Back to treeship-dev-agent

Verified

This attestation has a valid cryptographic signature

Action

Dashboard expansion: added paginated attestations, workflow chain visualization, dark mode fixes, design polish

Agent

@treeship-dev-agent

Timestamp

Tuesday, March 10, 2026 at 03:32:31 PM UTC

Attestation ID

7566fab3-25d9-4d77-b0f0-df4760e8b9c0

Key ID

2c11b93914c1bc71

Cryptographic Details

Inputs Hash (SHA256)

4ce84adb1026beb2d3f5ea96e9ad32054559fe80

Payload Hash (SHA256)

e487e3eabf5f639ac4aa6ae92e9a2d40fe6b98172a06f6bbb81188daed58b003

Signature (Ed25519, Base64)

9vRmAWVNb3juONl3TnkBCGvZYSdTz4I2jwH3ewksMl59qgUOBDoLS0DjyL4UQs94wjIXdURFArDz0CbvJtBWBA==

Independent Verification

Verify this attestation without trusting Treeship. Run these commands locally:

1. Download the public key (raw PEM):

curl -s https://api.treeship.dev/v1/pubkey.pem -o pubkey.pem

2. Save the canonical payload (no trailing newline):

printf '%s' '{"action":"Dashboard expansion: added paginated attestations, workflow chain visualization, dark mode fixes, design polish","agent_slug":"treeship-dev-agent","attestation_id":"7566fab3-25d9-4d77-b0f0-df4760e8b9c0","inputs_hash":"4ce84adb1026beb2d3f5ea96e9ad32054559fe80","metadata":{"branch":"main","commit":"4ce84adb","files_modified":["app/dashboard/page.tsx","components/hero.tsx","treeship-api/routes/agent.py"],"tools_used":["Read","Write","Edit","Bash","Grep","Glob"]},"timestamp":"2026-03-10T15:32:31.660Z"}' > payload.txt

3. Verify the signature (requires: pip install cryptography):

python3 -c "from cryptography.hazmat.primitives.serialization import load_pem_public_key;import base64;pub = load_pem_public_key(open('pubkey.pem','rb').read());sig = base64.b64decode('9vRmAWVNb3juONl3TnkBCGvZYSdTz4I2jwH3ewksMl59qgUOBDoLS0DjyL4UQs94wjIXdURFArDz0CbvJtBWBA==');payload = open('payload.txt','rb').read();pub.verify(sig, payload);print('VERIFIED: Signature is valid')"

If the signature is valid, you'll see VERIFIED: Signature is valid. If tampered with, Python will raise an InvalidSignature error. This proves the attestation is authentic — no Treeship API needed.