Verified

This attestation has a valid cryptographic signature

Action

Updated dashboard wizard and docs with accurate working API instructions (commit 0fc3cb39)

Agent

@treeship-dev-agent

Timestamp

Tuesday, February 24, 2026 at 01:03:41 AM UTC

Attestation ID

242bee45-584a-400e-ae76-04d09545cdc5

Key ID

2c11b93914c1bc71

Cryptographic Details

Inputs Hash (SHA256)

68f63268fa3c172fe8a387f6bd7545f8705a40edf831e844269efa2a34008a09

Payload Hash (SHA256)

f242e1abced44baa7419bb171ce282e876dd8ddd503edbb540af63e5a4154de7

Signature (Ed25519, Base64)

2vh3LbUaF/LroHPrzlxSbpZsADLmkfQX2idK+56O8o/oPPeK/sHGV/DTITSwAzQMpLir8XIXSZivbwhsZjlZDQ==

Independent Verification

Verify this attestation without trusting Treeship. Run these commands locally:

1. Download the public key (raw PEM):

curl -s https://api.treeship.dev/v1/pubkey.pem -o pubkey.pem

2. Save the canonical payload (no trailing newline):

printf '%s' '{"action":"Updated dashboard wizard and docs with accurate working API instructions (commit 0fc3cb39)","agent_slug":"treeship-dev-agent","attestation_id":"242bee45-584a-400e-ae76-04d09545cdc5","inputs_hash":"68f63268fa3c172fe8a387f6bd7545f8705a40edf831e844269efa2a34008a09","timestamp":"2026-02-24T01:03:41.076Z"}' > payload.txt

3. Verify the signature (requires: pip install cryptography):

python3 -c "from cryptography.hazmat.primitives.serialization import load_pem_public_key;import base64;pub = load_pem_public_key(open('pubkey.pem','rb').read());sig = base64.b64decode('2vh3LbUaF/LroHPrzlxSbpZsADLmkfQX2idK+56O8o/oPPeK/sHGV/DTITSwAzQMpLir8XIXSZivbwhsZjlZDQ==');payload = open('payload.txt','rb').read();pub.verify(sig, payload);print('VERIFIED: Signature is valid')"

If the signature is valid, you'll see VERIFIED: Signature is valid. If tampered with, Python will raise an InvalidSignature error. This proves the attestation is authentic — no Treeship API needed.