Customer-facing CLI for Satsignal — anchor and verify files against the BSV-anchored notary.
Project description
satsignal-cli
Customer-facing CLI for Satsignal — anchor and verify files against the BSV-anchored notary.
Status: maintained — current release
0.4.0(pip install satsignal-cli). Standard-mode anchor + verify work end-to-end, including SPV chain-confirmation against a validated header store with TSC Merkle proofs (no single-explorer trust). Sealed bundles verify from the CLI. Sealed-mode anchoring and multi-proof (content_canonical,chunk_merkle) verification remain web-only — see scope limits.
Install
pip install satsignal-cli # Python 3.11+
pip install 'satsignal-cli[toml-py39]' # Python 3.9 / 3.10
Quickstart
satsignal login # paste your API key (sk_…)
satsignal anchor report.pdf # dry-run preview
satsignal anchor report.pdf --broadcast
# → writes report.pdf.mbnt next to the file
satsignal verify report.pdf
# → chain-confirms by default; exit 0 on success
Commands
| verb | purpose |
|---|---|
satsignal anchor <file> |
anchor a file; dry-run by default, writes <file>.mbnt on --broadcast |
satsignal verify <file> |
verify a file against its .mbnt sidecar; chain-confirms by default |
satsignal show <bundle> |
print receipt details (txid, mode, proofs, etc.) |
satsignal log |
list recent anchors from ~/.local/state/satsignal/anchors.jsonl |
satsignal login |
store API key in ~/.config/satsignal/credentials.toml |
satsignal folders |
list workspace folders |
satsignal matters |
legacy alias of satsignal folders (still supported) |
Vocabulary:
folderis the preferred public name;matteris a frozen legacy alias and keeps working forever.--folder/SATSIGNAL_FOLDER/ configfolderare accepted alongside--matter/SATSIGNAL_MATTER/ configmatter. If both are set to different values the command fails loudly; equal or single is fine. JSON / jsonl output now carries bothfolderandmatter(andproof/receipt,proof_id/bundle_id). The HTTP request to the Satsignal API still sends the frozenmatter_slugkey, so older / self-hosted servers keep working unchanged.
Sidecar convention
satsignal anchor writes <file>.mbnt next to the source by default. Override with -o. satsignal verify looks for the sidecar in this order:
<file>.mbntdirectly next to the source.satsignal/<single-bundle>.mbntin the source's parent directory (only if there's exactly one — otherwise pass--bundleexplicitly)
This convention mirrors GPG's .asc / RFC 3161's .tsr — one file in, one receipt out, same directory.
Configuration
Reads (in order, first wins):
- Environment:
SATSIGNAL_API_KEY,SATSIGNAL_BASE_URL,SATSIGNAL_FOLDER(or legacySATSIGNAL_MATTER),SATSIGNAL_PROOF_URL ~/.config/satsignal/credentials.toml(mode 600)- Defaults:
base_url = https://app.satsignal.cloud,proof_url = https://proof.satsignal.cloud,folder = inbox
The credentials file is plain TOML. folder is the preferred key;
matter still works as a legacy alias (satsignal login continues to
write matter for back-compat with older CLI versions):
api_key = "sk_..."
base_url = "https://app.satsignal.cloud"
folder = "inbox" # or legacy: matter = "inbox"
Verify semantics
satsignal verify implements the conformant procedure from bundle-v1.md §7 in order:
- Open ZIP, parse
manifest.json/canonical.json/proofs.json(if present) - Cryptographic check (standard: SHA-256; sealed: HMAC-SHA256 with master salt)
doc_hashconsistency via JCS-canonical SHA-256- Chain confirmation — fetch raw tx, parse OP_RETURN MBNT payload, compare
doc_hash
Exit codes match bundle-v1.md §8:
| exit | class | meaning |
|---|---|---|
| 0 | VERIFIED / PENDING / OFFLINE | crypto + chain OK (PENDING = 0 confirmations; OFFLINE = chain skipped) |
| 1 | CRYPTO | bundle malformed or hashes don't match |
| 2 | CHAIN | bundle is valid but the on-chain anchor doesn't commit to this canonical doc |
| 3 | NETWORK | couldn't reach WhatsOnChain / Bitails |
| 4 | (auth) | API key missing or rejected (anchor flow only) |
| 5 | (bundle not found) | |
| 6 | VERSION | mbnt_version unsupported by this CLI |
PENDING returning exit 0 is intentional — satsignal verify && cp report.pdf out/ should succeed the moment the anchor is broadcast. Opt into stricter gating with --min-confirmations N.
Offline mode
satsignal verify --offline skips the chain check. The warning ("locally-fabricated bundles pass crypto-only checks") is non-suppressible — --quiet does not silence it. This matches the chain-confirm-by-default rule from the spec; making the chain check opt-in by default would invert the safety property the protocol exists to provide.
Current scope limits
- Sealed-mode anchoring. The CLI can verify sealed bundles, but can't produce them (requires client-side HKDF + HMAC + bundle assembly). Use sealed.satsignal.cloud to produce sealed bundles.
content_canonical/chunk_merkleverification. These require porting the verifier.html canonicalizers (text-norm-v1, json-jcs-v1, csv-norm-v1, etc.) to Python. The CLI flags their presence and points to the web verifier for now.- Manifest mode. Out of scope for the CLI; use the API or web UI.
--watch/--bulk. Single-file anchors only.
See also
- Bundle format spec: https://proof.satsignal.cloud/spec-bundle
- LangChain integration: https://github.com/Steleet/langchain-satsignal
- API docs: https://app.satsignal.cloud/docs
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file satsignal_cli-0.4.2.tar.gz.
File metadata
- Download URL: satsignal_cli-0.4.2.tar.gz
- Upload date:
- Size: 46.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2e71d176d89af4ebad4bb4576d1ad85dae3d868321d18665cd513195278f462e
|
|
| MD5 |
d8b3705c55f971a8de329893fea4ad31
|
|
| BLAKE2b-256 |
6772eed52c7c7eefb97c2ebadfb163fccde70125b3f8da6cad0ada7441aab236
|
Provenance
The following attestation bundles were made for satsignal_cli-0.4.2.tar.gz:
Publisher:
publish.yml on Steleet/satsignal-cli
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
satsignal_cli-0.4.2.tar.gz -
Subject digest:
2e71d176d89af4ebad4bb4576d1ad85dae3d868321d18665cd513195278f462e - Sigstore transparency entry: 1602856012
- Sigstore integration time:
-
Permalink:
Steleet/satsignal-cli@88e7ab916d223c387989319d622f89ea139d37bf -
Branch / Tag:
refs/tags/v0.4.2 - Owner: https://github.com/Steleet
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@88e7ab916d223c387989319d622f89ea139d37bf -
Trigger Event:
release
-
Statement type:
File details
Details for the file satsignal_cli-0.4.2-py3-none-any.whl.
File metadata
- Download URL: satsignal_cli-0.4.2-py3-none-any.whl
- Upload date:
- Size: 36.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
252492051bd49a9dfee4af1b63fe98cfe1bba79f45b99065e0beaf49e3d6b96a
|
|
| MD5 |
2db0eb49d6f276a7e4c74ed5c0db6094
|
|
| BLAKE2b-256 |
7087641dcf8ad921ec0a95f601054a1fa07e89856817103b46a5ddd95adba48b
|
Provenance
The following attestation bundles were made for satsignal_cli-0.4.2-py3-none-any.whl:
Publisher:
publish.yml on Steleet/satsignal-cli
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
satsignal_cli-0.4.2-py3-none-any.whl -
Subject digest:
252492051bd49a9dfee4af1b63fe98cfe1bba79f45b99065e0beaf49e3d6b96a - Sigstore transparency entry: 1602856436
- Sigstore integration time:
-
Permalink:
Steleet/satsignal-cli@88e7ab916d223c387989319d622f89ea139d37bf -
Branch / Tag:
refs/tags/v0.4.2 - Owner: https://github.com/Steleet
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@88e7ab916d223c387989319d622f89ea139d37bf -
Trigger Event:
release
-
Statement type: