Every claim the desk publishes is fingerprinted.

The desk's value is its audit trail: each claim carries an evidence chain of tiered source observations and a state history of every verdict move. That trail lives in a store the desk controls, so an honest desk and a dishonest one look the same until you can check. The register root lets you check. It is a content hash of the published register, so a digest archived or signed today cannot match a register whose history was edited tomorrow. The desk publishes the root rather than asking for trust.

1. Fetch the public register at /api/dashboard/claims, or take the self-contained corpus at /register.json, which carries the same claims with each one's digest and the root already beside it.
2. For each claim, keep the audit-bearing fields (id, title, short, verdict, score, band, confirm and kill conditions, related claims, the evidence chain, and the state history of at, to, and note). Drop the bookkeeping timestamps. Serialize with object keys sorted.
3. Take the sha256 of each claim's canonical JSON, sort the claims by id, then take the sha256 of the newline-joined "id:digest" lines.
4. Compare your result to the register root above. A match confirms the published register is exactly what the desk recorded. A mismatch on a single claim is pinpointed by the per-claim digests in /provenance.json.

The digest fingerprints the semantic audit state, so a re-review that only advances the last-reviewed timestamp leaves the root unchanged, while a change to any verdict, score, evidence row, condition, or state-history entry moves it. The digest spans every claim the public endpoint returns, including the worked-example claim, so your recomputation and the desk's agree on the same set.The reader-facing counts elsewhere on the desk, like the home page and the track record, report the 51 tracked claims and leave the worked example out, so the tracked total reads 51 where the digest counts 52 entries. Operator identity and the signing key live at /about; the verdict ladder and source tiers are at /methodology. The root is one of several ways to check the desk; the rest, from tracing a claim to its source to confirming the operator, are collected at /verify.

The digest above is the fingerprint. The register it fingerprints, the exact fields the root is computed over, is published in full at /register.json: every claim's audit-bearing state beside its own digest and the shared root, so the root reproduces from that one file without a second request. The same record flattened to one row per claim, for a spreadsheet, is at /register.csv.