Docs Verification
API Reference

Verification

Cryptographically verify the integrity of any completed chain. Detect tampering. Export proof records.

GET /v1/chains/:chain_id/verify

Verify a chain and retrieve the full signed audit trail. Can be called at any time — immediately after completion or years later. The result is always the same for the same chain.

JavaScript
const proof = await sp.chains.verify('sp_ch_a96fec076ffd44f4');

if (proof.tampered) {
  // Do not trust this chain — data was modified after confirmation
  throw new Error('Chain integrity check failed');
}

// Iterate the verified audit trail
for (const step of proof.trail) {
  console.log(step.event, step.confirmed_at, step.location);
}

Response

FieldTypeDescription
verifiedbooleantrue if the chain is complete and untampered.
tamperedbooleantrue if the chain data does not match its cryptographic signature. Never trust a tampered chain.
chain_idstringThe chain being verified.
completed_atstringISO 8601 timestamp when the final handoff was confirmed.
trailarrayOrdered list of confirmed handoff records.
trail[].eventstringEvent name.
trail[].actorstringActor display name.
trail[].confirmed_atstringExact confirmation timestamp from the actor's device.
trail[].locationstringReverse-geocoded address.
trail[].coordinatesobjectlat and lng at moment of confirmation.
trail[].validbooleantrue if this individual step's signature is intact.
signaturestringThe chain-level cryptographic signature covering all trail data.

How tamper detection works

When an actor confirms a handoff, SwiftProof computes a SHA-256 hash of the confirmation data — event name, actor, GPS coordinates, and timestamp — and stores it alongside the record. At verification time, the hash is recomputed and compared. If any field has been modified, the hash will not match and tampered will be true.

The chain-level signature covers all handoff hashes in sequence, so even reordering steps is detectable.

Verification is permanent. Even if you delete the chain from your dashboard, the cryptographic record remains verifiable as long as you have the chain_id and signature.