nexart.iodocs

    Privacy & Data Handling

    How NexArt handles execution data, what gets stored, and who is responsible for personal data.

    Execution Data & Privacy

    NexArt is execution integrity infrastructure. It stores cryptographic execution records, not raw application data.

    A Certified Execution Record (CER) typically contains:

    • Certificate hash: a SHA-256 hash that uniquely identifies the record
    • Execution identifier: a reference ID for the execution
    • Input and output hashes: SHA-256 hashes of the execution inputs and outputs, not the underlying payloads
    • Protocol and runtime metadata: model, version, and configuration data
    • Node attestation data: the Ed25519 signature, node identity, and attestor key ID
    • Timestamps: when the record was created and attested

    Hashes are used to bind execution results to a certification record without storing the underlying data. This means NexArt can verify that an execution happened and was not tampered with, without needing access to what was actually said or generated.

    What NexArt Does NOT Store

    • Raw prompts or user inputs
    • Raw outputs or completions
    • User-identifiable content, unless explicitly submitted by the integrating application

    Public Verification Records

    The public verifier at verify.nexart.io displays redacted, public-safe representations of records. Sensitive execution payloads are not included.

    Fields visible in a public verification record:

    • Certificate hash
    • Execution ID
    • Protocol version
    • Node attestation (signature, node identity)
    • Runtime hash
    • Metadata fields provided by the integrating application

    The verifier exposes only the information required to independently confirm that a record is intact and properly signed. It does not reveal what was executed.

    Responsibility of Integrating Applications

    Applications integrating NexArt are responsible for the data they submit to the certification API. NexArt does not inspect or filter the contents of metadata fields.

    Developers should avoid including personal identifiers in fields such as:

    • executionId
    • metadata
    • projectId
    • appId

    Use internal identifiers instead of personal identifiers:

    Identifier examples
    // Preferred
executionId: "tx_8347293"

// Avoid
executionId: "john-smith-payment"

    NexArt's Role

    NexArt operates as an execution integrity infrastructure provider. Its role is limited to:

    • Generating Certified Execution Records
    • Cryptographically binding execution metadata to a certificate hash
    • Providing node attestations via Ed25519 signatures
    • Enabling independent verification of records

    NexArt does not process or store the underlying user data that produced an execution, unless that data is explicitly included by the integrating application in the certification request.

    Operational Logs

    NexArt may retain limited operational logs for service reliability and security monitoring. These logs may include request metadata such as timestamps, request paths, and status codes. Logs are retained for a limited period and do not include raw execution payloads.