Trust infrastructure

Every report
ships with a receipt.

A cryptographically signed Trust Receipt. A public verify endpoint. An audit trail you can hand an LP — so a claim holds up when it's challenged, not just when it's read.

The Trust Receipt

A record you can hand anyone.

When a run finishes, you can download a Trust Receipt — a signed, verifiable record of the rubric score, per-section provenance, and the exact prompt version that produced the work.

01 · Score

Rubric, not vibes

Every run is scored 0–100 against a structural, content, and calibration rubric. The score travels in the receipt.

02 · Provenance

Section-by-section hashes

Each section is hashed with SHA-512. Change one comma after the fact and verification fails.

03 · Signature

HMAC-SHA256

The whole receipt is signed with a platform secret. The signature is what makes the receipt the receipt.

How verification works

A chain of hashes, end to end.

Run
Agents produce
each section
Hash
SHA-512
each section
Chain
Section hashes
form a chain hash
Sign
HMAC-SHA256
over canonical JSON
Receipt
PDF + signature
+ QR code
Verify
Anyone hits
/v1/verify/<sig>

Verification recomputes the signature over the stored payload and re-derives the chain from the sections. If either fails, the receipt is tampered. Deterministic, dependency-free, and mathematically sound.

Public verification

No account. No friction.

Your LP doesn't need to log into Zyphv to check the report you sent them.

They open the PDF, scan the QR code, and a public endpoint confirms the receipt is intact — or doesn't.

The verify URL is rate-limited per IP and leaks no internal information. It is, on purpose, the most boring API we run.

$ curl https://api.zyphv.com/v1/verify/a8f2…
{
"receipt_intact": true,
"run_id": "0d1c…",
"generated_at": "2026-06-05T14:22:00Z",
"overall_score": 82
}
For VCs, PE, and M&A

An audit trail you can show your LPs.

For VC partners

Every memo in your IC packet carries a receipt. When an LP asks where a number came from, you can show the chain — from the report section to the prompt version that produced it.

For PE diligence teams

Hand a target's lender the Trust Receipt alongside the DD memo. They confirm the report hasn't been edited — without you handing over access to your tooling.

For M&A advisors

Sell-side and buy-side verify against the same public endpoint. The receipt is the reference — and neither side controls it.

For regulated auditors

Prompt changes are logged, deploys timestamped, and every score chains to its prompt-version hash — mapped in our compliance posture documentation.

Behind the receipt

A quality pipeline that improves itself.

The receipt is the surface. Underneath is a closed loop that keeps quality up — with a human in the loop every time it changes.

Every run

Scored, judged, traced

Structural, content, and calibration rubric. A second-pass LLM judge. Per-agent scores, all chained to the exact prompt version that produced the work.

Every night

Continuous baselines

Golden fixtures re-scored against today's prompts. Drift alerts when fleet quality dips — the system catches its own regressions before customers do.

Every improvement

Proposed, tested, canaried

A model proposes prompt edits; an admin approves; an A/B test runs against fixtures; a 10% canary deploys with auto-rollback. Nothing promotes without a human.

Every five minutes

SRE health snapshot

Scoring coverage, judge latency, queue depth, alert backlog — traffic-light KPIs with alerting on the red ones. The eval system has its own observability.

A Trust Receipt proves integrity, not truth. It proves the report you're reading is exactly what the system produced — sourced and scored — and that nobody edited it after. It does not, and cannot, prove every claim is correct. That's why we score, judge, and improve every run, and why the rubric travels in the receipt.

Run a report. Get the receipt.

Start with 150 free credits. The receipt is on the house.

Get your first receipt free

Traceable by design.