer reference

Registry Authority Rule

The registry is the authoritative source of truth.

All verification outcomes must be derived from registry data. QR codes, webpages, or client-side logic must not be treated as authoritative sources.

Hash Verification Model

QVS-1 requires that records support integrity validation through a cryptographic hash.

The hash ensures that:

record data has not been altered
verification is tamper-evident
validation can be independently confirmed

Hash validation must occur during the verification process.

Timestamp Rules

Each record must include a timestamp indicating creation or issuance.

Timestamp validation ensures:

chronological integrity
expiration or validity windows
audit traceability

Verification systems must evaluate timestamp validity as part of the result.

Verification Response Structure

A valid QR-V verification response must include:

verification status (verified, invalid, revoked, expired)
issuer identity
record type
timestamp
optional metadata

The response must be structured, machine-readable, and consistent across implementations.

Compliance Requirements

Systems claiming compatibility with QR-V must implement QVS-1 verification rules.

No verification without registry resolution
No trust based solely on QR code or URL
No omission of issuer or status data

Summary

QVS-1 establishes QR verification as a structured, registry-dependent process.

This standard ensures that:

verification is deterministic
records are authoritative
issuer identity is enforced
integrity is provable
results are consistent across the network

QR-V™ does not treat QR codes as sources of truth.
It treats them as references to verifiable records.

Explore the QR-V Network

Verify a QR-V Code

View Registry Explorer

Developer Documentation

Developer Specification (QVS-1 Implementation Layer)

This section defines the technical implementation requirements for systems integrating with the QR-V™ Verification Standard (QVS-1).

Implementations must follow a deterministic verification flow and return structured, machine-readable results.

Verification Flow Contract

Required execution sequence:

Identifier → Resolver → Registry → Validation → Response

Each stage must be executed sequentially. Skipping stages or substituting external data sources violates QVS-1 compliance.

Verification API Structure

A compliant verification endpoint must accept an identifier and return a structured response.

Example Endpoint:

GET /v1/verify/{identifier}

Example Response:

{
  "status": "verified",
  "record_type": "certificate",
  "issuer": {
    "id": "issuer_123",
    "name": "Authority Name"
  },
  "timestamp": "2026-03-19T14:32:00Z",
  "hash_valid": true,
  "revoked": false,
  "metadata": {
    "title": "Certification Name"
  }
}

Required Response Fields

status
issuer
timestamp
hash validation result
record type

Optional Fields

metadata
expiration date
revocation reason
external references

Validation Logic (Reference Implementation)

function verify(identifier):

  record = registry.lookup(identifier)

  if record == null:
      return "invalid"

  if record.status == "revoked":
      return "revoked"

  if current_time > record.expiry:
      return "expired"

  if hash(record.data) != record.hash:
      return "invalid"

  return "verified"

Compliance & Conformance (QVS-1)

QVS-1 defines compliance as adherence to registry-based verification, deterministic validation, and structured response output.

Systems may be evaluated against defined conformance levels.

Level 1

Basic Compliance

Registry lookup
Status return
Identifier resolution

Level 2

Standard Compliance

Hash validation
Timestamp validation
Issuer verification

Level 3

Full Compliance

Full validation engine
Audit logging
Deterministic response output

Non-Compliance Conditions

Verification based solely on QR redirect
No registry dependency
Missing issuer data
No hash or timestamp validation
Non-deterministic results

Audit & Verification Integrity

Compliant systems should maintain audit records for:

verification requests
registry lookups
validation results
timestamp checks

Audit logs support traceability, compliance review, and dispute resolution.

Conformance Declaration

Systems may declare QVS-1 compliance only if all required validation steps are implemented and verification results are derived exclusively from registry-backed data.