Provable Attribution
Every signature, hash, and Merkle node — computed in your browser, right now.
Every operation below runs live in your browser using the WebCrypto API — the same crypto-primitive your bank, Apple Pay, and TLS use. Nothing is precomputed on the server. Open DevTools → Network and you'll see this page download once, then go quiet — all the maths happens locally on your CPU.
Generates three real keypairs, signs six events, builds a Merkle tree, and gets three institutional co-signatures. Takes about 200ms.
Paste any receipt code from our seed data. We'll fetch the receipt via the public API, recompute every event hash, and verify the chain — all in your browser. No trust in our servers required.
| ECDSA P-256 keypairs | REAL Generated by your browser's WebCrypto. Identical algorithm to what runs on iPhone Secure Enclave. |
| SHA-256 hashes | REAL Computed live. Same hash function bitcoin uses. |
| Signatures & verifications | REAL Computed live. Tampering one byte of payload makes verify return false — you can watch it happen. |
| Merkle tree | REAL Standard binary tree, odd leaves duplicated. |
| ZK value bucket | SIMULATED Hash-based commitment shown. Production uses Groth16/PLONK range proofs (~10kB proof). |
| KPMG / EY co-signatures | SIMULATED We generate institutional keypairs in this tab and sign with them. Production: real KPMG & EY keys, published transparency logs. |
| Money rails | NOT SHOWN Out of scope for this demo. $50 AUD moves via PayID/BPAY/direct deposit — see chain explorer. |