The Trust Layer API.
One call returns the full trust picture of any AI agent — on-chain or off-chain: Trust Score, Agent Credit, Meta-Bureau consensus across independent sources, sanctions screens, accountability status, and an indicative EU AI Act tier. Built for verify-before-execute.
⚡ Quickstart — one call, full verdict
curl https://trustifer.com/api/v1/trust/0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045{
"verdict": "PROCEED", // machine-actionable
"status": "active",
"trust": { "score": 8.9, "scale": "1-10", "band": "Strong", "confidence": "High" },
"bureau": { "consensus": 80, "band": "Exceptional",
"corroboration": "corroborated", "independentGroups": 4,
"reasonCodes": ["Corroborated by 4 independent source groups …"] },
"euAiAct": { "risk": "minimal", "label": "Minimal risk" },
"links": { "badge": "…/api/badge/0xd8dA…", "passport": "…/passport/0xd8dA…" }
}Works with any EVM address or agent domain. Sanctioned / killed / blacklisted subjects return DO_NOT_ENGAGE — safety findings are never averaged away.
🛡 Trust Firewall verify-before-execute, enforced — our flagship
Don't just look up trust — enforce it on every action. One POST before each payment/hire/data-share returns a deterministic, credit-aware decision with an Ed25519-signed receipt for your audit trail. Sanctioned, blacklisted, or killed counterparties are BLOCKED at the floor — no policy can override safety.
curl -X POST https://trustifer.com/api/v1/firewall/check \
-H "Content-Type: application/json" \
-d '{"subject":"0xCounterparty…","action":"payments.send","amountUsd":400}'{
"decision": "LIMIT", // ALLOW · LIMIT · REVIEW · BLOCK
"limitUsd": 250, // credit-aware ceiling (card-network style)
"reasons": ["Consensus 58 in limit band (<60) — authorized up to $250",
"Thin credit file — tier tightened by 10"],
"consensus": 58, "status": "active",
"signature": "ed25519…", // verify: POST /api/v1/firewall/receipt
"expiresAt": "…+5min" // decisions are point-in-time
}Tighten (never loosen) the default policy per call: policy: { blockBelow, limitUsd, requireApprovalAboveUsd, treatUnknownAs: "block" }. Free in preview · metered keys + org policies at launch.
📚 Endpoints keyless preview works · get a free key for higher limits
/api/v1/firewall/checkflagshipTRUST FIREWALL — per-action authorization: { subject, action, amountUsd, policy? } → ALLOW / LIMIT (USD ceiling) / REVIEW / BLOCK + reasons + Ed25519-signed receipt. Safety floors can never be loosened by policy.
/api/v1/firewall/receiptVerify any firewall receipt — re-canonicalizes and checks the Ed25519 signature against did:web:trustifer.com#key-1. Auditors & insurers can prove a check happened without trusting our word.
/api/v1/trust/{subject}coreTHE one-call verdict — Trust Score + Credit + Meta-Bureau consensus + status + EU AI Act tier + machine verdict (PROCEED / PROCEED_WITH_LIMITS / DO_NOT_ENGAGE).
/api/v1/diligence/{subject}premiumDEEP DUE-DILIGENCE DOSSIER — the complete signed background check: identity · trust pillars · credit · per-source bureau evidence · reputation · incidents · lineage · authorizations · EU AI Act · drift. Human-readable at /diligence/{subject}. Free in preview, paid at launch.
/api/v1/competence/{subject}PROOF-OF-COMPETENCE — “is this agent good at its job?” 0–100 from verified real-world outcomes (success rate · reliability · dispute & claim integrity · experience · on-chain validations · drift). The third pillar: safe × solvent × competent.
/api/bureau/{subject}Full Meta-Bureau assessment — per-source scores, evidence, corroboration, outliers, reason codes.
/api/bureauThe bureau network — every trust source we aggregate (live · ready · planned).
/api/passport/verify?address={subject}Verify an issued passport credential — signature, revocation, on-chain anchor.
/api/badge/{subject}Embeddable SVG badge — live-scored, cache-friendly. Drop it in a README.
/api/passport/export/{subject}interopInterop export — our verified assessment in the open agent-passport.json (Cubitrek v0.1) shape.
/api/v1/watchRegister a webhook watch { subject, url } → returns your HMAC secret. Fires on ≥5-pt consensus moves, status changes (blacklist / kill / flag), and impersonation alerts on your identity.
/api/v1/clonewatch/{subject}IMPERSONATION SCREEN — is this subject cloning a protected identity? Homoglyph + typosquat + name-similarity detection, lineage-aware (registered family ≠ fraud). Likely hits file reported incidents + alert the real owner; firewall gates them at REVIEW.
/api/feedsExternal connector network status — which feeds corroborate the bureau right now.
/api/v1/registerREGISTER AN AGENT — verify ownership (KYA gate) → write the declared profile → return the unified golden record (declared vs verified). Optional { ref, partner } attribution. Declared data is isolated from scoring.
/api/v1/referralReferral loop — ?creator={email|crt_id} returns a shareable code + link + verified-referral stats; ?leaderboard=1 returns top referrers. A referral counts only once the referred agent is approved.
/api/v1/partnersPARTNER / LAUNCHPAD track — apply { name, code?, contact } → vetted → public partner code + “Register with Trustifer” widget. GET ?code= for status/stats, ?leaderboard=1 for rankings. The code attributes; it never bypasses ownership.
🤖 Trustifer for Agents — pay-per-call x402 · premium pulls, no account
Autonomous agents pay a few cents in USDC on Base (gasless, via the open x402 standard) to pull a premium product before they transact — no signup, no key. Basic trust/firewall checks stay free; only premium pulls charge. Trustifer is its own x402 facilitator (neutral, no third party).
# 1. Call a premium endpoint → HTTP 402 + payment requirements
curl https://trustifer.com/api/v1/diligence/0xAGENT
# → 402 { x402Version, accepts:[{ scheme:"exact", network:"base",
# asset:USDC, maxAmountRequired:"500000", payTo, … }] }
# 2. Pay with any x402 wallet (gasless EIP-3009), retry with the header:
curl https://trustifer.com/api/v1/diligence/0xAGENT \
-H "X-PAYMENT: <signed-payment>"
# → 200 signed dossier + X-PAYMENT-RESPONSE (settlement proof)Discover priced endpoints + schema at /.well-known/x402. Pricing: deep due-diligence $0.50 · signed credit report $0.25 · basic trust/firewall free. Works with any x402 wallet (Bankr, Coinbase…). Prefer a plan? Use a metered API key instead. (Charging activates at launch — free in preview today.)
🔔 Signed webhooks — know the moment trust changes
curl -X POST https://trustifer.com/api/v1/watch \
-H "Content-Type: application/json" \
-d '{"subject":"0xYourAgent…","url":"https://your-app.com/hooks/trustifer"}'
# → { "id":"wch_…", "secret":"whsec_…" } ← store the secret (shown once)Every delivery is signed: X-Trustifer-Signature: sha256=HMAC-SHA256(secret, rawBody). Fires on ≥5-point consensus moves or any status change (flagged · blacklisted · killed). Checks run daily in preview — higher frequencies ship with API tiers at launch.
🛡 Speaks your standards OWASP LLM Top-10 · NIST AI RMF · MITRE ATLAS
| Trustifer pillar | Weight | OWASP LLM Top-10 | NIST AI RMF | MITRE ATLAS |
|---|---|---|---|---|
| Identity & Authenticity | High | LLM05 Supply-chain · LLM03 Training-data provenance | GOVERN 1 · MAP 1 (context & actors) | Reconnaissance · Resource Development (impersonation) |
| Safety & Compliance | Critical | LLM01 Prompt Injection · LLM02 Insecure Output | MANAGE 2 (risk treatment) · GOVERN 4 | Initial Access · Defense Evasion |
| Track Record & Tenure | High | —(operational maturity) | MEASURE 2 (trustworthiness over time) | — |
| Counterparty & Network | Moderate | LLM05 Supply-chain (third parties) | MAP 3 (third-party risk) | Lateral Movement (contagion) |
| Reputation & Outcomes | High | LLM09 Overreliance (verified efficacy) | MEASURE 1 (performance evidence) | Impact (failure history) |
| Behavioral Integrity | Supporting | LLM08 Excessive Agency | MEASURE 3 (drift & anomaly tracking) | Persistence · Privilege Escalation patterns |
| Transparency & Governance | Supporting | LLM10 Model Theft (disclosure posture) | GOVERN 2-3 (accountability & disclosure) | — |
Mapping is indicative: Trustifer pillars aggregate verified evidence; the frameworks define control objectives. A strong pillar score signals evidence toward the mapped controls — it is not a certification. Full scoring math, hard rules & dispute process: /methodology · challenge any score: /disputes.
🔌 One passport, any rail
Every assessment carries an indicative risk classification (minimal / limited / high / unacceptable) derived from authorized scopes & status.
Consume us in the open agent-passport.json (v0.1) shape via /api/passport/export — our verified scores inside the community format.
Built for agentic commerce stacks — Visa Trusted Agent Protocol, Mastercard Agent Pay, x402, Google AP2. We detect Web Bot Auth key directories as verification evidence for off-chain agents.
🤖 MCP server — trust inside your agent
Give Claude Code, Cursor, or any MCP host three tools — get_trust_verdict · get_bureau_assessment · watch_agent — so your agent verifies counterparties before executing. Zero dependencies.
# Claude Code
claude mcp add trustifer -- node sdk/mcp/server.mjs
# any MCP config
{ "mcpServers": { "trustifer": { "command": "node", "args": ["sdk/mcp/server.mjs"] } } }LangChain / CrewAI: call GET /api/v1/trust/{subject} from a custom tool — one HTTPS request, no auth needed in preview. npm package & hosted MCP endpoint: at launch.
Building on the trust layer?
The API is free while in preview. Leave your email for keys, rate-limit tiers, the MCP server, and SDK releases.