Every event anchored through Invoance produces a public, unauthenticated verification endpoint. Any third party — auditor, regulator, counterparty — can validate the integrity and origin of a record without contacting Invoance or accessing your systems.
Verification endpoints are publicly accessible. Recipients do not need an Invoance account, API key, or any relationship with your organization.
Verification can be performed offline using the public key, payload hash, and Ed25519 signature. You do not need to trust Invoance's response.
Every proof is signed with a key bound to your verified domain. Verification confirms both the record integrity and the issuing organization.
Proof data cannot be altered after anchoring. Verification URLs remain resolvable and consistent for the lifetime of your retention period.
These endpoints require no API key and are safe to share externally. They are the canonical reference for any third-party verification of an anchored record.
https://invoance.com/proof/{event_id}Event proofVerifies any anchored business event. Returns hash, signature, timestamp, tenant domain, and verification status.
https://invoance.com/proof/ai/{attestation_id}AI attestation proofVerifies an anchored AI output or decision. Includes model metadata, decision context, and cryptographic proof of the output at generation time.
The proof endpoint returns everything needed to independently validate a record. No additional calls or trusted data sources are required.
https://invoance.com/proof/evt_4c8d2f{
"event_id": "evt_4c8d2f",
"status": "verified",
"payload_hash": "9f3a...c21e",
"signature": "ed25519:7b1c...a4f9",
"public_key": "invoance:pk_tenant_7b1c",
"tenant_domain": "acme.com",
"anchored_at": "2026-02-25T14:22:01Z",
"event_type": "invoice.approved",
"verify_url": "https://invoance.com/verify/evt_4c8d2f"
}Verification can be performed entirely offline using standard cryptographic tools. This is the strongest form of verification — it does not require contacting Invoance at all.
echo -n '{"type":"invoice.approved","data":{...}}' | sha256sum
# → 9f3a...c21e ✓ matches payload_hash# Using libsodium or any Ed25519-compatible library
verify_ed25519(
public_key = "<tenant public key from step 3>",
message = "9f3a...c21e",
signature = "7b1c...a4f9"
)
# → true ✓ signature validGET https://api.invoance.com/keys/acme.com
# → {
# "domain": "acme.com",
# "public_key": "t3kLmNpQr7wYzA...",
# "algorithm": "ed25519",
# "key_id": "invoance:pk_a4e2f819"
# }
# → matches ✓The SHA-256 hash binds the proof to the exact content submitted. Any alteration to the payload produces a different hash and invalidates the proof.
The Ed25519 signature proves the proof was issued by the stated tenant's key. It cannot be forged without access to the private signing key.
The anchored_at timestamp is recorded at ingestion and is part of the signed payload. It cannot be backdated or altered.
Proof records are append-only. Once created, the data returned by the verification endpoint cannot change.
Verification can be performed offline. The cryptographic proof does not depend on Invoance remaining online or trusted.
Verification URLs remain resolvable for the duration of your retention period, even if your subscription changes.
Verification is a technical guarantee, not a legal or factual one. Understanding its limits is as important as understanding its guarantees.
Invoance verifies that a payload was submitted and has not changed. It does not verify that the contents of the payload are accurate, legal, or genuine.
Invoance records that an event occurred and was signed by a tenant key. It does not verify that a specific human authorized or intended the action.
If the original payload was not retained, verification can confirm a hash but cannot reconstruct or display the original content.
Cryptographic proof is technical evidence. Whether it is admissible in a specific legal proceeding depends on jurisdiction and context. Consult qualified legal counsel.