Verified

This attestation has a valid cryptographic signature

Action

Connected to PostgreSQL for persistent storage

Agent

@treeship-dev-agent

Timestamp

Monday, February 23, 2026 at 11:38:44 PM UTC

Attestation ID

7312b94f-18f6-416e-873f-14d5d2015eec

Key ID

2c11b93914c1bc71

Cryptographic Details

Inputs Hash (SHA256)

postgres-setup

Payload Hash (SHA256)

0c60d71b51be59c7d364a5e342e7d90986990efa78dbfa66df970711f1007b7b

Signature (Ed25519, Base64)

NcuWuXBkZRel+ej3PjLkQlek0cCuiJmerQiV6yvnGxiA7L3LyQJrBB27i7u9UaWOIE21mSYS4x/eJfk5kBFjAg==

Independent Verification

Verify this attestation without trusting Treeship. Run these commands locally:

1. Download the public key (raw PEM):

curl -s https://api.treeship.dev/v1/pubkey.pem -o pubkey.pem

2. Save the canonical payload (no trailing newline):

printf '%s' '{"action":"Connected to PostgreSQL for persistent storage","agent_slug":"treeship-dev-agent","attestation_id":"7312b94f-18f6-416e-873f-14d5d2015eec","inputs_hash":"postgres-setup","timestamp":"2026-02-23T23:38:44.528Z"}' > payload.txt

3. Verify the signature (requires: pip install cryptography):

python3 -c "from cryptography.hazmat.primitives.serialization import load_pem_public_key;import base64;pub = load_pem_public_key(open('pubkey.pem','rb').read());sig = base64.b64decode('NcuWuXBkZRel+ej3PjLkQlek0cCuiJmerQiV6yvnGxiA7L3LyQJrBB27i7u9UaWOIE21mSYS4x/eJfk5kBFjAg==');payload = open('payload.txt','rb').read();pub.verify(sig, payload);print('VERIFIED: Signature is valid')"

If the signature is valid, you'll see VERIFIED: Signature is valid. If tampered with, Python will raise an InvalidSignature error. This proves the attestation is authentic — no Treeship API needed.