Getting Started

This guide shows how to record your first verifiable event and generate an evidence bundle.

Choose Your Path

ChainOfFact supports two integration patterns. Select the one that matches your use case.

API Key Required: You need an API key to record events. Get your API key

1. Configure API Key

Set your API key in your environment or application configuration.

export CHAINOFFACT_API_KEY="your-api-key"

2. Record Events Continuously

Send a POST request to /api/events for each event you want preserved.

POST /api/events
Authorization: Bearer your-api-key
Content-Type: application/json

{
  "event_type": "model_output",
  "subject": "model:gpt-4",
  "inputs_hash": "sha256:a1b2c3...",
  "outputs_hash": "sha256:d4e5f6...",
  "policy_id": "content-moderation-v2",
  "policy_version": "2.1.0",
  "metadata": {
    "request_id": "req-12345",
    "user_tier": "enterprise"
  }
}

The response includes an immutable receipt with a unique event ID and timestamp.

3. Regular Verification

Periodically verify your recorded events to ensure chain integrity.

POST /api/verify/event
{
  "event_id": "evt-uuid-here"
}

Verification confirms the event exists unmodified in the append-only log.

4. Generate Evidence Bundles on Demand

When you need to share evidence, generate a sealed bundle for any time range.

POST /api/bundles/evidence
{
  "start_time": "2026-01-01T00:00:00Z",
  "end_time": "2026-01-31T23:59:59Z",
  "subject_filter": "model:gpt-4"
}

What ChainOfFact Does Not Do

  • No compliance claims
  • No interpretation
  • No backfilling or inference

If something was not recorded, it remains UNKNOWN.

Full Documentation·How Verification Works·Contact