Ownership proof

Don't trust us. Verify the signer.

Every public surface that says aisthetic.services is signed by the same Ed25519 key. The same canonical bytes are anchored on Solana mainnet so the proof outlives any single hosting provider. You can verify both the JSON signature and the on-chain anchor offline, with nothing but a curl and a Solscan link.

What is anchored

Domain — aisthetic.services
GitHub — github.com/den0th (maintainer of aisthetic-hard-test)
X — @aisthetico
Operator wallet — uwEbUj8xPq6E24Whh9JVniJTJRHqiZUDLCLRUZauoG5
AgentRegistry program (Solana mainnet) — DiqUXZSLqqn2fJiNHptpdheziY1fcLdZcdDH2kmCa3Kp
Receipt verifier program (Solana mainnet) — FWdCDkFnexcJrMMhzfPLuBnX3RaFS8zoaqxCsMLxvw9Z
pay-skills PR — solana-foundation/pay-skills #46

How to verify

1. Fetch the signed JSON

curl -s https://aisthetic.services/.well-known/aisthetic-ownership.json | jq .

The signature.canonicalJson field is the exact byte string that was signed. The signature.publicKey is the operator wallet, the same key that owns the AgentRegistry program upgrade authority on Solana mainnet.

2. Verify the Ed25519 signature offline

# Node, no install needed
node -e "
  const c = JSON.parse(require('fs').readFileSync(0,'utf8'));
  const s = c.signature;
  const ok = require('crypto').verify(
    null,
    Buffer.from(s.canonicalJson),
    { key: Buffer.concat([Buffer.from('302a300506032b6570032100','hex'), require('bs58').default.decode(s.publicKey)]), format:'der', type:'spki' },
    Buffer.from(s.sigBase64,'base64')
  );
  console.log(ok ? 'VERIFIED' : 'BAD SIGNATURE');
" < <(curl -s https://aisthetic.services/.well-known/aisthetic-ownership.json)

3. Confirm the same bytes on Solana mainnet

The same canonical JSON was anchored as a memo transaction on Solana mainnet. The transaction is signed by the operator wallet (above) and is finalised on chain.

# Solscan UI
open https://solscan.io/tx/54fVfcybJpy21ZWwhApCFuBWXZUhmGmb458GoJe33FiyiPHqdnqwhiVzZ46JWc2f482TenCJjMT67WMttRj4181a

# Or fetch the memo via RPC and compare bytes
curl -s https://api.mainnet-beta.solana.com \
  -H 'content-type: application/json' \
  -d '{"jsonrpc":"2.0","id":1,"method":"getTransaction","params":["54fVfcybJpy21ZWwhApCFuBWXZUhmGmb458GoJe33FiyiPHqdnqwhiVzZ46JWc2f482TenCJjMT67WMttRj4181a",{"encoding":"jsonParsed","commitment":"finalized","maxSupportedTransactionVersion":0}]}' \
  | jq '.result.transaction.message.instructions[0].parsed' -r

What this does and does not prove

Proves the same Ed25519 keyholder controls the domain, the GitHub username on file, the X handle on file, the operator Solana wallet, and the two Anchor programs.
Proves the JSON has not been tampered with, since any change breaks the signature.
Proves the claim was anchored at a known mainnet slot, since the transaction signature is fixed.
Does not prove any compliance certification. SOC 2, ISO 27001, HIPAA, PCI, vendor SAML, vendor SCIM are all not claimed.
Does not prove a paid customer or signed pilot. Public billing is not launched; the first signed pilot is not started.
Does not prove the legal-entity ownership. That is a separate filing the operator handles off-repo.

Trust Center · Proof Center · Raw signed JSON · Solscan tx