Examples
Copy-ready examples for API requests, responses, verification URLs, and data structures.
Reference Implementations
End-to-end examples showing how NexArt fits into real applications.
Common Integration Patterns
Request/response shapes you'll use in most integrations.
Certify an AI Execution
Send execution data to the certify endpoint and receive a verifiable record.
POST /v1/cer/ai/certify
Authorization: Bearer NEXART_API_KEY
{
"model": "gpt-4",
"input": "Summarize this contract and highlight key obligations.",
"output": "The contract requires monthly reporting and a 30-day notice period for termination.",
"metadata": {
"appId": "contract-assistant",
"projectId": "proj_abc123"
}
}Certify Response
The response includes everything needed to share and verify the record.
{
"verificationUrl": "https://verify.nexart.io/c/sha256%3A9e8d7c6b5a4f3210...",
"certificateHash": "sha256:9e8d7c6b5a4f3210...",
"receipt": {
"certificateHash": "sha256:9e8d7c6b5a4f3210...",
"timestamp": "2026-03-06T12:00:01.000Z",
"nodeId": "nexart-node-primary",
"kid": "key_01HXYZ..."
},
"signatureB64Url": "MEUCIQD3a8b1c4d5e6f..."
}The API response includes receipt and signature at the top level for convenience. In the CER bundle, this data lives at meta.attestation.
Verification URL
Records are verified publicly by certificateHash:
# By certificate hash (canonical)
https://verify.nexart.io/c/sha256%3A9e8d7c6b5a4f3210...certificateHash is the canonical identity of a CER. executionId is a builder-supplied label and is not a unique artifact identifier. Do not build verification URLs around it.
Share the /c/ URL with anyone. The public verifier shows the verification status without exposing raw inputs or outputs.
Create-Only Response (No Attestation)
If you use POST /v1/cer/ai/create, you get the CER bundle but no attestation, receipt, or verification URL.
{
"bundleType": "cer.ai.execution.v1",
"version": "0.1",
"createdAt": "2026-03-06T12:00:00.000Z",
"snapshot": {
"model": "gpt-4",
"inputHash": "sha256:a1b2c3d4e5f67890...",
"outputHash": "sha256:f6e5d4c3b2a10987...",
"metadata": {
"appId": "contract-assistant",
"projectId": "proj_abc123"
}
},
"certificateHash": "sha256:9e8d7c6b5a4f3210..."
}Signed Receipt
The signed receipt is produced by the attestation node and stored at meta.attestation in the CER bundle.
// meta.attestation:
{
"receipt": {
"certificateHash": "sha256:9e8d7c6b5a4f3210...",
"timestamp": "2026-03-06T12:00:01.000Z",
"nodeId": "nexart-node-primary",
"kid": "key_01HXYZ..."
},
"signature": "<raw Ed25519 signature bytes>",
"kid": "key_01HXYZ..."
}Advanced / Protocol Shapes
Lower-level protocol structures for advanced integrations and verification tooling.
n8n Flow
Certify AI results inside an n8n workflow using the NexArt community node.
CER Bundle (Certified)
A fully certified CER bundle with attestation data:
{
"bundleType": "cer.ai.execution.v1",
"version": "0.1",
"createdAt": "2026-03-06T12:00:00.000Z",
"snapshot": {
"model": "gpt-4",
"inputHash": "sha256:a1b2c3d4e5f67890...",
"outputHash": "sha256:f6e5d4c3b2a10987...",
"metadata": {
"appId": "customer-chatbot",
"projectId": "proj_abc123"
}
},
"certificateHash": "sha256:9e8d7c6b5a4f3210...",
"meta": {
"attestation": {
"receipt": {
"certificateHash": "sha256:9e8d7c6b5a4f3210...",
"timestamp": "2026-03-06T12:00:01.000Z",
"nodeId": "nexart-node-primary",
"kid": "key_01HXYZ..."
},
"signature": "<raw Ed25519 signature bytes>",
"kid": "key_01HXYZ..."
}
}
}Project Bundle (Multi-Step Workflow)
A Project Bundle groups multiple step CERs into one verifiable unit. Use this when you have a multi-step or multi-agent workflow that should be verified as a whole. Single-CER use cases do not need a Project Bundle.
import { startWorkflow } from "@nexart/agent-kit";
const workflow = startWorkflow({ projectTitle: "Refund decision" });
const policy = await workflow.step("Check policy", async () => {
return { eligible: true, policyId: "ret-30d" };
});
const decision = await workflow.step("Final decision", async () => {
return { decision: "approve_refund", policy };
});
const bundle = workflow.finish();
// bundle.bundleType = "cer.project.bundle.v1"
// bundle.integrity.projectHash = "sha256:..."
// bundle.steps[i].certificateHash = "sha256:..."
// Register the bundle on the node for public verification.
// See /docs/end-to-end-verification.Local SDK verification of a Project Bundle works without registration. Public verification on verify.nexart.io requires the bundle to be registered on the node.
Redacted Reseal
A redacted reseal has sensitive fields removed and is re-signed for safe sharing. The certificateHash is recomputed over the redacted contents.
{
"bundleType": "signed-redacted-reseal",
"version": "0.1",
"createdAt": "2026-03-06T12:00:00.000Z",
"snapshot": {
"model": "gpt-4",
"inputHash": "[REDACTED]",
"outputHash": "sha256:f6e5d4c3b2a10987...",
"metadata": {
"appId": "customer-chatbot"
}
},
"certificateHash": "sha256:1a2b3c4d5e6f7890..."
}Hash-Only Timestamp
Attests only the certificateHash. Snapshot is not included. Verifies as VERIFIED when all applicable checks pass.
{
"bundleType": "hash-only-timestamp",
"version": "0.1",
"createdAt": "2026-03-06T12:00:00.000Z",
"snapshot": null,
"certificateHash": "sha256:7f8e9d0c1b2a3456..."
}Verification Report
Summarizes the result of validating a CER.
{
"status": "VERIFIED",
"checks": {
"bundleIntegrity": "PASS",
"nodeSignature": "PASS",
"receiptConsistency": "PASS"
},
"reasonCodes": [],
"certificateHash": "sha256:...",
"bundleType": "cer.ai.execution.v1",
"verifiedAt": "2026-03-06T12:05:00.000Z",
"verifier": "nexart-verifier/1.0.0"
}Node Key Discovery
Nodes publish their public keys at a well-known endpoint for independent signature verification.
GET node.nexart.io/.well-known/nexart-node.json
{
"nodeId": "nexart-node-primary",
"activeKid": "key_01HXYZ...",
"keys": [
{
"kid": "key_01HXYZ...",
"algorithm": "Ed25519",
"publicKey": "MCowBQYDK2VwAyEA..."
}
]
}