Quickstart
Register an agent, then seal a decision. The signing key never leaves the node; your input/output are hashed on your side.
# 1. Register an agent (returns your API key once)
curl -X POST http://localhost:4505/api/v1/agents \
-H 'Content-Type: application/json' \
-d '{ "name": "FinanceBot" }'
# 2. Seal a decision into a verifiable receipt
curl -X POST http://localhost:4505/api/v1/receipts \
-H 'Authorization: Bearer sk_live_...' \
-H 'Content-Type: application/json' \
-d '{
"model": { "provider": "openai", "name": "gpt-4o", "version": "2026.4" },
"decision": {
"type": "loan_rejection",
"input_hash": "sha256:...",
"output_hash": "sha256:...",
"risk_level": "high",
"human_review": true,
"policies": ["eu-ai-act-high-risk"]
}
}'
# 3. Verify it — anyone can, no auth required
curl http://localhost:4505/api/v1/receipts/STR-XXXX/verify
Core concepts
Decision Receipt
A signed, tamper-evident attestation that an agent took a decision. It carries fingerprints and metadata — never raw content.
Hash chain
Each receipt references the previous receipt's hash. The ledger is append-only; altering any past receipt breaks every link after it.
Trust Score
A 0–100 reputation derived from an agent's verifiable history: integrity, volume, human oversight on risky decisions, declared governance and longevity.
Receipt spec (v1.0)
The receipt_hash is sha256 over the canonical (sorted-key) JSON of every field except receipt_hash and signature. The signature is Ed25519 over that hash.
{
"version": "1.0",
"id": "STR-1A2B3C4D5E",
"type": "decision_receipt",
"sequence": 42,
"agent": { "id": "agent_…", "name": "FinanceBot" },
"model": { "provider": "openai", "name": "gpt-4o", "version": "2026.4" },
"decision": {
"type": "loan_rejection",
"input_hash": "sha256:…",
"output_hash": "sha256:…",
"risk_level": "high",
"human_review": true,
"permissions": ["credit.decide"],
"policies": ["eu-ai-act-high-risk"]
},
"metadata": { "request_id": "req_001" },
"timestamp": "2026-06-07T10:00:00.000Z",
"previous_hash": "sha256:…",
"receipt_hash": "sha256:…",
"signature": { "algorithm": "ed25519", "public_key": "…", "value": "…" }
}
JavaScript / TypeScript SDK
Input and output are hashed locally by default — raw data never leaves your servers.
import { Signatrust } from 'signatrust';
const str = new Signatrust({
apiKey: process.env.SIGNATRUST_API_KEY,
baseUrl: 'http://localhost:4505', // omit in production
});
const { receipt, share_url } = await str.sign({
model: { provider: 'openai', name: 'gpt-4o', version: '2026.4' },
decision: {
type: 'loan_rejection',
input, // hashed locally
output, // hashed locally
risk_level: 'high',
human_review: true,
policies: ['eu-ai-act-high-risk'],
},
});
const result = await str.verify(receipt.id);
console.log(result.valid); // true
Python SDK
from signatrust import Signatrust
client = Signatrust(api_key=os.environ["SIGNATRUST_API_KEY"],
base_url="http://localhost:4505")
result = client.sign(
model={"provider": "openai", "name": "gpt-4o", "version": "2026.4"},
decision={
"type": "loan_rejection",
"input": user_input, # hashed locally
"output": agent_output, # hashed locally
"risk_level": "high",
"human_review": True,
"policies": ["eu-ai-act-high-risk"],
},
)
print(result["receipt"]["id"], result["share_url"])
assert client.verify(result["receipt"]["id"])["valid"]
REST API
POST /api/v1/agents — register an agent, returns the API key once.
GET /api/v1/agents/{id} — public profile + Trust Score.
GET /api/v1/agents/{id}/trust-score — recomputable Trust Score.
GET /api/v1/agents/{id}/receipts — receipts for an agent.
POST /api/v1/receipts — seal a decision (auth required).
GET /api/v1/receipts/{id} — fetch a receipt (public).
GET /api/v1/receipts/{id}/verify — verify a stored receipt (public).
POST /api/v1/verify — verify any receipt JSON (public, third-party).
GET /api/v1/verify/ledger — verify the whole chain.
Trust program & consent
GET /api/v1/agents/{id}/consent — public consent status (data-sharing level).
POST /api/v1/agents/{id}/consent — set/withdraw consent, level 1–3 (owner only). GDPR-aligned: records lawful basis, policy version and timestamp.
Aggregate Trust Digest
POST /api/v1/digest — signed aggregate digest for your agent (auth required). Counts & rates only — no content, identifiers or content hashes.
GET /api/v1/digest/network — signed network digest across consenting agents (k-anonymized).
POST /api/v1/digest/verify — verify a signed digest's hash + signature.
Compliance & audit
GET /api/v1/compliance/{id} — EU AI Act / GDPR / NIST AI RMF / ISO 42001 report from receipts.
GET /api/v1/compliance/{id}/export — Ed25519-signed, independently verifiable report.
Risk & insurance
GET /api/v1/risk/{id} — insurance-grade risk profile (relative underwriting index, baseline 1.00 — not a quote).
GET /api/v1/risk/network/benchmarks — anonymized benchmarks across consenting agents.
GET /.well-known/signatrust.json — discovery: public key, spec, endpoints.
Verification
Cryptographic verification (body hash + Ed25519 signature) needs only the receipt itself — a third party can confirm authenticity without any access to your systems or data. Add ?chain=true to also check ledger linkage on this node.
curl -X POST http://localhost:4505/api/v1/verify \
-H 'Content-Type: application/json' \
-d '{ "receipt": { ...the receipt JSON... } }'
Privacy & on-prem
Signatrust is built so it never needs your data to prove a decision exists and is intact. You send sha256 fingerprints and metadata, not content. For regulated environments, run the node on-premise so even fingerprints stay inside your perimeter — only signatures and hashes are recorded.