Skip to content
cTRNG · — · 0000000000000000000000000000000000000000000000000000000000000000 · sat·sig·verified · cTRNG · — · 0000000000000000000000000000000000000000000000000000000000000000 · sat·sig·verified · cTRNG · — · 0000000000000000000000000000000000000000000000000000000000000000 · sat·sig·verified ·
proof of reality
PUBLIC VERIFY API · HASH-FIRST PROOFS

Verify
real-world
scans

Proof of Reality turns an iPhone or OAK 4 D capture into a public verifyId and canonical bundleHash. Apps can check the proof without seeing raw files, GPS, nonce payloads, or app-key details unless the user discloses them.

Explore proofsVerify API
01THE TRUST GAP

A photo is no longer enough
The proof has to travel with it

Marketplace listings drift toward copied media. RWA tokens claim assets that may not exist. Insurance disputes hinge on files that can be edited after capture. The web needs a primitive for physical evidence that can be checked by another app.

“The image is evidence only when the capture has a proof record.”
— Proof of Reality trust model
REAL · scan-penguin-001.glb

Proof layers agree

  • Cosmic nonce signatureverified · aptosorbital
  • KMS co-signatureverified · space-fabric
  • Device key signatureverified · 0xA3…f9
  • Artifact hashesbundle + scene match
  • App Attestverified · iOS
VERDICT
ACCEPTED
Bundle hash recomputes. Public checks match the disclosed trust roots.
02JOBS TO BE DONE

Buyers do not buy proof
They buy a decision

Proof of Reality fits where a product, token, claim, or agent needs to decide whether a physical-world object was captured for real.

INTEGRATION SHAPE

One public lookup, disclosure by layer.

The verifier sees the proof commitment first. Time, location, files, nonce payloads, and app-key details appear only when the capturer selected those layers.

GET
verify.realityproof.app/v1/verify/{verifyId}
API docsIntegration guide
  1. 01 · MARKETPLACE OPERATOR

    Verify a high-value listing before a buyer pays

    WHEN

    A seller uploads photos, video, or a 3D object that could have been copied or generated.

    PROOF JOB

    Store the proof's verifyId and bundleHash. Show the public checks beside the listing.

    RESULT

    The buyer sees a real capture commitment without forcing the seller to expose private files.

  2. 02 · RWA ISSUER

    Bind a token to a physical object before it enters a vault or marketplace

    WHEN

    A PDF, invoice, or custodian statement is not enough evidence for the underlying asset.

    PROOF JOB

    Use the canonical bundleHash as the asset commitment, then anchor batches on a daily cadence.

    RESULT

    The token can point back to a specific scan, not only to a promise about the scan.

  3. 03 · INSURANCE TEAM

    Check claim media without collecting more personal data than needed

    WHEN

    A claimant has evidence, but the file, GPS, or location history may be sensitive.

    PROOF JOB

    Start with hash-only verification. Ask for time, location, or retained files only when the claim needs it.

    RESULT

    Reviewers get a verifiable record while disclosure stays proportional to the case.

  4. 04 · AI AGENT OR MCP APP

    Cite real-world evidence inside an automated workflow

    WHEN

    An agent needs to decide whether a listing, shipment, inspection, or object claim is grounded in reality.

    PROOF JOB

    Call the Verify API or MCP tool, then compare artifact hashes when the user provides a file.

    RESULT

    The agent can say what is verified, what is private, and what still needs human review.

03
WITNESSES

Five witness layers
for one proof

No single party should carry a physical-world claim. A proof combines physics, hardware keys, canonical hashes, and public trust roots, then exposes only the layers the owner disclosed.

LAYER

Cosmic nonce

Orbitport · cTRNG · aptosorbital

A fresh random value is requested before capture and can be bound into the scan. When satellite signing is present, it becomes an independent time witness.

LAYER

KMS co-signature

SpaceComputer Space Fabric

After the device proof is checked, Space Fabric co-signs the canonical hash. The public verifier can report that level without exposing private files.

LAYER

Device key

Apple Secure Enclave · USB Armory ECDSA

The capture device proves the bundle came from real hardware. Public trust roots can be checked without seeing private scan files.

LAYER

Artifact hashes

Canonical bundle · R2 artifacts

The bundle and every selected artifact carry stable hashes. Recompute them and the proof either matches or fails.

LAYER

App Attest

Apple · iOS captures only

On iOS captures, Apple can attest that the submitted assertion came from a genuine app instance, not an arbitrary client.

A proof does not rely on a screenshot being persuasive. It reports which layers are present, which checks passed, and which evidence remains private. Stronger transactions can ask for stronger disclosure without making every proof public by default.

04THE FLOW

Two capture frontends
One trust pipeline

An iPhone scanning a watch in a New York apartment and an OAK 4 D camera scanning a vehicle in a Prague garage produce the same proof shape, hit the same backend, and publish the same hash-first proof record.

B2C · iOS
RoomPlan + Object Capture + Secure Enclave
01 · CAPTURE
  1. LiDAR + RGB scan
  2. ProofBundle assembled with cosmic nonce in-frame
02 · SIGN
  1. deviceSigningHash signed by Secure Enclave
  2. App Attest assertion attached
03 · FINALIZE
  1. KMS co-sign · hash record
  2. R2 retained only when selected
B2B · OAK 4 D
Luxonis camera + USB Armory Mk II (TamaGo)
01 · CAPTURE
  1. DepthAI capture · IMU · synced timestamp
  2. Bundle assembled in agent
02 · SIGN
  1. bundleHash signed by USB Armory ECDSA
  2. Audit log appended
03 · FINALIZE
  1. KMS co-sign · hash record
  2. R2 retained only when selected
CONVERGES AT
One backend, one verifier, one proof shape.
verifyId → bundleHash → daily rootready for batch anchoring
Luxonis OAK 4 D, four-lens stereo + RGB camera module, slowly rotating
OAK 4 D · LUXONIS

Industrial-grade capture

The body that feeds our B2B signing path. IP67-rated, machined aluminum, no moving parts, four cameras and an IMU on a single USB-C tether or PoE+ run.

IP67
dust + jet-water rated
Aluminum body
passively cooled, field-grade
Stereo depth + RGB + IMU
metric capture, no markers
On-board NPU
depth + tracking on-device
05VERIFY ONE

Open a real proof

PROMO · 90 SEC

The public Verify API returns disclosure-filtered status, hashes, timings, and checks. A marketplace can verify the proof without seeing more than the user chose to expose.

  1. 01

    Pick any proof

    the explorer lists finalized scans from the public verifier

  2. 02

    Compare the hash

    match a disclosed bundle or artifact against the public commitment

  3. 03

    Check proof layers

    satellite, KMS, device, artifact hashes, App Attest when exposed

  4. 04

    Accept or reject

    public verification, private evidence by default

Explore proofsVerify API
06BUILT ON

Real trust roots, explicit limits

Every dependency is a real one. If any of them breaks, the app says so.

TRUST ROOTS
  • SpaceComputerOrbitport cTRNG · Space Fabric KMS
  • AppleSecure Enclave · App Attest
  • USB ArmoryMk II ECDSA in DCP + OTPMK
SETTLEMENT
  • Daily anchoringbatch roots prepared for settlement
  • Verify APIpublic status for marketplaces
STORAGE & FIRMWARE
  • Cloudflare R2opt-in file retention
  • Postgreshash records + disclosure policy
  • LuxonisOAK 4 D camera
07FAQ

Questions buyers ask first

What does Proof of Reality verify?
It verifies that a physical-world scan produced a public proof record with a verifyId, canonical bundleHash, verification level, public checks, and artifact hash commitments.
Do users have to expose private files or GPS?
No. Hash-only is the default. Capture time, location, retained files, nonce payloads, and app-key details are disclosed only when the proof owner selects those layers.
How does another product integrate?
Store verifyId for the user-facing proof and bundleHash for integrity. Call the public Verify API to show status, verification level, checks, and disclosed artifact hashes.
Is every proof on-chain today?
No. Current production verification is hash-first through the public Verify API. Daily hash-root anchoring is the next settlement layer.
08BUILD WITH US

A public proof primitive, ready to integrate

  • VERIFY

    Add proof checks to a listing, token, claim, or agent

    Store verifyId for UX, bundleHash for integrity, then read status from the public API.

  • DISCLOSE

    Expose only the proof layer the transaction needs

    Hash-only by default. Time, location, files, nonce, and app-key details are explicit choices.

  • ANCHOR

    Settle finalized hashes without putting private evidence on-chain

    Daily roots are the next settlement layer after the hash-first verifier.

RIGHT NOW

The proof explorer is open at app.realityproof.app. Public proof status is available at verify.realityproof.app. Open a proof, or verify it from any marketplace, wallet, protocol, or agent.

Explore proofsIntegration guide