attest
Sign attestation artifacts -- actions, approvals, handoffs, endorsements, receipts.
treeship attest action
Record that an actor performed an action.
treeship attest action \
--actor agent://researcher \
--action openai.chat.completion \
--meta '{"model":"gpt-4o","tokens":1247,"prompt_hash":"sha256:abc..."}'Options
| Option | Description |
|---|---|
--actor <uri> | Who performed the action (required) |
--action <label> | What action occurred (required) |
--parent <id> | Parent artifact ID for chain linking |
--approval-nonce <nonce> | Nonce from an existing approval |
--input-digest <sha256:hex> | SHA-256 digest of the input consumed |
--output-digest <sha256:hex> | SHA-256 digest of the output produced |
--content-uri <uri> | URI to referenced content |
--meta <json> | Arbitrary JSON metadata |
--out <path> | Write raw DSSE envelope to file (use - for stdout) |
Use --input-digest to attest that an action occurred on specific content without revealing the content itself. The digest proves which data was processed. The content never enters the artifact.
Privacy-preserving attestation
treeship attest action \
--actor agent://clinical-ai \
--action clinical.note.summarize \
--input-digest sha256:e3b0c44298fc1c149afb4c8996fb924 \
--content-uri ehr://patient/94821/note/2026-03-26treeship attest approval
Record that an approver authorized an intent. A random nonce is generated automatically.
treeship attest approval \
--approver human://rezo \
--description "approve stripe charge max $500 to acme" \
--expires 2026-03-26T18:00:00ZReturns the approval artifact ID and the nonce. Pass the nonce to the agent so it can echo it in --approval-nonce when attesting the action.
Options
| Option | Description |
|---|---|
--approver <uri> | Approver identity URI (required) |
--subject <id> | Artifact ID being approved |
--description <text> | Plain text scope of what is authorized |
--expires <timestamp> | RFC 3339 expiry time |
Approvals are single-use by default. If the same nonce is used twice, the second action will fail verification. This is enforced in the Rust core and cannot be bypassed.
treeship attest handoff
Record a transfer of work between actors.
treeship attest handoff \
--from agent://researcher \
--to agent://executor \
--artifacts art_a1b2,art_c3d4Options
| Option | Description |
|---|---|
--from <uri> | Source actor URI (required) |
--to <uri> | Destination actor URI (required) |
--artifacts <ids> | Comma-separated artifact IDs being transferred (required) |
--approvals <ids> | Comma-separated approval IDs the receiver inherits |
--obligations <text> | Comma-separated obligations the receiver must satisfy |
treeship attest endorsement
A second party signs that they have verified another artifact.
treeship attest endorsement \
--endorser human://security-reviewer \
--subject art_code_output_abc \
--description "reviewed -- no critical issues found"treeship attest receipt
Record an external system confirmation (webhook, timestamp, inclusion proof).
treeship attest receipt \
--system system://stripe-webhook \
--kind confirmation \
--subject art_a1b2 \
--payload '{"eventId":"evt_abc","status":"succeeded"}'Options
| Option | Description |
|---|---|
--system <uri> | System that produced the receipt (required) |
--kind <type> | Receipt kind: confirmation, timestamp, inclusion, webhook (required) |
--subject <id> | Subject artifact ID |
--payload <json> | Receipt payload as a JSON object |