What a certificate represents
A certificate confirms that the registry reviewed submitted evidence for the stated trail completion at the displayed verification level. It records recipient display, trail, dates, issue date, issuer, certificate ID, signed metadata, and PDF fingerprint.
Verification levels
Evidence Reviewed, GPS Evidence Reviewed, Photo + GPS Reviewed, Partner Confirmed, and Authority Confirmed describe what supported the decision. Partner and Authority wording is used only through an approved workflow.
ID, QR, and fingerprint
Certificate IDs follow `VHR-{TRAILCODE}-{YEAR}-{SHORTID}`. The QR resolves to `/v/{certificateId}`. The PDF is hashed with SHA-256; a short fingerprint appears on the certificate and the full value supports integrity checks.
Signed metadata and immutable snapshots
Certificate-critical metadata is canonicalised and signed with a registry key. This is a registry integrity control, not a qualified electronic signature for unrelated transactions. An issued snapshot is not silently rewritten.
Correction, revocation, and reissue
Administrative errors may be corrected before issue. After issue, a material correction normally creates a reissued certificate linked to the historical record. Revoked and superseded states remain visible so a copied PDF cannot conceal live status.
Privacy and PDF access
Recipient and certificate privacy modes are selected from supported options. Raw evidence never appears publicly. Public PDF download is controlled separately and can remain owner-only even when metadata is visible.
What it does not certify
A certificate does not certify safety, current trail conditions, permits, visa status, race result, medical fitness, legal identity, academic achievement, employment qualification, or official trail-authority recognition unless explicitly marked through an approved workflow.