aisthetic·services/ agenttrust gateway
ExplorerProductDocsPricingSecurityEnterpriseSign inSign up free
Public verifier

Verify a receipt in your browser.

Paste an AgentTrust receipt JSON below. Verification runs entirely in your browser via WebCrypto Ed25519. The pasted receipt never leaves this page; only the gateway's public-key directory is fetched.

Fetching public-key directory…

What this verifies

  • The receipt was signed by an AgentTrust gateway whose public key is in the live signing-key directory.
  • The receipt body is byte-identical to what was signed (canonical JSON, RFC 8785-style).
  • The receipt has not expired (if expiresAt is set).

What this does not verify

  • That the upstream API actually produced the response , the gateway only attests to what the upstream returned; semantic correctness is the upstream's responsibility.
  • That the signing key has not been compromised. Key rotation events live in the audit log; check activatedAt / retiredAt on the key directory.
  • Any external operator certification. AgentTrust does not claim SOC 2, does not claim ISO 27001, does not claim HIPAA, does not claim PCI.