diff --git a/create-attributable-archive.sh b/create-attributable-archive.sh
index 8bcea3c..70cbdb0 100755
--- a/create-attributable-archive.sh
+++ b/create-attributable-archive.sh
@@ -2,9 +2,9 @@
 set -e
 
 unix_seconds=$(date +%s)
-key_path="$PWD/private_ed25519_${unix_seconds}"
+key_path="./private_ed25519_${unix_seconds}"
 signature_tag="file-integrity"
-out_dir="$PWD/out"
+out_dir="./out"
 inner_dir="$out_dir/contents"
 
 mkdir -p "$inner_dir"
@@ -25,30 +25,34 @@ checkcode () {
     fi
 }
 
-printf "ssh-keygen: makin new key "
-ssh-keygen -t ed25519 -f "$key_path" -C "anonymous@local"
+printf "ssh-keygen: makin new key..."
+ssh-keygen -t ed25519 -f "$key_path" -C "anonymous"
 checkcode $?
-printf "ssh-keygen: creating out/anonymous_signer"
-echo "anonymous@local namespaces=\"$signature_tag\" $(cat "${key_path}.pub")" > "$out_dir/anonymous_signer"
+printf "ssh-keygen: changing ownership on $key_path and $key_path.pub"
+chown $USER:$USER "$key_path" "$key_path.pub"
+printf "ssh-keygen: fixing perms on $key_path and $key_path.pub"
+chmod 600 "$key_path" "$key_path.pub"
+printf "ssh-keygen: creating $out_dir/anonymous_signer..."
+echo "anonymous namespaces=\"$signature_tag\" $(cat "${key_path}.pub")" > "$out_dir/anonymous_signer"
 checkcode $?
 
 printf "random: adding 1/2 random blocks of data to inner archive"
-dd if=/dev/urandom of="$inner_dir/.$RANDOM" bs=1M count=1 status=progress
+dd if=/dev/urandom of="$inner_dir/.$RANDOM" bs=1M count=1 > /dev/null 2>&1
 checkcode $?
 printf "random: adding 2/3 random blocks of data to outer archive"
-dd if=/dev/urandom of="$out_dir/.$RANDOM" bs=1M count=1 status=progress
+dd if=/dev/urandom of="$out_dir/.$RANDOM" bs=1M count=1 > /dev/null 2>&1
 checkcode $?
 
 printf "7z: compressing inner volume"
-7z a "$out_dir/contents.7z" "$inner_dir"
+7z a "$out_dir/contents.7z" "$inner_dir" > /dev/null 2>&1
 checkcode $?
 
 printf "ssh: signing out/contents.7z"
-ssh-keygen -Y sign -f "$key_path" -n "$signature_tag" "$out_dir/contents.7z"
+ssh-keygen -Y sign -f "$key_path" -n "$signature_tag" "$out_dir/contents.7z" # > /dev/null 2>&1
 checkcode $?
 
 printf "sha512: generating sha512 checksums of files in out/ "
-(cd "$out_dir" && sha512sum * | tee checksums.sha512)
+sha512sum "$out_dir/*" >> "$out_dir/checksums.sha512"
 checkcode $?
 
 echo "Enter attribution passphrase:"
@@ -66,16 +70,19 @@ unset attribution_passphrase_check
 {
     printf '%s' "$attribution_passphrase"
     cat "$out_dir/contents.7z"
-} | sha512sum | awk '{print $1}' | tee "$out_dir/attribution.sha512"
+} | sha512sum | awk '{print $1}' > "$out_dir/attribution.sha512"
 
 printf "deleting $inner_dir"
 rm -rf "$inner_dir"
 checkcode $?
 
-printf "sanity checking"
-# todo: test verify shit
+printf "sanity checking: verification"
+bash out/verify-everything.sh
+checkcode $?
+printf "sanity checking: validate attribution passphrase"
+bash out/test_validation_passphrase.sh
 checkcode $?
 
 printf "7z archiving outer dir"
 7z a "./out.7z" "$out_dir"
-checkcode $?
+checkcode $?
\ No newline at end of file
diff --git a/out/.12094 b/out/.12094
new file mode 100644
index 0000000..2698f1a
Binary files /dev/null and b/out/.12094 differ
diff --git a/out/.16403 b/out/.16403
deleted file mode 100644
index e69de29..0000000
diff --git a/out/anonymous_signer b/out/anonymous_signer
new file mode 100644
index 0000000..e81b53a
--- /dev/null
+++ b/out/anonymous_signer
@@ -0,0 +1 @@
+anonymous namespaces="file-integrity" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJzxs8Ok9r5JNevCm3KBvy9Iyg3baSw+Gvz1MaC4mZEE anonymous
diff --git a/out/contents.7z b/out/contents.7z
new file mode 100644
index 0000000..d86a9f8
Binary files /dev/null and b/out/contents.7z differ
diff --git a/out/contents/.19601 b/out/contents/.19601
new file mode 100644
index 0000000..93b7690
Binary files /dev/null and b/out/contents/.19601 differ
diff --git a/out/verify-everything.sh b/out/verify-everything.sh
index 7d31352..162cf80 100755
--- a/out/verify-everything.sh
+++ b/out/verify-everything.sh
@@ -25,5 +25,5 @@ sha512sum -c checksums.sha512 > /dev/null 2>&1
 checkcode $?
 
 printf "Checking signature against provided public key... "
-ssh-keygen -Y verify -f "./anonymous_signer" -I "anonymous@local" -n "file-integrity" -s contents.7z.sig < contents.7z > /dev/null 2>&1
+ssh-keygen -Y verify -f "./anonymous_signer" -I "anonymous" -n "file-integrity" -s contents.7z.sig < contents.7z > /dev/null > /dev/null > /dev/null 2>&1
 checkcode $?
diff --git a/private_ed25519_1779530180 b/private_ed25519_1779530180
new file mode 100644
index 0000000..8b373ac
--- /dev/null
+++ b/private_ed25519_1779530180
@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACCc8bPDpPa+STXrwptygb8vSMoN22ksPhr89TGguJmRBAAAAJCdSK3LnUit
+ywAAAAtzc2gtZWQyNTUxOQAAACCc8bPDpPa+STXrwptygb8vSMoN22ksPhr89TGguJmRBA
+AAAEBtkfZIlhs+mzrEMFvt/pQjtONx7dGDWste5YAjFcUzkJzxs8Ok9r5JNevCm3KBvy9I
+yg3baSw+Gvz1MaC4mZEEAAAACWFub255bW91cwECAwQ=
+-----END OPENSSH PRIVATE KEY-----
diff --git a/private_ed25519_1779530180.pub b/private_ed25519_1779530180.pub
new file mode 100644
index 0000000..609a018
--- /dev/null
+++ b/private_ed25519_1779530180.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJzxs8Ok9r5JNevCm3KBvy9Iyg3baSw+Gvz1MaC4mZEE anonymous