Skip to content
Independent software appraisal — by the makers of Watchdog

You'd never buy a house on the seller's word.

You'd commission your own survey. Assay does the same for software: it turns an independent, reproducible Codebase Assurance Index survey into a decision you can defend — to a board, a committee, or a court. To assay: to determine an asset's true worth.

Bring the repo, or open a survey a supplier already shared with you. A measurement, not an opinion.

✓ Signed evidence
checkout-serviceby acmeAdequate
CAI62 / 100
Trend: improving (up 17) over the last 8 scans.
4562↑ +17
Code health68
Architecture55
Maturity63
Readiness52
Security71
Measured1 July 2026 · 4.2M lines
Rebuild cost~€6,100,000
Bus factor2 of 11 devs
Reproducible fingerprinta3f9…e021

A sample evidence artifact — dated, signed, verifiable. Not editable by the party who shares it.

What you learn

Verify the software you can't read.

Software is usually the largest asset in the deal — and the only one nobody appraises. Assay reads it for you and hands back the numbers a decision actually needs.

A verdict on code you can't inspect

One independent, reproducible 0–100 Codebase Assurance Index for the whole codebase — architecture, maturity, security and risk in one number, with every deduction traceable to the rule that fired.

The board-level numbers

Key-person and bus-factor risk — which modules depend on one person — and replacement/rebuild cost, both read deterministically from the git history. The two figures procurement and diligence miss most.

Trusted by both sides

Commissioned by one side, trusted by both — because the method is open. The algorithm, lenses and rubric are public, so the number isn't the seller's marketing and isn't ours to bend.

0–100
one reproducible index for the whole codebase
71→76
comparable from LOI to close — rubric frozen for the deal
€0
the evidence copy a supplier shares with you is free
Ed25519
signed, tamper-evident evidence — not editable by the sharer
Independent & neutral by structure

The measurer never sits at the table.

An appraisal is only worth something because the appraiser has no stake in the result — and because you can check the work yourself.

Never a delivering party

Assay builds nobody's software and never sits on either side of the contract. No success fees — revenue is the engagement, identical whether the verdict flatters or hurts. We sell the thermometer, never the treatment.

The same rubric, whoever pays

The report doesn't know who holds the subscription. Identical dimensions, thresholds and scoring logic for seller and buyer — which is what lets you write CAI ≥ 80 into a tender and mean it.

Verify any number yourself

You don't have to trust the seller, or us. Take the evidence behind a survey, run the open scorer, and you get the same number — or you've found a discrepancy.

Verify a survey →
Trust

The code never leaves controlled hands.

EU data residency

Processed only on hardware we own in Denmark — no cloud provider in the path.

No third-party AI

The language model is self-hosted; the code is never sent to OpenAI, Anthropic or Google.

Source never persisted

Each scan clones, analyses, then deletes the working copy — and we never train on the code.

Read-only by doctrine

We measure and advise; we never commit, push, or edit anyone's code.

Read the full security & data statement →

Software is the only seven-figure asset you run without an appraisal. Get one.

Bring the repo, or open a survey a supplier already shared with you — either way, you end with a decision you can defend.

Sales-led · priced per engagement, never by lines of code · a person replies, from the EU.