Attesto 2.0

Proofstream and offline verification

Proofstream records AI-relevant evidence as append-only stream history. Each accepted event receives a receipt; closed windows become checkpoints; witnesses sign monotonic progress; anchors bind epochs externally; bundles can be verified without Attesto backend access.

Lifecycle

Stream events and receipts

A Proofstream event is appended to exactly one stream and receives a monotonic sequence number. The receipt binds the event hash, previous event hash, sequence number, and resulting stream head.

curl -X POST https://verify.attesto.eu/v2/streams/$STREAM_ID/events \
  -H "Authorization: Bearer $ATTESTO_API_KEY" \
  -H "Idempotency-Key: $ATTESTO_IDEMPOTENCY_KEY" \
  -H "Content-Type: application/json" \
  --data-binary @proofstream-event.json

{
  "stream_event_id": "sev_...",
  "seq_no": 42,
  "event_hash": "sha256-hex",
  "previous_event_hash": "sha256-hex",
  "stream_head_hash": "sha256-hex",
  "receipt": {
    "alg": "Ed25519",
    "kid": "proofstream-receipt-key",
    "signature": "hex-encoded-signature"
  }
}

Windows

A window closes a contiguous event range. Its Merkle root commits to every event in the range, and inclusion material lets the verifier prove that a specific event belongs to that closed range.

• from_seq_no and to_seq_no define the closed range.
• window_root commits to the ordered leaves.
• leaf_hash and inclusion_path verify individual membership.

Checkpoints

A checkpoint commits the stream state after one or more windows. It links the latest event head, window roots, policy digest, witness policy, and anchor epoch candidate.

curl https://verify.attesto.eu/v2/checkpoints/$CHECKPOINT_ID

Consistency

Consistency proves that a later checkpoint extends earlier history. Without consistency, a system could show inclusion for two different histories and still appear locally valid. Proofstream treats consistency as a first-class verifier requirement.

curl "https://verify.attesto.eu/v2/checkpoints/$CHECKPOINT_ID/consistency?from=$PREVIOUS_CHECKPOINT_ID"

Fork defense

Inclusion proofs alone are not enough. Proofstream also checks consistency and witness monotonicity. If two checkpoint heads claim incompatible histories for the same stream, fork evidence is created and the verifier rejects the ambiguous history.

Fork evidence is not a dashboard warning. It is a verifiable object that can be included in a bundle and inspected by an external verifier.

Offline verification

Use the SDK helper or the verifier CLI on a downloaded bundle. Online anchor re-checks are explicit; the core bundle verification path does not depend on Attesto backend availability.

attesto verify bundle ./attesto-bundle.json

For service-to-service verification, submit the same object shape to POST /v2/verify. The API and CLI share fail-closed semantics.

curl -X POST https://verify.attesto.eu/v2/verify \
  -H "Content-Type: application/json" \
  --data-binary @attesto-bundle.json

Nova lifecycle proofing lane

Nova/IVC proofing is an asynchronous lifecycle lane over committed checkpoint metadata. It is designed for lifecycle proofing and remains review-gated before any stronger external cryptographic claim is made. Receipt ingest and offline bundle verification do not depend on Nova proof generation being in the hot path.