CanVerify

Elevator Pitch

A tamper-evident, cryptographic supply chain network that automates and mathematically proves "Made in Canada" and "Product of Canada" compliance for the defense and drone sectors.

Inspiration: The Vulnerability in Sovereign Procurement

With the introduction of the new Buy Canadian Policy, ensuring sovereign supply chains for the Canadian Armed Forces has never been more critical. The directive is clear: defense and security procurements must prioritize domestic manufacturing.

However, translating this policy into reality exposes a massive vulnerability: how do we actually prove where a product comes from?

In today’s globalized manufacturing networks, particularly in complex sectors like drone manufacturing, a single Unmanned Aerial Vehicle (UAV) contains thousands of parts sourced from dozens of Tier-2 and Tier-3 suppliers. Currently, procurement officers rely on self-reported, paper-based compliance. Once a component changes hands a few times, origin records are easily obfuscated, misreported, or outright altered. Relying on "blind trust" to verify if a drone is truly "Made in Canada" is no longer sufficient for national security.

What it does

CanVerify is a tamper-evident, cryptographic supply chain network that automates and mathematically proves domestic compliance for defense procurement. Instead of relying on easily forged paper trails, our platform establishes verifiable provenance at the source.

• Cryptographic Attestations: Each supplier generates a digital attestation bound to their verified identity, recording the costs, labor, and location of the work performed on a specific component.
• Tamper-Evident Chain of Custody: When a Tier-1 integrator builds a drone motor, the digital record for that motor permanently embeds the unalterable hashes of the Tier-2 copper and magnets inside it.
• Automated Verification Dashboard: CanVerify recursively calculates the exact percentage of Canadian value across the entire deep-tier supply chain and outputs a simple Pass/Fail compliance readout for procurement officers.

How we built it

• Cryptographic Layer: We built an attestation engine where every supplier signs their supply chain contributions using verified digital identities.
• Data Structure: We structured the supply chain as a directed acyclic graph (DAG), where every new component integrated into a drone includes the cryptographic hashes of its sub-components.
• Integrity Checks: We implemented backend validation to detect tampering, forgery, or replay attacks. If any historical cost or location data is altered, the cryptographic chain breaks.
• Frontend Interface: We created a dashboard designed specifically for government buyers that abstracts the complex cryptography into intuitive procurement answers.

Challenges we ran into

• Complex Multi-Tier Computation: Recursively calculating the Canadian content percentage across a deep, layered supplier network without double-counting costs or breaking the mathematical chain.
• Privacy vs. Verification: Balancing the need for the Canadian Armed Forces to verify total domestic cost against the reality that lower-tier suppliers want to keep their specific margins and proprietary material costs private from competitors.

Accomplishments that we're proud of

• Successfully mapping the rigid, real-world legal definitions of "Made in Canada" and "Product of Canada" into programmable, automated logic.
• Building an unbroken chain of custody that instantly computes Canadian content percentage from the bottom of the supply chain to the finished drone.
• Abstracting complex cryptography into a UI that requires zero technical background for a procurement officer to use.

What we learned

We gained deep insights into Canada's legal framework for sovereign procurement and the specific vulnerabilities inherent in traditional, self-reported supply chain auditing. We also learned how to apply cryptographic signature structures to real-world defense compliance and physical hardware manufacturing.

What's next for CanVerify

• Zero-Knowledge Proofs (ZKPs): Allowing suppliers to mathematically prove their Canadian content percentage without revealing the exact dollar amounts of their raw materials and labor to upstream integrators.
• Hardware-to-Software Binding: Tying physical drone components directly to their digital attestations using secure NFC tags or Physically Unclonable Functions (PUFs) to prevent hardware swapping.
• Pilot Integration: Testing the prototype with real Canadian drone manufacturers to refine the onboarding and attestation experience for Tier-2 and Tier-3 suppliers.

Built With

• cryptography
• react
• typescript