When an agent acts on a signed document, it should confirm the signing directly — not take a vendor's word for it. SignaTrust exposes the underlying evidence so an agent can check a signature on its own, without an account and without us being online.
Most platforms answer "is this signed?" with a boolean from their own database. That is fine for a human reading a dashboard, but an agent that will act on the answer inherits whatever trust you place in that vendor. SignaTrust returns the facts instead: the document hash, the public Solana transaction that anchors it, an independent RFC 3161 timestamp, and the audit chain. The agent recomputes the hash and checks each fact — so the decision rests on evidence anyone can reproduce, not on a single company's assertion.
The proof starts from the document itself: hash the bytes and compare. A match means the file is the one that was signed; a mismatch means it changed. The agent does the arithmetic — it doesn't ask us.
The hash is written to Solana mainnet and time-stamped by an independent RFC 3161 authority. Both records live outside SignaTrust, so the integrity and timing hold up even if we are offline.
The SignaTrust MCP server exposes verify_blockchain and get_evidence so an agent can verify in its own loop — structured input and output, no HTML scraping.
A self-contained bundle carries the hash chain, the anchor transaction, and the timestamp token. The agent can archive it and re-check it later, with no dependency on a live SignaTrust service.
An agent is about to release a deposit once a lease is signed. Before acting, it verifies the document — reading public evidence, not trusting a status field:
# Confirm a signed envelope from its evidence — no account needed.
curl -s https://app.signatrust.io/api/signing/envelopes/ENVELOPE_ID/verify
# -> { "verified": true,
# "documentHash": "sha256:…",
# "anchorTxId": "…", # public Solana transaction
# "timestamp": "2026-…Z", # independent RFC 3161 token
# "auditChainValid": true }
# The agent then re-derives the hash of the file it holds and checks it
# matches documentHash, and reads anchorTxId on a public Solana explorer.
# Only then does it release the deposit.Agents that speak the Model Context Protocol can do the same through the SignaTrust MCP server's verify_blockchain and get_evidence tools, which return the same facts in a structured form. See the public verification page for the same check by hand.
You can store signatures and expose a verify endpoint yourself — but then the agent is back to trusting one company's database and keys, which is the problem it was trying to avoid. Independent verifiability only means something when the evidence lives somewhere no single party controls. That is the work here: a public anchor, an independent timestamp, a portable evidence bundle, and a tool interface an agent can call — maintained so the check keeps working, and keeps being independent, over time.
It is the ability for a software agent to confirm, on its own, that a signed document is genuine and unaltered — instead of trusting a vendor's dashboard or API to say so. The agent recomputes the document's hash, checks it against a public blockchain anchor and an independent timestamp, and reads a self-contained evidence bundle. Every step can be performed without an account and without the signing vendor being online.
Three ways, all public. It can call the verification endpoint (GET /api/signing/envelopes/{id}/verify) with the document or its hash. It can call the SignaTrust MCP server's verify_blockchain and get_evidence tools, which return the anchor transaction and the evidence bundle in a shape built for tool use. Or it can read the transaction straight from a public Solana explorer. None of these requires a SignaTrust login.
A plain 'verified: true' from any vendor is only as trustworthy as that vendor. If the goal is for an agent to act on a signature — release a payment, file a record, advance a workflow — the trust should not collapse back onto a single company's word. SignaTrust returns the underlying facts the agent can check itself: the on-chain transaction, the recomputed hash, the RFC 3161 timestamp, and the audit chain. The agent verifies the evidence, not the assertion.
No. Verification is a public, read-only operation — the same check a court, a counterparty, or an auditor could run. Creating and sending envelopes needs an account and an API key; confirming an existing signature does not.
Flat-fee API tiers, never per-seat. Verify an existing signed document first — no account required.