lastgen 1.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Papuna Gagnidze
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,136 @@
+<div align="center">
+
+# lastgen
+
+Check if you started coding before or after AI agents.
+
+[![License: MIT](https://img.shields.io/badge/license-MIT-blue)](LICENSE)
+[![Node](https://img.shields.io/badge/node-%E2%89%A522.18.0-green)](https://nodejs.org)
+[![Zero Dependencies](https://img.shields.io/badge/dependencies-0-brightgreen)]()
+
+</div>
+
+Claude Code shipped publicly on **February 21, 2025**. If your earliest verifiable commit is before that date, you get classified as **Last Gen**. If it's after, **AI Native**.
+
+> [!IMPORTANT]
+> This is a novelty tool for fun. It is not a measure of skill or credibility.
+
+## Installation
+
+```bash
+npx lastgen <username>
+```
+
+> [!TIP]
+> Requires Node.js 22.18.0+ (uses native TypeScript execution). No build step needed.
+
+For authenticated requests (5,000 req/hour instead of 60):
+
+```bash
+export GITHUB_TOKEN=ghp_your_token_here
+npx lastgen <username>
+```
+
+## Usage
+
+```bash
+# Classify a GitHub user
+npx lastgen torvalds
+
+# Save certificate to file
+npx lastgen --json torvalds > proof.json
+
+# Verify a saved certificate
+npx lastgen verify proof.json
+
+# Get a README badge
+npx lastgen --badge torvalds
+
+# JSON output
+npx lastgen --json torvalds
+```
+
+### Options
+
+```
+--token <token>       GitHub personal access token
+--json                Output as JSON
+--badge               Output as README badge markdown
+--no-color            Disable colors
+-h, --help            Show help
+-v, --version         Show version
+```
+
+### Environment
+
+```
+GITHUB_TOKEN          GitHub token (alternative to --token)
+NO_COLOR              Disable colors (any value)
+```
+
+## Certificate
+
+Running `lastgen <username>` generates a certificate like this:
+
+```
++----------------------------------------------------+
+|                LASTGEN CERTIFICATE                 |
++----------------------------------------------------+
+| Certificate  LGC-3476-525342                       |
+| Issued       2026-02-19                            |
+|                                                    |
+| Developer    torvalds (Linus Torvalds)             |
+| Era          Last Generation Coder                 |
+|              Wrote code before AI agents shipped   |
+|                                                    |
+| Proof Commit torvalds/linux                        |
+|              319fc77 Merge tag 'bpf-fixes' of git: |
+|              //git.kernel.org/pub/scm/linux/kernel |
+|              /git/bpf/bpf                          |
+| Commit Date  2025-02-21                            |
+|                                                    |
+| Hash         sha256:347605d01e5e38124b829c59efc116 |
+|              6bbf97f888429ff65a3cb0d567e3440b61    |
++----------------------------------------------------+
+```
+
+Certificates are deterministic - same username always produces the same hash and certificate number.
+
+## README Badge
+
+```bash
+npx lastgen --badge <username>
+```
+
+Outputs shields.io markdown you can paste into your README:
+
+[![Last Gen Coder](https://img.shields.io/badge/lastgen-Last%20Gen-blue?style=for-the-badge)](https://github.com/pgagnidze/lastgen)
+
+## Verification
+
+Saved certificates can be verified against the live GitHub API:
+
+```bash
+npx lastgen verify proof.json
+```
+
+Checks include:
+
+| Check                  | What it does                                              |
+| ---------------------- | --------------------------------------------------------- |
+| **Hash integrity**     | Recomputes SHA-256 hash to detect tampering               |
+| **Era classification** | Confirms era matches the proof date                       |
+| **Identity**           | 3-way match: author login, committer login, noreply email |
+| **Repo ownership**     | Reports whether commit is in a self-owned or third-party repo |
+| **GitHub ID**          | Matches commit author ID against certificate              |
+| **Commit date**        | Fetches the commit from GitHub and compares dates         |
+| **Date consistency**   | Detects forged author dates via author/committer drift    |
+
+## License
+
+[MIT](LICENSE)
+
+---
+
+> [!NOTE]
+> This project was built with assistance from LLMs. Human review and guidance provided throughout.

package/package.json

@@ -0,0 +1,53 @@
+{
+  "name": "lastgen",
+  "version": "1.0.0",
+  "description": "Check if you started coding before or after AI agents",
+  "type": "module",
+  "bin": {
+    "lastgen": "./src/index.ts"
+  },
+  "engines": {
+    "node": ">=22.18.0"
+  },
+  "files": [
+    "src",
+    "README.md"
+  ],
+  "scripts": {
+    "typecheck": "tsc --noEmit",
+    "lint": "eslint src/",
+    "lint:fix": "eslint src/ --fix",
+    "format": "prettier --write src/",
+    "format:check": "prettier --check src/",
+    "test": "node --test src/**/*.test.ts",
+    "start": "node src/index.ts"
+  },
+  "keywords": [
+    "developer",
+    "credential",
+    "github",
+    "proof",
+    "ai",
+    "coder",
+    "cli"
+  ],
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/pgagnidze/lastgen"
+  },
+  "devDependencies": {
+    "@eslint/js": "^10.0.1",
+    "@semantic-release/changelog": "^6.0.3",
+    "@semantic-release/git": "^10.0.1",
+    "@types/node": "^25.3.0",
+    "@typescript-eslint/eslint-plugin": "^8.56.0",
+    "@typescript-eslint/parser": "^8.56.0",
+    "eslint": "^10.0.0",
+    "eslint-config-prettier": "^10.1.8",
+    "eslint-plugin-prettier": "^5.5.5",
+    "prettier": "^3.8.1",
+    "semantic-release": "^25.0.3",
+    "typescript": "^5.8.0"
+  }
+}

package/src/cli.ts

@@ -0,0 +1,166 @@
+/**
+ * @fileoverview CLI argument parsing and command routing using built-in parseArgs.
+ */
+
+import { parseArgs } from 'node:util';
+import { readFileSync } from 'node:fs';
+import { dirname, join } from 'node:path';
+import { fileURLToPath } from 'node:url';
+
+import { fetchFirstCommit, fetchUser } from './github.ts';
+import { createCertificate } from './proof.ts';
+import { displayBadgeMarkdown, displayCertificate, displayJson, error, info } from './display.ts';
+import { verifyCertificate } from './verify.ts';
+
+function getVersion(): string {
+  try {
+    const __filename = fileURLToPath(import.meta.url);
+    const __dirname = dirname(__filename);
+    const packagePath = join(__dirname, '..', 'package.json');
+    const pkg = JSON.parse(readFileSync(packagePath, 'utf-8'));
+    return pkg.version ?? 'unknown';
+  } catch {
+    return 'unknown';
+  }
+}
+
+const HELP_BRIEF = `
+    _            _
+   | | __ _ ___ | |_  __ _  ___ _ __
+   | |/ _\` / __|| __/ _\` |/ _ \\ '_ \\
+   | | (_| \\__ \\| || (_| |  __/ | | |
+   |_|\\__,_|___/ \\__\\__, |\\___|_| |_|
+                     |___/
+  Check if you started coding before or after AI agents.
+
+  Usage:
+    lastgen <username>                Classify a GitHub user
+    lastgen verify <file.json>        Verify a saved certificate
+
+  Options:
+    --token <token>       GitHub personal access token
+    --json                Output as JSON
+    --badge               Output as README badge markdown
+    --no-color            Disable colors
+    -h, --help            Show this help
+    -v, --version         Show version
+
+  Environment:
+    GITHUB_TOKEN          GitHub token (alternative to --token)
+    NO_COLOR              Disable colors (any value)
+
+  Examples:
+    npx lastgen torvalds
+    npx lastgen --json torvalds > proof.json
+    npx lastgen verify proof.json
+    npx lastgen --badge torvalds
+`;
+
+interface CliOptions {
+  command: string;
+  target: string;
+  token?: string;
+  json: boolean;
+  badge: boolean;
+  help: boolean;
+  version: boolean;
+}
+
+export function parseCli(argv: string[]): CliOptions {
+  const { values, positionals } = parseArgs({
+    args: argv,
+    options: {
+      token: { type: 'string' },
+      json: { type: 'boolean', default: false },
+      badge: { type: 'boolean', default: false },
+      help: { type: 'boolean', short: 'h', default: false },
+      version: { type: 'boolean', short: 'v', default: false },
+      'no-color': { type: 'boolean', default: false },
+    },
+    allowPositionals: true,
+    strict: false,
+  });
+
+  const first = positionals[0] ?? '';
+  const isVerify = first === 'verify';
+
+  return {
+    command: isVerify ? 'verify' : first ? 'lookup' : '',
+    target: isVerify ? (positionals[1] ?? '') : first,
+    token: (values.token as string | undefined) ?? process.env['GITHUB_TOKEN'],
+    json: Boolean(values.json),
+    badge: Boolean(values.badge),
+    help: Boolean(values.help),
+    version: Boolean(values.version),
+  };
+}
+
+export async function run(argv: string[]): Promise<void> {
+  const opts = parseCli(argv);
+
+  if (opts.version) {
+    process.stdout.write(`lastgen ${getVersion()}\n`);
+    return;
+  }
+
+  if (opts.help || !opts.command) {
+    process.stdout.write(HELP_BRIEF);
+    return;
+  }
+
+  switch (opts.command) {
+    case 'lookup': {
+      await handleLookup(opts);
+      break;
+    }
+    case 'verify': {
+      await handleVerify(opts);
+      break;
+    }
+    default: {
+      error(`Unknown command: ${opts.command}`);
+      process.stdout.write(HELP_BRIEF);
+      process.exitCode = 2;
+    }
+  }
+}
+
+async function handleLookup(opts: CliOptions): Promise<void> {
+  if (!opts.target) {
+    error('Username required. Usage: lastgen <username>');
+    process.exitCode = 2;
+    return;
+  }
+
+  if (!opts.json && !opts.badge) {
+    info(`Looking up ${opts.target} on GitHub...`);
+  }
+
+  const [user, firstCommit] = await Promise.all([
+    fetchUser(opts.target, opts.token),
+    fetchFirstCommit(opts.target, opts.token),
+  ]);
+
+  const cert = createCertificate(user, firstCommit);
+
+  if (opts.badge) {
+    displayBadgeMarkdown(cert);
+  } else if (opts.json) {
+    displayJson(cert);
+  } else {
+    displayCertificate(cert);
+  }
+}
+
+async function handleVerify(opts: CliOptions): Promise<void> {
+  if (!opts.target) {
+    error('Certificate file required. Usage: lastgen verify <file.json>');
+    process.exitCode = 2;
+    return;
+  }
+
+  const valid = await verifyCertificate(opts.target, opts.token);
+  if (!valid) {
+    process.exitCode = 1;
+  }
+}

package/src/display.ts

@@ -0,0 +1,142 @@
+/**
+ * @fileoverview Terminal output formatting with ASCII box-drawing for certificates and verification.
+ */
+
+import { styleText } from 'node:util';
+
+import type { Certificate } from './types.ts';
+import { ERAS } from './types.ts';
+
+function shouldUseColor(): boolean {
+  if (process.env['NO_COLOR'] !== undefined) {
+    return false;
+  }
+  if (process.env['TERM'] === 'dumb') {
+    return false;
+  }
+  if (process.argv.includes('--no-color')) {
+    return false;
+  }
+  return process.stdout.isTTY === true;
+}
+
+export function style(format: string | string[], text: string): string {
+  if (!shouldUseColor()) {
+    return text;
+  }
+  return styleText(format as Parameters<typeof styleText>[0], text);
+}
+
+export const BOX_WIDTH = 50;
+
+export function boxRule(): string {
+  return style('dim', '+' + '-'.repeat(BOX_WIDTH + 2) + '+');
+}
+
+export function boxLine(content: string, rawLength: number): string {
+  const pad = BOX_WIDTH - rawLength;
+  return style('dim', '|') + ' ' + content + ' '.repeat(Math.max(pad, 0)) + ' ' + style('dim', '|');
+}
+
+function boxEmpty(): string {
+  return boxLine('', 0);
+}
+
+const LABEL_WIDTH = 13;
+
+function labelLine(label: string, value: string, styledValue: string, lines: string[]): void {
+  const max = BOX_WIDTH - LABEL_WIDTH;
+  if (value.length <= max) {
+    lines.push(boxLine(style('dim', label) + styledValue, LABEL_WIDTH + value.length));
+    return;
+  }
+  const indent = ' '.repeat(LABEL_WIDTH);
+  let remaining = value;
+  let isFirst = true;
+  while (remaining.length > 0) {
+    const chunk = remaining.slice(0, max);
+    remaining = remaining.slice(max);
+    const prefix = isFirst ? style('dim', label) : indent;
+    lines.push(boxLine(prefix + chunk, LABEL_WIDTH + chunk.length));
+    isFirst = false;
+  }
+}
+
+export function displayCertificate(cert: Certificate): void {
+  const out = process.stdout;
+  const isLastGen = cert.era === 'LAST_GEN';
+  const eraInfo = ERAS[cert.era];
+  const lines: string[] = [];
+
+  lines.push(boxRule());
+
+  const title = style('bold', 'LASTGEN CERTIFICATE');
+  const titleRaw = 'LASTGEN CERTIFICATE';
+  const titlePadL = Math.floor((BOX_WIDTH - titleRaw.length) / 2);
+  const titlePadR = BOX_WIDTH - titleRaw.length - titlePadL;
+  lines.push(boxLine(' '.repeat(titlePadL) + title + ' '.repeat(titlePadR), BOX_WIDTH));
+
+  lines.push(boxRule());
+
+  labelLine('Certificate  ', cert.certificateNumber, cert.certificateNumber, lines);
+
+  const issuedDate = new Date(cert.issuedAt).toISOString().slice(0, 10);
+  labelLine('Issued       ', issuedDate, issuedDate, lines);
+
+  lines.push(boxEmpty());
+
+  const devValue = cert.identity.name
+    ? `${cert.identity.username} (${cert.identity.name})`
+    : cert.identity.username;
+  labelLine('Developer    ', devValue, devValue, lines);
+
+  const eraColor = isLastGen ? 'green' : 'cyan';
+  labelLine('Era          ', eraInfo.title, style(eraColor, eraInfo.title), lines);
+  labelLine('             ', eraInfo.description, style('dim', eraInfo.description), lines);
+
+  if (cert.proof.firstCommit.sha) {
+    lines.push(boxEmpty());
+
+    const commitDate = new Date(cert.proof.firstCommit.date).toISOString().slice(0, 10);
+    const repo = cert.proof.firstCommit.repo;
+    labelLine('Proof Commit ', repo, repo, lines);
+    const shaShort = cert.proof.firstCommit.sha.slice(0, 7);
+    const commitMsg = `${shaShort} ${cert.proof.firstCommit.message.replace(/\n/g, ' ')}`;
+    labelLine('             ', commitMsg, style('dim', commitMsg), lines);
+    labelLine('Commit Date  ', commitDate, commitDate, lines);
+  }
+
+  lines.push(boxEmpty());
+
+  const hash = cert.verification.hash;
+  labelLine('Hash         ', hash, style('dim', hash), lines);
+
+  lines.push(boxRule());
+
+  out.write('\n' + lines.join('\n') + '\n\n');
+}
+
+export function displayBadgeMarkdown(cert: Certificate): void {
+  const out = process.stdout;
+  const eraLabel = cert.era === 'LAST_GEN' ? 'Last%20Gen' : 'AI%20Native';
+  const color = cert.era === 'LAST_GEN' ? 'blue' : 'brightgreen';
+  const badgeUrl = `https://img.shields.io/badge/lastgen-${eraLabel}-${color}?style=for-the-badge`;
+
+  out.write('\n');
+  out.write(style('bold', '  Add to your GitHub README:') + '\n');
+  out.write('\n');
+  out.write(`  [![Last Gen Coder](${badgeUrl})](https://github.com/pgagnidze/lastgen)\n`);
+  out.write('\n');
+}
+
+export function displayJson(cert: Certificate): void {
+  process.stdout.write(JSON.stringify(cert, null, 2) + '\n');
+}
+
+export function info(message: string): void {
+  process.stderr.write(style('dim', `  ${message}`) + '\n');
+}
+
+export function error(message: string): void {
+  process.stderr.write(style('red', `  ${message}`) + '\n');
+}

package/src/github.ts

@@ -0,0 +1,179 @@
+/**
+ * @fileoverview GitHub API client using built-in fetch. Zero dependencies.
+ */
+
+import type { GitHubUser, FirstCommit, CommitDetail } from './types.ts';
+import { CUTOFF_DATE } from './types.ts';
+
+const GITHUB_API = 'https://api.github.com';
+const USER_AGENT = 'lastgen-cli';
+
+function buildHeaders(token?: string): Record<string, string> {
+  const headers: Record<string, string> = {
+    Accept: 'application/vnd.github.v3+json',
+    'User-Agent': USER_AGENT,
+  };
+  if (token) {
+    headers['Authorization'] = `token ${token}`;
+  }
+  return headers;
+}
+
+async function githubFetch(
+  url: string,
+  token?: string,
+  extraHeaders?: Record<string, string>,
+): Promise<Response> {
+  const response = await fetch(url, { headers: { ...buildHeaders(token), ...extraHeaders } });
+
+  if (response.status === 403) {
+    const remaining = response.headers.get('x-ratelimit-remaining');
+    if (remaining === '0') {
+      const resetTimestamp = response.headers.get('x-ratelimit-reset');
+      const resetDate = resetTimestamp
+        ? new Date(Number(resetTimestamp) * 1000).toLocaleTimeString()
+        : 'soon';
+      throw new Error(
+        `GitHub API rate limit exceeded. Resets at ${resetDate}.\n` +
+          'Tip: set GITHUB_TOKEN or use --token for 5,000 requests/hour.',
+      );
+    }
+  }
+
+  if (response.status === 404) {
+    const userMatch = url.match(/\/users\/([^/?]+)/);
+    if (userMatch?.[1]) {
+      throw new Error(
+        `GitHub user '${decodeURIComponent(userMatch[1])}' not found. Check the spelling?`,
+      );
+    }
+    throw new Error(`Not found: ${url}`);
+  }
+
+  if (!response.ok) {
+    throw new Error(`GitHub API error: ${response.status} ${response.statusText}`);
+  }
+
+  return response;
+}
+
+export async function fetchUser(username: string, token?: string): Promise<GitHubUser> {
+  const response = await githubFetch(`${GITHUB_API}/users/${encodeURIComponent(username)}`, token);
+  const data = (await response.json()) as Record<string, unknown>;
+
+  return {
+    login: data.login as string,
+    id: data.id as number,
+    name: (data.name as string | null) ?? null,
+    createdAt: data.created_at as string,
+  };
+}
+
+export async function fetchFirstCommit(
+  username: string,
+  token?: string,
+): Promise<FirstCommit | null> {
+  const commit = await searchFirstCommit(username, token);
+
+  if (commit?.repo) {
+    commit.repoCreatedAt = await fetchRepoCreatedAt(commit.repo, token);
+  }
+
+  return commit;
+}
+
+async function fetchRepoCreatedAt(
+  repoFullName: string,
+  token?: string,
+): Promise<string | undefined> {
+  try {
+    const response = await githubFetch(`${GITHUB_API}/repos/${repoFullName}`, token);
+    const data = (await response.json()) as Record<string, unknown>;
+    return (data.created_at as string | undefined) ?? undefined;
+  } catch {
+    return undefined;
+  }
+}
+
+async function searchFirstCommitByQuery(
+  query: string,
+  token?: string,
+  order: 'asc' | 'desc' = 'asc',
+): Promise<FirstCommit | null> {
+  try {
+    const url = `${GITHUB_API}/search/commits?q=${encodeURIComponent(query)}&sort=committer-date&order=${order}&per_page=1`;
+    const response = await githubFetch(url, token, {
+      Accept: 'application/vnd.github.cloak-preview+json',
+    });
+
+    const data = (await response.json()) as Record<string, unknown>;
+    const items = data.items as Array<Record<string, unknown>> | undefined;
+    const item = items?.[0];
+    if (!item) return null;
+
+    const commit = item.commit as Record<string, unknown>;
+    const author = commit.author as Record<string, unknown>;
+    const commitCommitter = commit.committer as Record<string, unknown> | undefined;
+    const repo = item.repository as Record<string, unknown>;
+
+    return {
+      date: author.date as string,
+      repo: (repo.full_name as string) ?? '',
+      sha: item.sha as string,
+      message: ((commit.message as string) ?? '').split('\n')[0] ?? '',
+      committerDate: (commitCommitter?.date as string | undefined) ?? undefined,
+    };
+  } catch {
+    return null;
+  }
+}
+
+async function searchFirstCommit(username: string, token?: string): Promise<FirstCommit | null> {
+  const cutoffDate = CUTOFF_DATE.slice(0, 10);
+
+  return (
+    (await searchFirstCommitByQuery(
+      `author:${username} user:${username} committer-date:<${cutoffDate}`,
+      token,
+      'desc',
+    )) ??
+    (await searchFirstCommitByQuery(
+      `author:${username} committer-date:<${cutoffDate}`,
+      token,
+      'desc',
+    )) ??
+    (await searchFirstCommitByQuery(`author:${username}`, token))
+  );
+}
+
+export async function fetchCommit(
+  repoFullName: string,
+  sha: string,
+  token?: string,
+): Promise<CommitDetail> {
+  const url = `${GITHUB_API}/repos/${repoFullName}/commits/${sha}`;
+  const response = await githubFetch(url, token);
+  const data = (await response.json()) as Record<string, unknown>;
+
+  const commit = data.commit as Record<string, unknown>;
+  const commitAuthor = commit.author as Record<string, unknown>;
+  const commitCommitter = commit.committer as Record<string, unknown> | undefined;
+  const verification = commit.verification as Record<string, unknown> | undefined;
+  const author = data.author as Record<string, unknown> | null;
+  const committer = data.committer as Record<string, unknown> | null;
+  const parents = data.parents as Array<unknown> | undefined;
+
+  return {
+    sha: data.sha as string,
+    authorLogin: (author?.login as string | undefined) ?? null,
+    committerLogin: (committer?.login as string | undefined) ?? null,
+    authorEmail: (commitAuthor.email as string | undefined) ?? null,
+    authorDate: (commitAuthor.date as string | undefined) ?? null,
+    committerDate: (commitCommitter?.date as string | undefined) ?? null,
+    authorId: (author?.id as number | undefined) ?? null,
+    verificationReason: (verification?.reason as string | undefined) ?? null,
+    isRootCommit: Array.isArray(parents) && parents.length === 0,
+    message: ((commit.message as string) ?? '').split('\n')[0] ?? '',
+    verified: Boolean(verification?.verified),
+  };
+}

package/src/index.ts

@@ -0,0 +1,12 @@
+#!/usr/bin/env node
+
+import { run } from './cli.ts';
+import { error } from './display.ts';
+
+try {
+  await run(process.argv.slice(2));
+} catch (err) {
+  const message = err instanceof Error ? err.message : String(err);
+  error(message);
+  process.exitCode = 1;
+}

package/src/proof.ts

@@ -0,0 +1,109 @@
+/**
+ * @fileoverview Era classification, hashing, and certificate generation.
+ */
+
+import { createHash } from 'node:crypto';
+
+import type { Certificate, EraKey, FirstCommit, GitHubUser } from './types.ts';
+
+import { CERTIFICATE_SALT, CERTIFICATE_VERSION, CUTOFF_DATE } from './types.ts';
+
+export function classifyEra(proofDate: string): EraKey {
+  const cutoff = new Date(CUTOFF_DATE).getTime();
+  const date = new Date(proofDate).getTime();
+  return date < cutoff ? 'LAST_GEN' : 'AI_NATIVE';
+}
+
+const THIRTY_DAYS_MS = 30 * 24 * 60 * 60 * 1000;
+
+export function resolveProofDate(user: GitHubUser, firstCommit: FirstCommit | null): string {
+  if (!firstCommit) {
+    return new Date().toISOString();
+  }
+
+  const effectiveDate = getEffectiveCommitDate(firstCommit);
+  const commitTime = new Date(effectiveDate).getTime();
+  const accountTime = new Date(user.createdAt).getTime();
+  const repoTime = firstCommit.repoCreatedAt
+    ? new Date(firstCommit.repoCreatedAt).getTime()
+    : Infinity;
+
+  if (commitTime < repoTime) {
+    return firstCommit.repoCreatedAt ?? user.createdAt;
+  }
+
+  return commitTime < accountTime ? effectiveDate : user.createdAt;
+}
+
+function getEffectiveCommitDate(commit: FirstCommit): string {
+  if (!commit.committerDate) {
+    return commit.date;
+  }
+
+  const authorTime = new Date(commit.date).getTime();
+  const committerTime = new Date(commit.committerDate).getTime();
+
+  if (committerTime - authorTime > THIRTY_DAYS_MS) {
+    return commit.committerDate;
+  }
+
+  return commit.date;
+}
+
+export function generateCertificateHash(
+  username: string,
+  githubId: number,
+  proofDate: string,
+  era: EraKey,
+): string {
+  const payload = JSON.stringify({
+    username,
+    githubId,
+    proofDate,
+    era,
+    salt: CERTIFICATE_SALT,
+  });
+
+  return createHash('sha256').update(payload).digest('hex');
+}
+
+export function generateCertificateNumber(hash: string): string {
+  const prefix = hash.slice(0, 4).toUpperCase();
+  const numericPart = parseInt(hash.slice(4, 12), 16) % 1000000;
+  const padded = String(numericPart).padStart(6, '0');
+  return `LGC-${prefix}-${padded}`;
+}
+
+export function createCertificate(user: GitHubUser, firstCommit: FirstCommit | null): Certificate {
+  const proofDate = resolveProofDate(user, firstCommit);
+  const era = classifyEra(proofDate);
+  const hash = generateCertificateHash(user.login, user.id, proofDate, era);
+  const certificateNumber = generateCertificateNumber(hash);
+
+  return {
+    version: CERTIFICATE_VERSION,
+    type: 'LASTGEN_CERTIFICATE',
+    identity: {
+      username: user.login,
+      githubId: user.id,
+      name: user.name,
+    },
+    proof: {
+      accountCreated: user.createdAt,
+      firstCommit: firstCommit ?? {
+        date: user.createdAt,
+        repo: '',
+        sha: '',
+        message: '(no public commits found - using account creation date)',
+      },
+      proofDate,
+    },
+    era,
+    verification: {
+      hash: `sha256:${hash}`,
+      salt: CERTIFICATE_SALT,
+    },
+    certificateNumber,
+    issuedAt: new Date().toISOString(),
+  };
+}

package/src/types.ts

@@ -0,0 +1,85 @@
+/**
+ * @fileoverview Shared interfaces, constants, and type definitions for lastgen.
+ */
+
+export const CUTOFF_DATE = '2025-02-21T00:00:00Z';
+
+export const ERAS = {
+  LAST_GEN: {
+    title: 'Last Generation Coder',
+    description: 'Wrote code before AI agents shipped',
+  },
+  AI_NATIVE: {
+    title: 'AI Native Coder',
+    description: 'First verifiable commit after AI agents shipped',
+  },
+} as const;
+
+export type EraKey = keyof typeof ERAS;
+
+export const CERTIFICATE_VERSION = '1.0';
+export const CERTIFICATE_SALT = 'lastgen_v1';
+
+export interface GitHubUser {
+  login: string;
+  id: number;
+  name: string | null;
+  createdAt: string;
+}
+
+export interface FirstCommit {
+  date: string;
+  repo: string;
+  sha: string;
+  message: string;
+  repoCreatedAt?: string;
+  committerDate?: string;
+}
+
+export interface CertificateIdentity {
+  username: string;
+  githubId: number;
+  name: string | null;
+}
+
+export interface CertificateProof {
+  accountCreated: string;
+  firstCommit: FirstCommit;
+  proofDate: string;
+}
+
+export interface CertificateVerification {
+  hash: string;
+  salt: string;
+}
+
+export interface Certificate {
+  version: string;
+  type: 'LASTGEN_CERTIFICATE';
+  identity: CertificateIdentity;
+  proof: CertificateProof;
+  era: EraKey;
+  verification: CertificateVerification;
+  certificateNumber: string;
+  issuedAt: string;
+}
+
+export interface CommitDetail {
+  sha: string;
+  authorLogin: string | null;
+  committerLogin: string | null;
+  authorEmail: string | null;
+  authorDate: string | null;
+  committerDate: string | null;
+  authorId: number | null;
+  verificationReason: string | null;
+  isRootCommit: boolean;
+  message: string;
+  verified: boolean;
+}
+
+export interface VerifyResult {
+  check: string;
+  passed: boolean;
+  detail: string;
+}

package/src/verify.ts

@@ -0,0 +1,274 @@
+/**
+ * @fileoverview Certificate verification - re-checks saved proofs against GitHub API.
+ */
+
+import { readFileSync } from 'node:fs';
+
+import type { Certificate, VerifyResult } from './types.ts';
+import { CUTOFF_DATE } from './types.ts';
+import { fetchCommit } from './github.ts';
+import { generateCertificateHash, resolveProofDate } from './proof.ts';
+import { BOX_WIDTH, boxLine, boxRule, error, info, style } from './display.ts';
+
+function isValidCertificate(data: unknown): data is Certificate {
+  if (typeof data !== 'object' || data === null) {
+    return false;
+  }
+  const cert = data as Record<string, unknown>;
+  return (
+    cert.type === 'LASTGEN_CERTIFICATE' &&
+    typeof cert.version === 'string' &&
+    typeof cert.identity === 'object' &&
+    typeof cert.proof === 'object' &&
+    typeof cert.verification === 'object' &&
+    typeof cert.certificateNumber === 'string'
+  );
+}
+
+function matchesNoreplyEmail(email: string, username: string): boolean {
+  const lower = email.toLowerCase();
+  const user = username.toLowerCase();
+  const pattern = new RegExp(`^(\\d+\\+)?${escapeRegex(user)}@users\\.noreply\\.github\\.com$`);
+  return pattern.test(lower);
+}
+
+function escapeRegex(str: string): string {
+  return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}
+
+export async function verifyCertificate(filePath: string, token?: string): Promise<boolean> {
+  let raw: string;
+  try {
+    raw = readFileSync(filePath, 'utf-8');
+  } catch {
+    error(`Cannot read file: ${filePath}`);
+    return false;
+  }
+
+  let cert: unknown;
+  try {
+    cert = JSON.parse(raw);
+  } catch {
+    error('Invalid JSON in certificate file.');
+    return false;
+  }
+
+  if (!isValidCertificate(cert)) {
+    error('File is not a valid lastgen certificate.');
+    return false;
+  }
+
+  info(`Verifying certificate ${cert.certificateNumber}...`);
+  info(`Developer: ${cert.identity.username}`);
+  info('');
+
+  const results: VerifyResult[] = [];
+
+  const expectedHash = generateCertificateHash(
+    cert.identity.username,
+    cert.identity.githubId,
+    cert.proof.proofDate,
+    cert.era,
+  );
+
+  const actualHash = cert.verification.hash.replace('sha256:', '');
+  results.push({
+    check: 'Hash integrity',
+    passed: expectedHash === actualHash,
+    detail:
+      expectedHash === actualHash
+        ? 'Certificate hash is valid'
+        : 'Certificate hash does not match - data may have been tampered with',
+  });
+
+  const proofDate = new Date(cert.proof.proofDate);
+  const cutoff = new Date(CUTOFF_DATE);
+  const isBeforeCutoff = proofDate.getTime() < cutoff.getTime();
+  const expectedEra = isBeforeCutoff ? 'LAST_GEN' : 'AI_NATIVE';
+  results.push({
+    check: 'Era classification',
+    passed: cert.era === expectedEra,
+    detail:
+      cert.era === expectedEra
+        ? `Era ${cert.era} is correct for proof date ${cert.proof.proofDate}`
+        : `Era should be ${expectedEra} but certificate claims ${cert.era}`,
+  });
+
+  const reconstructedUser = {
+    login: cert.identity.username,
+    id: cert.identity.githubId,
+    name: cert.identity.name,
+    createdAt: cert.proof.accountCreated,
+  };
+  const expectedProofDate = resolveProofDate(
+    reconstructedUser,
+    cert.proof.firstCommit.sha ? cert.proof.firstCommit : null,
+  );
+  const proofDateMatch =
+    Math.abs(new Date(expectedProofDate).getTime() - proofDate.getTime()) < 60000;
+  results.push({
+    check: 'Proof date',
+    passed: proofDateMatch,
+    detail: proofDateMatch
+      ? `Proof date ${cert.proof.proofDate} is consistent with commit and account data`
+      : `Proof date should be ${expectedProofDate} but certificate claims ${cert.proof.proofDate}`,
+  });
+
+  if (cert.proof.firstCommit.sha) {
+    try {
+      info(`Fetching commit ${cert.proof.firstCommit.sha.slice(0, 7)} from GitHub...`);
+      const commitDetail = await fetchCommit(
+        cert.proof.firstCommit.repo,
+        cert.proof.firstCommit.sha,
+        token,
+      );
+
+      const username = cert.identity.username.toLowerCase();
+      const authorMatch = (commitDetail.authorLogin ?? '').toLowerCase() === username;
+      const committerMatch = (commitDetail.committerLogin ?? '').toLowerCase() === username;
+      const emailMatch = commitDetail.authorEmail
+        ? matchesNoreplyEmail(commitDetail.authorEmail, cert.identity.username)
+        : false;
+
+      const identityMatch = authorMatch || committerMatch || emailMatch;
+      const matchMethods: string[] = [];
+      if (authorMatch) {
+        matchMethods.push('author login');
+      }
+      if (committerMatch) {
+        matchMethods.push('committer login');
+      }
+      if (emailMatch) {
+        matchMethods.push('noreply email');
+      }
+
+      results.push({
+        check: 'Identity',
+        passed: identityMatch,
+        detail: identityMatch
+          ? `Matched via: ${matchMethods.join(', ')}`
+          : `Commit author (${commitDetail.authorLogin}) does not match ${cert.identity.username}`,
+      });
+
+      const repoOwner = cert.proof.firstCommit.repo.split('/')[0] ?? '';
+      const isSelfOwned = repoOwner.toLowerCase() === cert.identity.username.toLowerCase();
+      results.push({
+        check: 'Repo ownership',
+        passed: true,
+        detail: isSelfOwned
+          ? `Commit is in a repo owned by ${cert.identity.username}`
+          : `Commit is in a third-party repo (${cert.proof.firstCommit.repo})`,
+      });
+
+      if (commitDetail.authorId !== null) {
+        const idMatch = commitDetail.authorId === cert.identity.githubId;
+        results.push({
+          check: 'GitHub ID',
+          passed: idMatch,
+          detail: idMatch
+            ? `GitHub ID ${commitDetail.authorId} matches certificate`
+            : `Commit author ID ${commitDetail.authorId} does not match certificate ID ${cert.identity.githubId}`,
+        });
+      }
+
+      const commitDate = new Date(commitDetail.authorDate ?? '');
+      const certDate = new Date(cert.proof.firstCommit.date);
+      const datesClose = Math.abs(commitDate.getTime() - certDate.getTime()) < 60000;
+      results.push({
+        check: 'Commit date',
+        passed: datesClose,
+        detail: datesClose
+          ? `Commit date matches certificate (${commitDetail.authorDate})`
+          : `Commit date ${commitDetail.authorDate} differs from certificate ${cert.proof.firstCommit.date}`,
+      });
+
+      if (commitDetail.authorDate && commitDetail.committerDate) {
+        const authorTime = new Date(commitDetail.authorDate).getTime();
+        const committerTime = new Date(commitDetail.committerDate).getTime();
+        const driftMs = Math.abs(committerTime - authorTime);
+        const thirtyDaysMs = 30 * 24 * 60 * 60 * 1000;
+        const driftDays = Math.round(driftMs / (24 * 60 * 60 * 1000));
+        const consistent = driftMs <= thirtyDaysMs;
+        results.push({
+          check: 'Date consistency',
+          passed: consistent,
+          detail: consistent
+            ? `Author/committer date drift: ${driftDays}d (within 30d threshold)`
+            : `Author/committer date drift: ${driftDays}d exceeds 30d - author date may be forged`,
+        });
+      }
+
+      if (commitDetail.isRootCommit) {
+        results.push({
+          check: 'Root commit',
+          passed: true,
+          detail: 'Commit has no parents (first commit in repo - higher trust)',
+        });
+      }
+
+      if (commitDetail.verified) {
+        const reason = commitDetail.verificationReason;
+        const reasonDetail = reason && reason !== 'valid' ? ` (${reason})` : '';
+        results.push({
+          check: 'GPG signature',
+          passed: true,
+          detail: `Commit is GPG-signed${reasonDetail}`,
+        });
+      }
+    } catch (fetchError) {
+      const message = fetchError instanceof Error ? fetchError.message : String(fetchError);
+      results.push({
+        check: 'Commit verification',
+        passed: false,
+        detail: `Could not fetch commit from GitHub: ${message}`,
+      });
+    }
+  }
+
+  const out = process.stdout;
+  const lines: string[] = [];
+
+  lines.push(boxRule());
+
+  const title = style('bold', 'VERIFICATION');
+  const titleRaw = 'VERIFICATION';
+  const titlePadL = Math.floor((BOX_WIDTH - titleRaw.length) / 2);
+  const titlePadR = BOX_WIDTH - titleRaw.length - titlePadL;
+  lines.push(boxLine(' '.repeat(titlePadL) + title + ' '.repeat(titlePadR), BOX_WIDTH));
+
+  lines.push(boxRule());
+
+  let allPassed = true;
+  for (const result of results) {
+    const icon = result.passed ? style('green', 'PASS') : style('red', 'FAIL');
+    const checkLine = `${icon}  ${style('bold', result.check)}`;
+    lines.push(boxLine(checkLine, 4 + 2 + result.check.length));
+    const indent = 6;
+    const maxLen = BOX_WIDTH - indent;
+    let remaining = result.detail;
+    while (remaining.length > 0) {
+      const chunk = remaining.slice(0, maxLen);
+      remaining = remaining.slice(maxLen);
+      const line = ' '.repeat(indent) + style('dim', chunk);
+      lines.push(boxLine(line, indent + chunk.length));
+    }
+    if (!result.passed) {
+      allPassed = false;
+    }
+  }
+
+  lines.push(boxRule());
+
+  if (allPassed) {
+    const msg = style('green', 'Certificate is valid.');
+    lines.push(boxLine(msg, 21));
+  } else {
+    const msg = style('red', 'Certificate verification failed.');
+    lines.push(boxLine(msg, 32));
+  }
+
+  lines.push(boxRule());
+
+  out.write('\n' + lines.join('\n') + '\n\n');
+  return allPassed;
+}