ProblemIntegrity ModelIntegration FitPartner DemosClaims BoundaryPilot Request

Developer Docs

Developer Overview

Start at the main docs hub.

Verification Lifecycle

Artifact submission, receipts, and later comparison.

API Overview

Public request and response model.

Security Model

Claims boundary and public-safe controls.

Architecture

Workflow fit and trust-boundary framing.

Threat Model

Threat assumptions and review posture.

Request Pilot

Architecture

TrustSignal operates as an integrity layer between existing evidence workflows and downstream review while keeping the current system of record in place.

Architects

Problem / Context

Architects evaluating TrustSignal need to understand the trust boundary, the system-of-record boundary, and the externally visible outputs.

The integration target is the workflow boundary where verification artifacts can be stored and checked later without replacing upstream application state.

Integrity Model

TrustSignal returns signed verification receipts, verification signals, and verifiable provenance while the existing workflow remains the system of record.

Existing workflow integration is the architectural goal. TrustSignal adds verification outputs; it does not replace workflow software.

How It Works

The public architecture view stays focused on trust boundaries and workflow fit.

System Architecture

Step 1

Artifact

Step 2

Verification Request

Step 3

Verification Result

Step 4

Signed Verification Receipt

Step 5

Receipt Storage

Step 6

Later Verification

Step 7

Tamper Detection

Example / Diagram

This view shows the boundary between partner systems, the public API surface, and private verification execution.

Trust Boundary

External Systems
TrustSignal API
Verification Engine

Public integrations interact with the authenticated API boundary. Internal verification infrastructure remains private.

Production Considerations

Architecture review should focus on how the receipt and later verification outputs fit into the surrounding workflow and monitoring model.

Receipt storage, later verification, and lifecycle monitoring should live alongside the upstream workflow record, not instead of it.
Integration Snippet
// Existing workflow remains the system of record
const artifact = {
  source: "record_system",
  artifact_hash: "0x8b7b2f52f2a2e19f8f3fe0d815d1c1d8d1e0d120e8cc60d1baf5e7a6f9d211aa",
  control_id: "CONTROL_CC_001",
}

// TrustSignal adds verification and receipt outputs
const receipt = await verifyArtifact(artifact)

Security and Claims Boundary

The architectural view is public-safe and intentionally excludes internal verification implementation details.

Public documentation does not expose internal service topology, proof internals, or signing infrastructure specifics.

Claims Boundary

  • • TrustSignal provides signed verification receipts.
  • • Returns verification signals and lifecycle status.
  • • Enables later verification of previously checked artifacts.
  • • Integrates with existing compliance workflows.

Not Provided

  • • Legal determinations
  • • Fraud guarantees
  • • Compliance certification
  • • Replacement for system-of-record platforms

Related Docs

Use these links to continue from architecture into API, lifecycle, or security review.

Verification Lifecycle

Lifecycle, receipt flow, and later comparison guidance.

API Overview

Public request and response model.

Security Model

Public-safe controls and claims boundary.

Architecture

Workflow fit and trust-boundary framing.

Related Docs

Verification LifecycleAPISecurity Model