Skip to main content

Public transparency log

Every receipt, on the record

Every CertNode receipt is appended to a public, append-only log (the same RFC 6962 structure browsers use for TLS certificates). Once a receipt is in, it cannot be quietly removed or rewritten, not even by us. This page shows the log's live signed head.

1,307

receipts sealed in the log

Root hash

5cda165e3639fd472b1dc1dd1b3ff3d0e71f2b71333b4773df5feff63c9b8eda

Signed head issued

7/8/2026, 9:00:36 PM UTC

Signing key

certnode-kms-2026-06

Check it yourself

  • The raw signed tree head is public JSON at /api/transparency/sth. It is signed with ES256 (key above), timestamped with two independent RFC 3161 authorities, and anchored to Bitcoin via OpenTimestamps.
  • Any individual receipt can be verified at /verify with no account, or fully offline with the open @certnode/verify package.
  • Each head commits to the previous one (prev size 1,303), so history can't be rewritten without the chain visibly breaking.

Plainly: you don't have to trust CertNode. The log, the signatures, the timestamps, and the Bitcoin anchor are all checkable by you or anyone you're arguing with.