Skip to main content

Glossary

Attestation

A signed record that proves an agent took a specific action at a specific time. Contains the action description, a hash of the inputs, the agent identity, and a timestamp. Signed with Ed25519 so anyone can verify it independently.

Ed25519

A digital signature algorithm. Think of it like a wax seal on a letter: only the holder of the private key can create the seal, but anyone can check it using the public key. Industry standard, used by SSH, TLS, and most blockchains.

SHA-256

A one-way hash function. Turns any data into a fixed-length string of characters. Used to create a fingerprint of your data so Treeship can reference it without ever seeing the original. If even one byte changes, the hash is completely different.

Zero-Knowledge Proof (ZK Proof)

A way to prove something is true without revealing the underlying data. For example, proving “this attestation exists and is valid” without showing what action it recorded. Treeship uses Groth16 proofs, a specific type of ZK proof that is fast to verify.

Groth16

A type of zero-knowledge proof system. Produces small, fast-to-verify proofs. Treeship uses Groth16 over the BN128 curve (a specific mathematical structure) to generate proofs via Sindri.

Inputs Hash

A SHA-256 fingerprint of whatever data your agent acted on. You compute this on your side and send only the hash to Treeship. The raw data never leaves your server. Later, anyone can recompute the hash to confirm it matches.

Public Key / Private Key

A pair of cryptographic keys. The private key signs attestations (kept secret on the Treeship server, or your own server if self-hosting). The public key verifies signatures (shared openly at /v1/pubkey). Anyone with the public key can verify any attestation.

Agent Slug

A short, URL-safe identifier for your agent. Used in API calls and verification URLs. Example: my-trading-bot in treeship.dev/verify/my-trading-bot.

Verification URL

A public link where anyone can check an attestation. No account or API key needed. Example: treeship.dev/verify/my-agent/a8f3b2c1

SD-JWT (Selective Disclosure JWT)

A type of token where the holder can choose which fields to reveal to different parties. Used by Mastercard’s Verifiable Intent protocol to share only what each party needs to see.

Verifiable Intent (VI)

Mastercard’s open protocol for delegating payment authority to AI agents. A 3-layer credential chain (Issuer, User, Agent) with typed constraints like amount limits and merchant allowlists. Credentials are short-lived (minutes). Treeship can create permanent attestation records of VI-verified transactions.

World ID

A decentralized identity protocol by Worldcoin. Proves a real, unique human is behind an action using biometric verification (iris scan), government ID, or device verification. Treeship uses World ID for human-in-the-loop authorization.

Human-in-the-Loop

A pattern where an AI agent pauses before a high-stakes action and waits for a human to approve or deny it. Treeship records both the approval and the denial as signed attestations.

Canonical JSON

A standardized way of formatting JSON so that the same data always produces the exact same string. Required for consistent signatures. Treeship sorts keys alphabetically and removes extra whitespace before signing.