How it works · the short technical version

Seal at the source. Verify anywhere.

For the technically curious: here is exactly what a seal is, how it's made, and how anyone can check it — without EpochCore in the loop.

What a seal is

A seal is a small, tamper-evident receipt bound to one exact piece of content — an AI response, a document, a payment, a file. It captures a one-way fingerprint of the content, signs it with keys the AI can never touch, and timestamps it on an independent record.

The point: change a single character of the sealed content and the fingerprint no longer matches — so the edit is caught, mathematically, by anyone, forever.

The three steps

EpochCore runs as invisible middleware in front of your AI. Every output passes through the same chain — it cannot be skipped.

# sign → record → verify Sign fingerprint the exact output, then sign it with HSM-rooted keys Record write the seal to an independent, append-only ledger Verify anyone recomputes the fingerprint and checks it → genuine / tampered

The seal record

Each seal is a small JSON sidecar stored next to the content it protects. It binds the exact bytes to a set of signatures — change one byte and verification fails.

{ "schema": "epochcore/seal/v1", "content": { "sha256": "2bce…0c98a", "bytes": 1840 }, "signatures": [ "ed25519", "ml-dsa-87", "slh-dsa-128f" ], "issued": "2026-06-18T14:02:11Z", "key_custody": "ibm-key-protect-hsm", "ras_root": "40668c787c463ca5" }

The cryptography

Every production output is sealed with a triple signature, so it stays valid even after quantum computers break today's cryptography:

  • Ed25519 (RFC 8032) — the fast, classical signature in wide use today.
  • ML-DSA-87 (NIST FIPS 204) — a post-quantum signature standard.
  • SLH-DSA-128f (NIST FIPS 205) — a second, hash-based post-quantum anchor.

The signing keys live in an IBM Key Protect hardware security module — physically separated from the AI, so no model can ever reach the key that vouches for its output.

Verifying a seal

Verification is the half that matters — and it needs no server, no account, and no EpochCore. Recompute the fingerprint of the content and check it against the seal:

// conceptually, in any environment: const digest = sha256(contentBytes); const ok = digest === seal.content.sha256 && verifySignatures(seal.signatures, digest); // ok === true → VERIFIED · else → TAMPER
A flipped byte changes the fingerprint, so the signatures no longer match. The live demo on the home page runs this exact check in your browser.

For developers

Every capability is published as OpenAPI 3.0.3 — importable into IBM watsonx Orchestrate or callable from any agent or backend.

GET
/health
service health — worker · ledger · dispatcher
POST
/seal
seal a piece of content → signed receipt + record id
POST
/verify
triple-signature verify — Ed25519 + ML-DSA + SLH-DSA
GET
/pubkeys
live public keys for independent verification

Want the full spec or a sandbox key? Email us →