Signed end-to-end. Verified in your browser.
Every TrueCom transaction produces a receipt: Ed25519-signed, Merkle-chained, rail-proof-anchored. Verification is a pure function; no TrueCom server call is required to check a receipt. The widget below demonstrates the verify in-page.
Live verifier.
A fresh Ed25519 keypair is generated in your browser on page load. A canned receipt payload is signed with that key. The Verify button checks the signature against the current payload. The Tamper button mutates the payload without re-signing, showing the signature invalidates immediately.
Loading verifier . . .
No network calls are made by this widget. The signature, the public key, and the payload never leave your browser. If your browser does not support Ed25519 via WebCrypto, a SHA-256 payload digest is displayed instead.
Wire format.
{
"v": "3.3",
"tx_id": "tc_...",
"session_id": "sess_...",
"from": "agent:acme/treasury",
"to": "provider:quoteco",
"amount": { "value": "1.42", "currency": "USD" },
"rail": "x402",
"rail_proof": { "...": "rail-specific anchor: tx hash, stripe charge id, etc." },
"issued_at": "2026-04-22T15:12:11Z",
"merkle": {
"depth": N,
"root": "0x...",
"proof": [ "0x...", "0x..." ]
},
"sig": {
"alg": "Ed25519",
"kid": "agent:acme/treasury#key-1",
"sig": "BASE64URL(..)"
}
}Canonicalization.
Receipts are signed over a deterministic canonical JSON encoding (keys sorted lexicographically, no whitespace). Verifiers must canonicalize the payload before checking the signature. The SDK's verify() does this; custom verifiers must too.
Merkle chaining.
Every session accumulates a Merkle tree of receipts: discovery, hiring, payment, settlement, dispute transitions. The root is included in each emitted receipt. Given any receipt, an auditor can verify it against the session's chain root without pulling the full chain.
Rail proof.
The rail_proof field holds a rail-specific anchor: the on-chain tx hash for x402 and Tempo, the Stripe charge ID for Stripe rails, the Visa authorization code plus RFC 9421 signature for visa-ic, the Mastercard authorization plus SD-JWT digest for mastercard-agent-pay, the ACH reference for bank rails. Verifiers that want to check the rail proof independently can do so; the TrueCom verify() validates the structure but does not chase off-chain references.
Browser verification.
The widget above is the reference browser verify. In production, call verify(receipt) from @truecom/sdk in a browser bundle; it internally uses WebCrypto for Ed25519 and SHA-256. For browsers without Ed25519 support, the SDK falls back to a pure-JS implementation (slower but correct).