Skip to main content

Frequently Asked Questions

General

Treeship provides cryptographic attestations for AI agents. When your agent performs an action, Treeship creates a signed, timestamped record that anyone can independently verify.
As AI agents make more consequential decisions (approving loans, executing trades, processing sensitive data), stakeholders need proof of what actually happened. Attestations provide:
  • Accountability: Prove what your agent did and when
  • Compliance: Meet audit requirements with cryptographic evidence
  • Trust: Give customers verifiable proof, not just logs
  • Debugging: Trace exactly what happened in production
Logs can be modified or deleted. Attestations are cryptographically signed—any tampering is detectable. Plus, anyone can verify an attestation independently without trusting Treeship or your systems.
  • Ed25519 for signatures (fast, secure, widely supported)
  • SHA256 for hashing payloads and inputs
  • Canonical JSON for deterministic serialization

API Keys

Request a verification code via email:
curl -X POST https://api.treeship.dev/v1/keys/request \
  -H "Content-Type: application/json" \
  -d '{"email": "you@example.com"}'
Then verify and receive your key:
curl -X POST https://api.treeship.dev/v1/keys/verify \
  -H "Content-Type: application/json" \
  -d '{"email": "you@example.com", "code": "123456"}'
  • 1,000 attestations per day per API key
  • 100 attestations per minute burst limit
  • Verification endpoints are public with generous limits
Need higher limits? Contact us.
Yes. You can create multiple keys for different environments (dev, staging, prod) or different agents.
curl -X DELETE https://api.treeship.dev/v1/keys \
  -H "Authorization: Bearer YOUR_API_KEY"

Verification

Three ways:
  1. Web: Visit treeship.dev/verify/{agent}/{id}
  2. CLI: treeship verify {attestation_id}
  3. API: GET https://api.treeship.dev/v1/verify/{id}
Or verify independently using the public key and any Ed25519 library.
Yes! That’s the point. Fetch the public key once, then verify signatures locally using any Ed25519 implementation. The verification page shows exact commands.
No. Once created, attestations are permanent and verifiable forever.

Integration

  • Python: pip install treeship-sdk
  • Node.js/CLI: npm install -g treeship-cli
  • Any language: Use the REST API directly
No. Wrap attestation calls in try/catch and log failures, but don’t let them block your agent’s core functionality:
try:
    ts.attest(action="...", inputs_hash="...")
except Exception as e:
    logger.warning(f"Attestation failed: {e}")
    # Continue with agent operation
Hash everything that influenced the agent’s decision:
  • User inputs/queries
  • Context documents or RAG results
  • Model configuration (temperature, model name)
  • Any external data fetched
This creates a fingerprint without exposing sensitive data.

Self-Hosting

Yes. The API is a single Python FastAPI service. See the self-hosting guide.
Yes. Generate an Ed25519 key pair and set it via environment variable. See the self-hosting guide for details.