Automatic verification
Generate a receipt, verify it, tamper with it, and watch verification fail.
Live Proof
Live proof for signed CommandLayer receipts
The runtime signs. The verifier validates. Tampering is rejected. These demos show CommandLayer receipts moving from action/event to signed proof to independent verification.
Trust boundary upfront
The Coinbase webhook step in browser demos is simulated because real Coinbase delivery requires COINBASE_WEBHOOK_SECRET server-side. The x402 paid-action and verifier steps are live network calls. x402 runs in demo_accepted_envelope mode by default; provider_verified mode requires X402_PROVIDER_VERIFICATION_URL. Demo mode is not real settlement.
Full proof flow
Simulated Coinbase event → live x402 signed endpoint → action execution → live verifier.
What each step proves
- Coinbase: event authenticity to server via HMAC; public portability begins after CommandLayer signing.
- x402: payment rail proves payment acceptance or settlement; CommandLayer proves execution result.
- Verify: ENS TXT public key, canonical hash check, Ed25519 signature check.
Successful verification fields
status: VERIFIED
public_key_source: ens_txt
ens_resolved: true
hash_matches: true
signature_valid: true
What this does not replace
- sender authentication for production webhooks
- replay protection
- rate limiting
- real settlement unless provider_verified mode is configured
- schema validation alone