What is Treeship
Treeship is a local-first, portable proof system for agent workflows.
Treeship wraps the commands your agents run, signs the results, and produces portable proof that the work happened exactly the way you say it did.
Wrap, verify, share
1. treeship wrap -- npm test # sign what happened
2. treeship verify last # check the chain offline
3. treeship hub push last # share a verify URLThat is the entire core loop. Everything else builds on it.
What you get
Local-first
Every operation works offline. No server, no account, no API key required.
Portable
A signed artifact is a self-contained JSON file. It verifies anywhere, across orgs, clouds, and protocols.
Offline verification
The verifier is deterministic and runs on your machine. No network call needed.
Signed chain
Every artifact links to its parent by content hash. Tamper with one step and the whole chain fails.
Open
MIT licensed. The verifier is open source. Anyone can verify without trusting Treeship.
How it works
One key signs everything. When you run treeship init, Treeship generates an Ed25519 keypair and encrypts it at rest. This key is your identity boundary.
Actors are humans and AI. Every person or agent that performs work is identified by a URI like human://alice or agent://deployer. All actors sign under the same Treeship key.
Artifacts chain together. Each artifact references its parent by content-addressed ID. The result is an ordered, tamper-evident chain of everything that happened in your workflow.
Hub
Hub is optional. It adds shareability, never trust.
When you run treeship hub push, your artifact gets a public verify URL that anyone can open to check the chain. No install, no account, no trust in Treeship's infrastructure required on the verifier's side.
You can attach and detach from Hub at any time. Your keys and artifacts stay local regardless.