Skip to main content
The CertNode proof engine

Cryptographic proof for events that get challenged later.

CertNode runs one proof engine. It signs an event record, has independent timestamp authorities countersign it, and anchors it to Bitcoin — producing a tamper-evident, independently verifiable receipt. Every product on this site is a storefront for that same engine, pointed at a moment someone may later dispute.

Signature
ES256 / HMAC
Independent time
RFC 3161
Anchor
Bitcoin
See it on a real disputeHow the proof works
In plain terms

Logs say what happened. Receipts let someone else verify the record hasn't changed — without trusting your database.

CertNode turns a moment that matters — a payment, an agreement, an AI output, a shipment — into a receipt that is three things at once: tamper-evident (change one detail and it visibly breaks), independently dated (no one can backdate it), and checkable by anyone (they verify it themselves — they do not have to trust you).

So when someone disputes what happened months later — a customer, their bank, an auditor, opposing counsel — the receipt settles it instead of your word against theirs. The cryptography below is how it holds up; you do not need to understand it to use it.

Three layers, one record

Each layer answers a question a hostile party will ask later: who signed it, when did it exist, and can the date be revoked?

LAYER 1

Signature layer

A cryptographic signature over the content hash — an ES256 (ECDSA P-256) signature on AI-Provenance receipts, and an HMAC-SHA256 integrity seal on commerce records. Change one byte of the record and it no longer validates — that is what makes it tamper-evident.

LAYER 2

RFC 3161 timestamp

An independent Time Stamp Authority countersigns the hash — the standard cryptographic timestamp format cited in case law. The engine draws on multiple independent TSAs and can corroborate a record with a second stamp over the same bytes, so the date doesn't rest on our word — or any single authority's.

LAYER 3

Bitcoin anchor

The hash is anchored to the Bitcoin blockchain via OpenTimestamps and checked against block headers (explorer-backed) — evidence the record existed by that block's height and time, independent of every party, including us.

Together the three layers form a record structured to the FRE 902(13)/(14) self-authenticating standard for electronic evidence — built so its integrity and date can be established without a foundation witness.

Records link into a chain

Each receipt can reference its parents, so a sequence of related events — an order, its payment, the shipment, the delivery — becomes one tamper-evident chain. Modify any link and every signature downstream breaks.

Because the structure is a graph, a single sub-chain can be verified on its own without loading everything else — the part you need to prove, and nothing more.

1
Order receipt
depth 0 · parents: none
2
Payment receipt
depth 1 · parent: order
3
Shipment receipt
depth 2 · parent: payment
4
Delivery receipt
depth 3 · parent: shipment

Verify it independently — not just on our word

Every receipt has a public verification page that re-checks each layer in the browser — no account needed. The independent anchors do the heavy lifting: the RFC 3161 timestamps check against independent Time Stamp Authorities and the Bitcoin anchor against block headers (explorer-backed), neither of which we control. On AI-Provenance receipts the ES256 signature is additionally checkable against our published public key.

SPEC
Receipt spec
cn.receipt.v1 — the published format any verifier can implement
VECTORS
Conformance vectors
Public test vectors to check an independent implementation
OFFLINE
Offline verifier
A single HTML file that verifies receipts without our servers
LOG
Transparency log
Append-only with non-equivocation (RFC 6962-style signed tree head)
AI-Provenance verification — Node.js
import { createHash, createVerify } from 'crypto'

// Verify an AI-Provenance receipt against our public verify endpoint —
// the ES256 signature is checkable against the published public key.
function verifyReceipt(receipt, publicKeyPem) {
  // 1. Recompute the content hash
  const hash = createHash('sha256')
    .update(receipt.canonicalPayload)
    .digest('hex')
  if (hash !== receipt.data_hash) return false

  // 2. Verify the ES256 signature against the published public key
  const v = createVerify('SHA256')
  v.update(receipt.data_hash)
  return v.verify(publicKeyPem, receipt.signature, 'base64')
}
Embed a verify badgeAPI documentation

Every product is this primitive applied

The same record, pointed at a different moment that someone may later dispute.

Chargeback defense

Cryptographic evidence captured before the dispute, packaged when it lands. 15% on wins, $0 otherwise.

Agentic commerce

Bind the agent mandate, cart, and receipt when an AI agent makes the purchase — for the dispute that follows.

Returns & warranty

Signed, timestamped condition evidence at fulfillment and return — for warranty and return-abuse disputes.

AI-agent accountability

A signed receipt for every action an agent takes, scoped to a human authorization — for when one is questioned.

Capture runs through Vault at the point of payment; the proof is there before anyone asks for it.

Start where the proof already pays off.

The warmest line is chargeback defense — a proven category, priced so you only pay when it wins.

See the chargeback offerBuild on the API
The CertNode proof engine | CertNode