diff --git a/public/ambient-verification.html b/public/ambient-verification.html index 14dab41..1473a75 100644 --- a/public/ambient-verification.html +++ b/public/ambient-verification.html @@ -71,6 +71,11 @@

The working model

Runtime: https://runtime.commandlayer.org
Verifier: https://runtime.commandlayer.org/verify

+
+

Webhook Auto-Verify

+

Webhook Auto-Verify

Working example of automatic receipt verification.

Open demo
+
+

Live today

diff --git a/public/api.html b/public/api.html index 7029674..c94bb41 100644 --- a/public/api.html +++ b/public/api.html @@ -211,6 +211,10 @@

Developer integration paths

+
+

Webhook Auto-Verify

Webhook Auto-Verify

Server-side accept/reject flow using runtime verification.

Open demo
+
+

Next steps

diff --git a/public/docs.html b/public/docs.html index d72738f..a53c174 100644 --- a/public/docs.html +++ b/public/docs.html @@ -123,6 +123,10 @@

Developer paths

+
+

Automatic Verification

Automatic Verification

See a webhook-style receipt verification flow.

+
+

Reference links

diff --git a/public/index.html b/public/index.html index e45546d..10c3d2f 100644 --- a/public/index.html +++ b/public/index.html @@ -1055,6 +1055,7 @@

View the proof Explore capabilities Install SDK + Run Auto-Verify Demo

@@ -1278,6 +1279,34 @@

Four steps to cryptographic certainty

+ + + +
+
+
+

Automatic verification

+

Valid receipts are accepted. Tampered receipts are rejected.

+

CommandLayer verification is not limited to manual paste. A webhook can receive a receipt, verify it server-side, accept the valid event, and reject the same receipt after payload tampering.

+
+
+
+
Valid receiptACCEPTED
+
verifier_status: VALID
hash_matches: true
signature_valid: true
+
+
+
Tampered receiptREJECTED
+
verifier_status: INVALID
hash_matches: false
signature_valid: false
+
+
+

Runtime signs → Webhook receives → Verifier checks → Accept / reject

+
+ Run the automatic verification demo + View example code +
+
+
+
@@ -1309,7 +1338,7 @@

Trust verification now, broader capability families next<

Verification surfaces

Runtime-validated verification.
Public verifier surface.

-

Runtime /verify has been validated against production runtime receipts. Website /api/verify is a public verifier surface and should align with the same canonical proof model.

+

Runtime /verify has been validated against production runtime receipts. Website /api/verify is a public verifier surface and should align with the same canonical proof model. Webhook sender authentication is separate from receipt verification.

Open Verifier @@ -1346,10 +1375,11 @@

Runtime-validated verification.
Public verifier surfac

Trust the proof.
Not the agent.

-

Start adding cryptographic verification to your AI agent actions in minutes.

+

Start adding cryptographic verification to your AI agent actions in minutes.
Now with manual verification, production proof, and automatic webhook verification.

Verify a Receipt View SDK on GitHub + Run Auto-Verify Demo
diff --git a/public/verify.html b/public/verify.html index 6599bd3..508ecd3 100644 --- a/public/verify.html +++ b/public/verify.html @@ -57,7 +57,7 @@
Verifier

Verify agent receipts by proof, not claim.

Paste a CommandLayer receipt, inspect its canonical proof, and confirm whether the hash and Ed25519 signature still match.

Verify a receiptView production proof
Receipts are not trusted by claim. They are verified by proof.
Runtime production is live. Runtime signs canonical Trust Verification receipts. MCP E2E against production runtime passes: STEP 1 SIGNED, STEP 2 VERIFIED, STEP 3 TAMPERED INVALID. Runtime signer: runtime.commandlayer.eth with kid=vC4WbcNoq2znSCiQ. Canonical proof uses metadata.proof.canonicalization=json.sorted_keys.v1, metadata.proof.hash.alg=SHA-256, and metadata.proof.signature.alg=Ed25519.
What gets checked

Manual verifier checks, not just shape.

Receipt structure
Canonical metadata.proof envelope
json.sorted_keys.v1 canonical hash
SHA-256 hash match
Ed25519 signature validity
Signer identity and key id
Supported capability verb
Tamper resistance
A receipt is only verified when hash and signature checks pass. Schema-valid alone is not verified.
Run verification to see verdict.
    -
    Proof surfaces

    Manual verifier

    Paste a receipt and inspect every verification check.

    Proof URLs

    Open a receipt verification result from a shareable URL.

    Embedded badges

    Display verified/invalid state inside an app or product UI.

    Ambient verification

    Let systems verify receipts automatically through SDKs, APIs, webhooks, MCP tools, or agent-to-agent flows.

    +
    Proof surfaces
    Need automatic verification? Use the webhook auto-verify demo to verify receipts without manual paste. Open demo.

    Manual verifier

    Paste a receipt and inspect every verification check.

    Proof URLs

    Open a receipt verification result from a shareable URL.

    Embedded badges

    Display verified/invalid state inside an app or product UI.

    Ambient verification

    Let systems verify receipts automatically through SDKs, APIs, webhooks, MCP tools, or agent-to-agent flows.

    Backed by CLAS Trust Verification

    VerifyAgent validates canonical CLAS Trust Verification receipts using schemas where applicable, then checks canonical hash, Ed25519 signature, signer identity, and trust verb.

    Schema validation supports verification, but does not replace cryptographic proof.

    Canonical receipt example

    {
   "metadata": {
     "proof": {