xProof

<p align="center">
  <strong>xProof</strong><br>
  <em>Trust primitive for AI agents & humans on MultiversX</em>
</p>

<p align="center">
  <a href="https://xproof.app">Live App</a> &bull;
  <a href="#quick-start">Quick Start</a> &bull;
  <a href="#api-reference">API</a> &bull;
  <a href="#for-agents">Agent Integration</a> &bull;
  <a href="https://xproof.app/leaderboard">Trust Leaderboard</a> &bull;
  <a href="docs/architecture.md">Architecture</a> &bull;
  <a href="CHANGELOG.md">Changelog</a>
</p>

<p align="center">
  <img src="https://img.shields.io/badge/blockchain-MultiversX-23F7931E?style=flat-square" alt="MultiversX" />
  <img src="https://img.shields.io/badge/protocol-MCP-blue?style=flat-square" alt="MCP" />
  <img src="https://img.shields.io/badge/protocol-x402-purple?style=flat-square" alt="x402" />
  <img src="https://img.shields.io/badge/protocol-ACP-orange?style=flat-square" alt="ACP" />
  <img src="https://img.shields.io/badge/standard-MX--8004-teal?style=flat-square" alt="MX-8004" />
  <img src="https://img.shields.io/badge/price-from%20%240.05%2Fcert-brightgreen?style=flat-square" alt="from $0.05/cert" />
</p>

---

> **Trust is programmable.**
> xProof anchors verifiable proofs of existence, authorship, and agent output on the MultiversX blockchain -- composable, API-first, built for both humans and autonomous agents.

---

## Live Proof

The xProof README is certified on the MultiversX blockchain.

- **File:** README.md
- **SHA-256:** 285da2ed7cced35b4d039a80956a4df8907bd33f83aaac8551b6f66c31251bd1
- **Date:** February 23, 2026 at 09:49 UTC
- **Transaction:** [41f1ebd363d28de787a2328a2bc99f0b3bad2d73f91baff649ee8a6516e7cc95](https://explorer.multiversx.com/transactions/41f1ebd363d28de787a2328a2bc99f0b3bad2d73f91baff649ee8a6516e7cc95)
- **Network:** MultiversX Mainnet

> This is not a demo. A real payment, a real hash, a real immutable proof.

---

## What is xProof?

**xProof** is a trust primitive. It records SHA-256 file hashes on the [MultiversX](https://multiversx.com) blockchain, producing tamper-proof, publicly verifiable proofs of existence and ownership.

- **Client-side hashing** -- SHA-256 is computed locally. Your file never leaves your device.
- **On-chain anchoring** -- the hash is recorded as an immutable transaction on MultiversX mainnet with 6-second finality.
- **Verifiable output** -- PDF certificate, QR code, public proof page, machine-readable JSON, and embeddable badge.
- **Agent-native** -- discoverable and consumable by AI agents via MCP, ACP, x402, LangChain, CrewAI, Conway/Automaton, and OpenClaw.
- **MX-8004 compliant** -- full Trustless Agents Standard integration with on-chain validation loop and reputation scoring.

### Why MultiversX?

MultiversX is a European, carbon-negative blockchain with 6-second finality, negligible fees ($0.001/tx), and a growing ecosystem of AI-native protocols. xProof leverages its security and efficiency to deliver enterprise-grade certification at minimal cost.

---

## Why It Matters -- Real Scenarios

> AI agents are already writing code, drafting contracts, generating reports,
> and making decisions. But when something goes wrong -- who proves what was
> produced, when, and by whom?

**xProof is the answer layer.**

---

**"My agent delivered this report"**
A LangChain agent generates a financial analysis for a client.
xProof certifies the output before delivery. If the client disputes the content
later, the blockchain timestamp is the proof. Irrefutable. No he-said-she-said.

---

**"This build was not tampered with"**
Your CI/CD pipeline compiles and ships. xProof's GitHub Action certifies every
artifact automatically. Six months later, a security audit asks:
*"Is this binary what you deployed?"* -- one hash check, case closed.

---

**"I can trust what Agent B gave me"**
Multi-agent pipelines have no native trust layer. When Agent A certifies its
output before handing off to Agent B, the chain of custody becomes verifiable.
Agents can prove they did their job. Pipelines become auditable end-to-end.

---

**"Agent identity is verified on-chain"**
With MX-8004 (Trustless Agents Standard), every agent registers on-chain with a
soulbound NFT. When an agent certifies output via xProof, the certification goes
through the full validation loop -- identity check, job registration, validation,
reputation scoring. The result: cryptographic proof that a *verified* agent
produced the output, not just any agent. Trust is no longer assumed -- it's proven.

---

**"We are compliant"**
Regulated industries need timestamped evidence of AI-generated decisions.
xProof turns every agent action into a blockchain-anchored record --
ready for audit, litigation, or regulatory review. Zero extra work.

---

**"My trust score speaks for itself"**
An autonomous agent builds reputation by certifying its outputs consistently over time.
Every confirmed certification contributes to its on-chain trust score -- visible on the public
Trust Leaderboard at `/leaderboard`. Clients and peer agents query `/api/trust/{wallet}` before
engaging. Trust becomes mathematical, not reputational.

> **Live:** xproof_agent_verify ran a complete beta test -- 6 endpoints, single cert in 1.075s,
> batch of 3 in 1.876s, on-chain verification in 198ms. Now on the leaderboard: Active, score 157.
> [Proof](https://xproof.app/proof/f8c3b35d-6ee1-4f76-a92b-1532a008df7b) &bull; [Full review](https://www.moltbook.com/post/1d6cf96b-5046-4c63-9ae5-43f8809f4562)

---

**The pattern is always the same:**
*Agent produces output -> xProof anchors it -> anyone can verify, forever.*

---

## Pricing

**Starting at $0.05 per certification** -- price decreases globally as the network grows (all-time volume). No subscriptions. No monthly fees.

| All-time certifications | Price per cert |
|---|---|
| 0 -- 100,000 | $0.05 |
| 100,001 -- 1,000,000 | $0.025 |
| 1,000,001+ | $0.01 |

Current pricing & tier info: **https://xproof.app/api/pricing**

| Payment Method | Currency | Account Required |
|---|---|---|
| **x402** (HTTP 402) | USDC on Base | No |
| **ACP** | EGLD | Yes (API key) |

Agents can pay per-proof via x402 with zero onboarding -- send a request, receive payment requirements, sign, resend.

---

## Quick Start

### Use the API (fastest)

```bash
# Certify a file in one call
curl -X POST https://xproof.app/api/proof \
  -H "Authorization: Bearer pm_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{
    "file_hash": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
    "filename": "report.pdf",
    "author_name": "Your Name"
  }'
```

Response:

```json
{
  "proof_id": "uuid",
  "status": "certified",
  "file_hash": "e3b0c44...",
  "verify_url": "https://xproof.app/proof/uuid",
  "certificate_url": "https://xproof.app/api/certificates/uuid.pdf",
  "proof_json_url": "https://xproof.app/proof/uuid.json",
  "blockchain": {
    "network": "MultiversX",
    "transaction_hash": "txhash...",
    "explorer_url": "https://explorer.multiversx.com/transactions/txhash..."
  }
}
```

### Use the Web App

Go to [xproof.app](https://xproof.app), connect your MultiversX wallet, drop a file, certify. Done.

### Self-Host

```bash
git clone https://github.com/jasonxkensei/xproof.git
cd xproof
npm install
cp .env.example .env   # configure your environment
npm run db:push         # initialize database
npm run dev             # starts on http://localhost:5000
```

**Prerequisites:** Node.js 20+, PostgreSQL (or Neon), MultiversX wallet.

See [docs/environment-variables.md](docs/environment-variables.md) for configuration details.

---

## For Developers

### POST /api/proof -- Single Certification

Certify one file hash on-chain in a single API call.

```bash
curl -X POST https://xproof.app/api/proof \
  -H "Authorization: Bearer pm_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{
    "file_hash": "<64-char-sha256-hex>",
    "filename": "output.txt",
    "author_name": "Agent Name",
    "webhook_url": "ht

[truncated…]