attest
Sign attestation artifacts -- actions, decisions, approvals, handoffs, endorsements, receipts.
treeship attest action
Record that an actor performed an action.
treeship attest action \
--actor agent://researcher \
--action openai.chat.completion \
--meta '{"model":"gpt-4o","tokens":1247,"prompt_hash":"sha256:abc..."}'Options
| Option | Description |
|---|---|
--actor <uri> | Who performed the action (required) |
--action <label> | What action occurred (required) |
--parent <id> | Parent artifact ID for chain linking |
--approval-nonce <nonce> | Nonce from an existing approval |
--input-digest <sha256:hex> | SHA-256 digest of the input consumed |
--output-digest <sha256:hex> | SHA-256 digest of the output produced |
--content-uri <uri> | URI to referenced content |
--meta <json> | Arbitrary JSON metadata |
--out <path> | Write raw DSSE envelope to file (use - for stdout) |
Use --input-digest to attest that an action occurred on specific content without revealing the content itself. The digest proves which data was processed. The content never enters the artifact.
Privacy-preserving attestation
treeship attest action \
--actor agent://clinical-ai \
--action clinical.note.summarize \
--input-digest sha256:e3b0c44298fc1c149afb4c8996fb924 \
--content-uri ehr://patient/94821/note/2026-03-26treeship attest decision
Record an LLM inference decision with model, token usage, and confidence metadata.
treeship attest decision \
--actor agent://analyst \
--model claude-opus-4 \
--tokens-in 8432 \
--tokens-out 1247 \
--summary "Contract analysis complete." \
--confidence 0.91Options
| Option | Description |
|---|---|
--actor <uri> | Who made the decision (required) |
--model <name> | Model identifier, e.g. claude-opus-4, gpt-4o |
--tokens-in <n> | Input token count |
--tokens-out <n> | Output token count |
--prompt-digest <sha256:hex> | SHA-256 digest of the prompt |
--summary <text> | Plain-text summary of the decision |
--confidence <0-1> | Confidence score between 0 and 1 |
--parent <id> | Parent artifact ID for chain linking |
Decision attestations are designed for LLM audit trails. They record which model was used, how many tokens were consumed, and what the model concluded, without storing the prompt or response content.
treeship attest approval
Record that an approver authorized an intent. A random nonce is generated automatically.
treeship attest approval \
--approver human://alice \
--description "approve stripe charge max $500 to acme" \
--expires 2026-03-26T18:00:00ZReturns the approval artifact ID and the nonce. Pass the nonce to the agent so it can echo it in --approval-nonce when attesting the action.
Options
| Option | Description |
|---|---|
--approver <uri> | Approver identity URI (required) |
--subject <id> | Artifact ID being approved |
--description <text> | Plain text scope of what is authorized |
--expires <timestamp> | RFC 3339 expiry time |
Approvals are single-use by default. If the same nonce is used twice, the second action will fail verification. This is enforced in the Rust core and cannot be bypassed.
treeship attest handoff
Record a transfer of work between actors.
treeship attest handoff \
--from agent://researcher \
--to agent://executor \
--artifacts art_a1b2,art_c3d4Options
| Option | Description |
|---|---|
--from <uri> | Source actor URI (required) |
--to <uri> | Destination actor URI (required) |
--artifacts <ids> | Comma-separated artifact IDs being transferred (required) |
--approvals <ids> | Comma-separated approval IDs the receiver inherits |
--obligations <text> | Comma-separated obligations the receiver must satisfy |
treeship attest endorsement
Record an endorsement of an existing artifact. Used for post-hoc validation, compliance sign-off, and countersignatures.
treeship attest endorsement \
--endorser human://auditor \
--subject art_a1b2 \
--kind validationtreeship attest endorsement \
--endorser human://compliance \
--subject art_c3d4 \
--kind compliance \
--rationale "Meets SOC-2 requirements" \
--expires 2026-12-31T00:00:00Z \
--policy-ref https://example.com/policyOptions
| Option | Description |
|---|---|
--endorser <uri> | Endorser identity URI (required) |
--subject <id> | Artifact ID being endorsed (required) |
--kind <type> | Endorsement kind: validation, compliance, countersignature, review (required) |
--rationale <text> | Human-readable rationale for the endorsement |
--expires <timestamp> | Expiration timestamp (RFC 3339) |
--policy-ref <uri> | URI to the governing policy document |
--meta <json> | Extra metadata as a JSON object |
--parent <id> | Parent artifact ID for chain linking |
--out <path> | Write raw DSSE envelope to file (use - for stdout) |
Endorsements are separate artifacts that reference the subject via --subject. They form their own chain and can be verified independently. Use --policy-ref to link to the policy or checklist that was followed during review.
treeship attest receipt
Record an external system confirmation (webhook, timestamp, inclusion proof).
treeship attest receipt \
--system system://stripe-webhook \
--kind confirmation \
--subject art_a1b2 \
--payload '{"eventId":"evt_abc","status":"succeeded"}'Options
| Option | Description |
|---|---|
--system <uri> | System that produced the receipt (required) |
--kind <type> | Receipt kind: confirmation, timestamp, inclusion, webhook (required) |
--subject <id> | Subject artifact ID |
--payload <json> | Receipt payload as a JSON object |