Certification Surfaces · AI Outputs
Certify AI outputs with cryptographic proof
Prompts, generated results, structured outputs, and multi-step artifact bundles can all be bound to a SHA-256 fingerprint and Ed25519 signature — independently verifiable proof of what was produced, when, and by what process.
When output certification is linked to an Agent Commerce transaction, the receipt also binds the payment policy, agent identity, and artifact hash — so output and transaction can be verified together.
What can be certified
Any AI-generated artifact can be fingerprinted, signed, and registered as a certified output.
Prompt + output pair
The prompt and generated response recorded together — hash binds both sides of the generation event into one verifiable artifact.
Generated text or document
A single generated file, document, or completion — fingerprinted, signed, and issued a certificate with generation metadata.
Structured output or JSON result
Structured outputs from AI pipelines — API responses, classification results, extraction payloads — bound to a signed certificate.
Multi-step artifact bundle
Outputs produced across multiple model calls or pipeline steps, grouped and certified as a single artifact with lineage tracking.
What makes an output certified
Certification is not a badge. It is a chain of cryptographic records linking the artifact, the payment, the policy, and the signing key — each step independently verifiable.
Prompt / tool call
Agent invokes a model, tool, or API that produces an output.
Artifact created
The output is hashed (SHA-256). Hash becomes artifact_hash.
Provenance attached
transaction.attachLinks() binds artifact_hash, decision_record_id, certificate_id to the pending transaction.
Policy check
Agent Commerce evaluates the payment against the active policy_id. Blocked requests never reach capture.
Payment captured
A signed receipt is issued inline. The receipt hash is computed, then Ed25519-signed.
Public verification
Anyone can verify the receipt at GET /api/payments/verify/:receiptId. No account required.
What the receipt contains
Every captured payment returns an inline signed receipt. These fields are the source of truth for verification — no separate database lookup required for the hash and signature check.
// Inline receipt returned on capture
{
"receipt_id": "rcpt_01jbm4k7vw8y9z2a3b4c5d6e7f",
"transaction_id": "txn_01jbm4k7vw8y9z2a3b4c5d6e7f",
"decision_record_id": "dec_agent_logo_gen_2026_04_12",
"certificate_id": "cert_01jbm4k7vw8y9z2a3b4c5d6e7f",
"artifact_hash": "sha256:3f4a9c2b8d1e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0",
"policy_id": "pol_01jbm4k7vw8y9z2a3b4c5d6e7f",
"sha256_hash": "sha256:9c2f1a3b4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1",
"ed25519_sig": "base64url:MEUCIQDx…",
"agent_id": "agt_buyer_01",
"amount": 2500,
"currency": "usd",
"rail": "stripe",
"purpose": "Logo generation — certified PNG output",
"timestamp": "2026-04-12T14:23:11.042Z"
}| Field | What it records |
|---|---|
| receipt_id | Unique identifier for this receipt |
| transaction_id | Settled payment transaction |
| decision_record_id | AI decision that triggered this payment |
| certificate_id | CertifiedData artifact certificate (if certified) |
| artifact_hash | SHA-256 fingerprint of the output artifact |
| policy_id | Policy that approved the spend |
| sha256_hash | Canonicalized hash of the receipt payload |
| ed25519_sig | Ed25519 signature over the receipt |
| agent_id | Agent that made the payment |
| amount | Amount in cents |
| currency | ISO 4217 currency |
| rail | Payment rail used |
| timestamp | Execution time (ISO-8601) |
Verify any receipt at GET /api/payments/verify/:receiptId — public, no authentication required.
How to issue a certified output
Three SDK calls. The receipt is returned inline — no webhook, no polling.
from certifieddata_payments import CertifiedDataPayments
cdp = CertifiedDataPayments(api_key="cdp_test_…")
# 1. Declare transaction intent
tx = cdp.transactions.create({
"amount": 2500, # cents
"currency": "usd",
"payee_id": "merch_logo_gen_01",
"rail": "stripe",
"purpose": "Logo generation"
})
# 2. Attach artifact provenance
cdp.transactions.attach_links(
tx["transaction_id"], {
"artifact_hash": "sha256:3f4a…",
"certificate_id": "cert_01jbm…",
"decision_record_id": "dec_agent_…",
}
)
# 3. Capture — returns inline signed receipt
capture = cdp.transactions.capture(
tx["transaction_id"]
)
receipt = capture["receipt"]
print(receipt["receipt_id"])import { CertifiedDataPayments } from
"@certifieddata/payments";
const cdp = new CertifiedDataPayments({
apiKey: "cdp_test_…",
});
// 1. Declare transaction intent
const tx = await cdp.transactions.create({
amount: 2500,
currency: "usd",
payeeId: "merch_logo_gen_01",
rail: "stripe",
purpose: "Logo generation",
});
// 2. Attach artifact provenance
await cdp.transactions.attachLinks(
tx.transactionId, {
artifactHash: "sha256:3f4a…",
certificateId: "cert_01jbm…",
decisionRecordId: "dec_agent_…",
}
);
// 3. Capture — returns inline signed receipt
const { receipt } = await cdp.transactions
.capture(tx.transactionId);
console.log(receipt.receiptId);Public verification
Receipt verification is public and requires no account. The verifier recomputes the payload hash and checks the Ed25519 signature against the signing key on record.
# Verify any receipt — no API key required
curl https://certifieddata.io/api/payments/verify/rcpt_01jbm4k…
{
"valid": true,
"hashValid": true,
"signatureValid": true,
"signingKeyId": "key_01jbm…",
"signatureAlg": "Ed25519"
}hashValid
Payload hash recomputed and matched.
signatureValid
Ed25519 signature verified against signing key.
signingKeyId
Which CertifiedData key signed this receipt.
Related
Agent Commerce →
Verifiable payments infrastructure for AI agents.
Receipt schema →
Full field definitions for the payment_receipt.v1 schema.
Authorization →
How policy evaluation works before capture.
Spend governance →
Daily limits, per-transaction caps, blocked merchants.
Use cases →
Where certified outputs fit best.
Artifact certification →
Certify a dataset or AI artifact with CertifiedData.