Cryptographic Identity for Verified Media Streams

Developer Portal

API explorer, SDK references, and protocol documentation for the Attestik Protocol.

Interactive API Explorer

Try every endpoint live. Click to expand, fill parameters, and send requests.

Wire Format Explorer

Paste raw Attestik frame bytes to parse and inspect the binary structure.

SDK Reference

Integration code for WASM, Rust, and CLI. Same operations, three runtimes.

Use the WASM verifier for in-browser verification. The module is ~180KB gzipped and requires no server round-trip. Install via npm:

bash
npm install @attestik/verify
javascript
import init, { verify_frame, parse_frame } from '@attestik/verify';

// Initialize WASM module
await init();

// Verify a frame against its media segment
const result = verify_frame(frameBytes, segmentBytes);
console.log(result.overall_state); // 'Verified'
console.log(result.signature_valid); // true
console.log(result.binding_ok);      // true

// Parse frame structure without verification
const info = parse_frame(frameBytes);
console.log(info.publisher_id);  // hex entity ID
console.log(info.stream_id);     // hex stream ID
console.log(info.seq);           // segment sequence number
console.log(info.frame_type);    // 'Full' | 'Delta' | 'Heartbeat'

Test Vectors

Golden test data for validating your implementation. Use these fixed inputs to verify deterministic outputs.

Fixed Inputs

secret_key:
9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60
media_bytes:
48656c6c6f2c20776f726c6421
timestamp:
1700000000
seq:
0
publisher_name:
test-vector-publisher

Expected Outputs

entity_id:
b560c300cc7bf8d91e874423c1dc5da161ce3aa4
public_key:
d75a980182b10ab7d54bfed3c964073a0ee172f3daa3f4a18446b7b8b7a08627
media_sha256:
315f5bdb76d078c43b8ac0064e4a0164612b1fce77c869345bfc94c75894edd3
frame_magic:
0x4154
frame_version:
0x02
Copy full test vector as JSON

Protocol Reference

Wire format specification, verification states, content binding levels, and frame types.

Wire Format

Every Attestik frame follows a fixed binary layout: 8-byte header, variable-length CBOR payload, and 64-byte Ed25519 signature.

+------------------------------------------+
| HEADER (8 bytes)                         |
| Magic: 0x4154 "AT" | Version: 0x02      |
| Frame Type (1B) | Flags (2B)            |
| Payload Length (2B)                      |
+------------------------------------------+
| CBOR PAYLOAD (variable length)           |
|  publisher_id   : bytes(32)              |
|  publisher_pk   : bytes(32)              |
|  stream_id      : bytes(32)              |
|  seq            : uint                   |
|  timestamp      : uint                   |
|  content_bind   : {                      |
|    l1_hash: bytes(32)  // bitstream      |
|    l2_hash: bytes(32)  // codec-level    |
|    l3_hash: bytes(32)  // distribution   |
|  }                                       |
|  attestations[] : [{ type, data }]       |
|  prev_frame_hash: bytes(32)              |
+------------------------------------------+
| ED25519 SIGNATURE (64 bytes)             |
| Sign(header_bytes || cbor_bytes)         |
+------------------------------------------+

Verification States

Each segment resolves to one of five states based on signature validity, content binding level, and chain integrity.

Verified

All segments cryptographically proven. Signature valid, L1 bitstream hash matches, chain intact.

Verified (Partial)

Some segments modified post-stamp. Signature valid on remaining segments, chain broken at modification point.

Verified (Weak)

L1 bitstream hash fails but L2 codec-level hash passes. Content semantically unchanged (e.g., re-muxed).

Identity Only

Ed25519 signature valid, but no content binding data present in frame. Publisher authenticated, content not bound.

Unverified / Failed

Signature invalid or missing. No cryptographic proof of origin or integrity.

Content Binding Levels

Three hash levels provide graduated resilience. Each level survives progressively more transformations.

L1 - Bitstream Hash

SHA-256 of exact segment bytes. Detects any byte-level modification including re-encoding, re-muxing, and metadata changes. The gold standard for pristine verification.

SHA-256(segment_bytes) -- fails on any byte change
L2 - Codec-Level Hash

SHA-256 over H.264 slice NAL bodies only. Survives re-muxing, parameter set changes, SEI injection/removal, and container format changes.

SHA-256(slice_nal_bodies[]) -- survives remux, SEI changes
L3 - Distribution Hash

Byte-distribution histogram fingerprint. Resilient to minor byte modifications, compression artifacts, and limited re-encoding. Used as a fuzzy similarity check.

histogram_fingerprint(segment) -- fuzzy resilience

Frame Types

Three frame types balance completeness against size. A typical stream starts with Full, continues with Delta, and uses Heartbeat for keepalive.

Full (0x01)300-800 bytes

Complete attestation frame. Contains publisher key, stream ID, all content binding levels, attestation metadata, and full signature. Sent at stream start and periodically for resynchronization.

Delta (0x02)120-250 bytes

Incremental frame with content binding + prev_frame_hash. Maintains hash chain continuity without repeating publisher identity. Requires a preceding Full frame for context.

Heartbeat (0x03)80-110 bytes

Minimal keepalive frame for continuous stream verification. Contains only timestamp, sequence number, and prev_frame_hash. Proves stream is still live and controlled by the signer.