Docs / Verify / Verification API

// PROOF LEDGER READ SURFACE

Verification API

Read and verify receipts programmatically. The endpoints below let you recompute a leaf, fetch a Merkle proof, pull a self-contained evidence bundle, walk the chain, and confirm the on-chain anchor — all over the same proof the public Trust Portal exposes.

Verify a receipt now

Paste a receipt hash. If it is the committed public sample, the leaf and Merkle proof are recomputed entirely in your browser. Otherwise we run the public lookup. Either way: real math, never a fake spinner.

In-browser / public lookup Anchored

Logged in to the console? The same hash runs the full server recompute at GET /api/proof/verify?hash=, returning all four steps (receipt_recomputed, chain_ok, merkle_ok, anchor_ok). Logged out, the public lookup degrades gracefully — the sample still verifies fully client-side.

Endpoints

GET/api/proof/verify?hash=<h>Tenant-pinned

Runs all four verification steps server-side and returns a VerifyResult. No short-circuit — every check actually runs.

FieldTypeMeaning
receipt_recomputedboolThe leaf recomputed from the stored receipt matches receipt_hash.
chain_okboolprev_hash links back through the tenant chain with no break.
merkle_okboolThe sibling proof folds to the batch's merkle_root.
anchor_okboolThe on-chain memo equals the merkle_root.
batch_id, merkle_rootstringThe anchored batch and its root.
anchor_txid, anchor_chain, anchor_blockstring · numberThe anchoring transaction coordinates.
verifiedboolAll four checks passed.
steps[]object[]The ordered checklist rendered by the verify widgets.
GET/api/proof/proof?hash=<h>Tenant-pinned

Returns the raw Merkle proof so clients fold it themselves: { leaf, index, siblings[], merkle_root }. Siblings are a bare list — sorted-pair, no left/right flags.

GET/api/proof/bundle?hash=<h>security_admin

The self-contained offline evidence bundle (see the bundle shape). Sets content-disposition: attachment. Also accepts ?batch=<id>.

GET/api/proof/chain?hash=<h>&depth=<n>Tenant-pinned

Walks the chain toward genesis: [{ receipt_hash, prev_hash, receipt_seq }], up to depth entries.

GET/api/proof/statsTenant-pinned

The widget feed: { receipts, billable_receipts, anchored_batches, pending_batches, latest_root, latest_txid }.

GET/api/proof/schemaPublic

The frozen published schema — no flag, no auth. Any logged-out browser can fetch it; it is the single source of truth behind the Receipt schema doc.

GET/api/trust/verify/:hashPublic

The public un-pinned lookup. Returns { verified, <minimal fields> } only — never the canonical body of another tenant's receipt (enumeration-hiding). This is the one a logged-out browser can call.

Example

cURL
# public lookup (no auth): curl https://agentics.you/api/trust/verify/8ae41ff9f6cd265ce08a312dacc24f89da2c634c18e0ed47a29a475ad5e70efb # full server recompute (console session): curl https://agentics.you/api/proof/verify?hash=8ae41ff9… \ -H "Authorization: Bearer ak_…"
Don't trust us — verify it yourself. The fastest path to confidence is the six-line recipe: it reproduces any receipt hash with nothing but a SHA-256 implementation.