For Developers

Technical Documentation

Everything you need to integrate SONATE trust receipts into your application. Verify AI interactions with cryptographic proof.

Quick Start

Install the SDK (MIT License)
npm install @sonate/verify-sdk
Verify a receipt (5 lines)
import { verify } from '@sonate/verify-sdk';

// Fetch the receipt from your backend or SONATE API
const receipt = await fetch('/api/trust/receipts/abc123').then(r => r.json());

// Verify cryptographic signature and chain integrity
const result = await verify(receipt);

if (result.valid) {
  console.log('Trust score:', result.trustScore);
  console.log('Chain intact:', result.chainValid);
} else {
  console.error('Verification failed:', result.errors);
}

API Endpoints

Base URL: https://yseeku-backend.fly.dev

POST/api/public-demo/generateAuth: None (rate limited)

Generate a signed trust receipt for an AI interaction

Request: { prompt, response }Response: { receipt, verification }
POST/api/public-demo/verifyAuth: None

Verify a trust receipt's signature and chain integrity

Request: { receipt }Response: { valid, checks[], trustScore }
GET/api/public-demo/public-keyAuth: None

Get the Ed25519 public key for independent verification

Request: -Response: { publicKey, algorithm, keyId }
GET/.well-known/did.jsonAuth: None

W3C DID Document for platform identity

Request: -Response: DID Document (JSON-LD)

cURL Examples

Generate a receipt
curl -X POST https://yseeku-backend.fly.dev/api/public-demo/generate \
  -H "Content-Type: application/json" \
  -d '{
    "prompt": "What is the capital of France?",
    "response": "The capital of France is Paris."
  }'
Get public key
curl https://yseeku-backend.fly.dev/api/public-demo/public-key

Security Architecture

Ed25519 Signatures

Every receipt is signed with Ed25519, the same algorithm used by SSH, Signal, and Tor. Fast, secure, and independently verifiable.

  • 256-bit security level
  • Deterministic signatures
  • Public key at /.well-known/sonate-pubkey

Hash Chains

Each receipt links to the previous via SHA-256 chain hash. Modify any receipt and the chain breaks - detectable instantly.

  • Tamper-evident by design
  • Full audit trail
  • Chain verification in SDK

W3C DIDs

Decentralized Identifiers for platform and agents. Standard did:web method with public key resolution.

  • Platform DID: did:web:yseeku.com
  • Agent DIDs with controller
  • /.well-known/did.json resolution

Trust Scoring

6 constitutional principles evaluated in under 50ms. Weighted scores combine into a single trust score (0-100).

  • CIQ metrics (Clarity, Integrity, Quality)
  • Real-time evaluation
  • Configurable thresholds

Sample Trust Receipt

Full receipt structure
{
  "self_hash": "f860961876968f2c4a7b3d...",
  "timestamp": 1707667200000,
  "session_id": "sess_abc123",
  "agent_id": "agent_xyz789",
  "interaction": {
    "prompt": "What is the capital of France?",
    "response": "The capital of France is Paris."
  },
  "ciq_metrics": {
    "clarity": 0.95,
    "integrity": 0.92,
    "quality": 0.94
  },
  "trust_score": 94,
  "chain": {
    "previous_hash": "715799d2fb16c4b6...",
    "chain_hash": "a3b8c9d0e1f2..."
  },
  "signature": {
    "algorithm": "Ed25519",
    "value": "f33ee6d928a1b2c3d4e5f6..."
  },
  "issuer": "did:web:yseeku.com",
  "subject": "did:web:yseeku.com:agents:xyz789"
}
self_hash
SHA-256 of receipt content
chain.chain_hash
Links to previous receipt
signature.value
Ed25519 signature (hex)

Ready to Integrate?

Get started with the SDK or talk to us about enterprise integration.