Official Python SDK for the CertiSigma attestation & verification API
Project description
CertiSigma Python SDK
Official Python client for the CertiSigma cryptographic attestation API.
Installation
pip install certisigma
Or from source:
cd sdk/python
pip install -e .
Quick Start
from certisigma import CertiSigmaClient, hash_file, hash_bytes
client = CertiSigmaClient(api_key="cs_live_your_key_here")
# 1. Compute the SHA-256 hash of your file
file_hash = hash_file("contract.pdf")
# 2. Attest — creates a timestamped, signed proof of existence
result = client.attest(file_hash, source="my-app")
print(f"Attestation: {result.id} at {result.timestamp}")
print(f"ECDSA signature: {result.signature}")
# 3. Verify — confirm the hash was attested
check = client.verify(file_hash)
print(f"Exists: {check.exists}, Level: {check.level}")
# Or hash raw bytes
data_hash = hash_bytes(b"any raw content")
result = client.attest(data_hash)
Public Verification (No API Key)
Verification endpoints are public. You can verify attestations without any API key:
from certisigma import CertiSigmaClient, hash_file
# No api_key needed — works out of the box
client = CertiSigmaClient()
file_hash = hash_file("contract.pdf")
check = client.verify(file_hash)
print(f"Exists: {check.exists}, Level: {check.level}")
# Batch verify also works without a key
results = client.batch_verify([file_hash])
print(f"Found: {results.found}/{results.count}")
Hashing Utilities
Standalone SHA-256 hash functions -- compute hashes without attestation:
from certisigma import hash_file, hash_bytes
# Hash a file (streamed, constant memory)
file_hash = hash_file("/path/to/document.pdf")
print(f"SHA-256: {file_hash}")
# Hash raw bytes
data_hash = hash_bytes(b"raw content")
# Verify a file against a known hash
assert hash_file("/path/to/document.pdf") == file_hash
Or hash + attest in one step:
result = client.attest_file("/path/to/document.pdf")
print(f"Attested: {result.hash_hex}")
Async Support
import asyncio
from certisigma import AsyncCertiSigmaClient
async def main():
async with AsyncCertiSigmaClient(api_key="cs_live_xxx") as client:
result = await client.attest("abcdef..." * 4 + "0" * 16)
print(result.id)
asyncio.run(main())
Batch Operations
# Attest up to 100 hashes in one call
batch = client.batch_attest(
["aabb..." * 4, "ccdd..." * 4],
source="monthly-invoices"
)
print(f"Created: {batch.created}, Existing: {batch.existing}")
# Verify batch
results = client.batch_verify(["aabb..." * 4, "ccdd..." * 4])
print(f"Found: {results.found}/{results.count}")
Metadata Management
# Update claim metadata
result = client.update_metadata("att_1234", source="pipeline-v2", extra_data={"project": "alpha"})
# Soft-delete claim
client.delete_metadata("att_1234")
# Get evidence
evidence = client.get_evidence("att_1234")
print(evidence.level, evidence.t0)
Evidence & OTS Verification
from certisigma import CertiSigmaClient, get_blockchain_url, save_ots_proof
client = CertiSigmaClient(api_key="cs_live_xxx")
# Get full cryptographic evidence (T0 + T1 + T2)
evidence = client.get_evidence("att_1234")
if evidence.level == "T2":
# Bitcoin block explorer link
print(get_blockchain_url(evidence)) # mempool.space/block/...
print(get_blockchain_url(evidence, "tx")) # mempool.space/tx/...
# Save the raw .ots proof for independent verification
save_ots_proof(evidence, "contract.pdf.ots")
# Then verify with: ots verify contract.pdf.ots
Client-Side Encryption (Zero Knowledge)
Requires: pip install certisigma[crypto]
from certisigma.crypto import generate_key, encrypt_metadata, decrypt_metadata
# Generate a key (store securely — server never sees it)
key = generate_key()
# Encrypt before sending
encrypted = encrypt_metadata({"secret": "classified"}, key)
result = client.attest(hash_hex, extra_data=encrypted, client_encrypted=True)
# Decrypt after retrieving
plaintext = decrypt_metadata(result.extra_data, key)
Error Handling
from certisigma import (
CertiSigmaError,
AuthenticationError,
RateLimitError,
QuotaExceededError,
)
try:
client.attest(hash_hex)
except AuthenticationError:
print("Invalid API key")
except RateLimitError as e:
print(f"Rate limited, retry after {e.retry_after}s")
except QuotaExceededError:
print("Monthly quota reached")
except CertiSigmaError as e:
print(f"API error {e.status_code}: {e}")
Configuration
| Parameter | Default | Description |
|---|---|---|
api_key |
None |
Bearer token (cs_live_...). Optional for verify/health. |
base_url |
https://api.certisigma.ch |
API endpoint |
timeout |
30.0 |
Request timeout in seconds |
Requirements
- Python 3.10+
httpx>= 0.25.0cryptography>= 44.0.0 (optional, forcertisigma.crypto)
License
MIT — Ten Sigma Sagl, Lugano, Switzerland
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
certisigma-1.4.0.tar.gz
(15.5 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file certisigma-1.4.0.tar.gz.
File metadata
- Download URL: certisigma-1.4.0.tar.gz
- Upload date:
- Size: 15.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9b562f330f6fb468d1ba304954f965ec642295d37a038c4782ff79632ed29086
|
|
| MD5 |
4e24b9586954c9eb07e11ca89aac8134
|
|
| BLAKE2b-256 |
450d7a6d0e292b9172468983a23a324832151c02f1d1c5422675dc87fe1609b4
|
File details
Details for the file certisigma-1.4.0-py3-none-any.whl.
File metadata
- Download URL: certisigma-1.4.0-py3-none-any.whl
- Upload date:
- Size: 11.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a2fe4099804d2ea02c46e59ad9829fdbc2d10f3eada24773a99b69dcf64f21fe
|
|
| MD5 |
f6dc33ea1a51d03e0701ec6c03b31a99
|
|
| BLAKE2b-256 |
2d53ec3f94e7d770077c77c087f094866cbb0971ce845df544aaebcd6c8885f7
|
