Verify an event, right here
Every Hypeline event carries an Ed25519 signature over its exact content. This page verifies one in your browser with WebCrypto and a public key. Nothing you paste leaves the page. Try the sample, then change a single character and watch it fail.
The sample is signed with this page's embedded demo key (kid demo). Events with any other key_id are checked against the live production keys at api.hypeline.io/.well-known/jwks.json. Verification runs entirely in your browser.
Three steps, no shared secret
Drop the signature field
Every event carries `signature`, `key_id` and `signed_at`. The verifier removes `signature` and keeps everything else, exactly as the engine did when it signed.
Canonicalize (RFC 8785)
The remaining fields are serialized with the JSON Canonicalization Scheme, so key order, escaping and number formatting are identical in every language. One byte off and verification fails.
Verify with a public key
The key matching the event’s key_id is resolved from the JWKS and the Ed25519 signature is checked with WebCrypto, in your browser. There is no shared secret anywhere.
Verifying in your own stack takes a few lines in Go, Node, or Python: see the verification docs, or read how signing fits the wider security model.
Be first to make the static web live
Add your email and we'll tell you the moment it goes live.
No spam. One email when it goes live.