The Sovereign public verification API as a standards-compliant OpenAPI 3.1 schema. Importable into Cursor, Postman, Insomnia, VSCode REST Client, or any IDE that speaks OpenAPI.
https://sovereignmatrix.agency/api/openapi.jsonOpen the URL in a browser to read the raw JSON, or paste it into your tool of choice. Self-references the request origin — preview deploys and white-label domains produce valid contracts.
Open raw schema/api/verifyVerify a receipt's HMAC signaturePass canonical + signature. Server recomputes HMAC-SHA256 and constant-time compares. Returns {valid: boolean}.
curl -X POST https://sovereignmatrix.agency/api/verify \
-H "Content-Type: application/json" \
-d '{
"canonical": "<canonical-projection-string>",
"signature": "v1=<hex>"
}'/api/agent-runs/{id}Fetch a receipt by IDReturns the full receipt: canonical, signature, agent name, model, duration, safety pipeline results, timestamps. Visibility-gated.
curl https://sovereignmatrix.agency/api/agent-runs/<receipt-id>
/api/agent-runs/latest-publicFreshest public receiptThe most recent receipt with visibility=public. Useful as a seed for verification demos. Returns {receipt: null} if none exist yet.
curl https://sovereignmatrix.agency/api/agent-runs/latest-public
/api/agent-runs/recent-publicPublic feed (up to 50)Block-explorer-style feed. Each row is a fingerprint summary — fetch the full receipt for canonical + signature.
curl "https://sovereignmatrix.agency/api/agent-runs/recent-public?limit=10"
/api/stats/publicAggregate platform metricsLifetime signed-receipt count, public-receipt count, last 24h. Aggregate only — no PII.
curl https://sovereignmatrix.agency/api/stats/public
openapi-typescript-codegen or your stack's equivalent.