Hash every order
Each routed order's payload is SHA-256 hashed on receipt.
- Hash computed server-side
- Included in the API response
- Stored in the audit journal
Chained audit
Transparency verifiable by everyone
Every order routed through Inopay is hashed and anchored in a public chain you can browse and verify offline.
How it works
Four steps, from order hash to offline verification.
Daily Merkle anchoring
All hashes of the day are aggregated in a Merkle tree whose root is frozen at midnight UTC.
- One Merkle root per 24 hours
- Deterministic, reproducible build
- Ed25519-signed snapshot
Public publication
The Merkle root is published at /.well-known/inopay/audit/<date> and accessible without authentication.
- Public endpoint, no API key
- Documented JSON format
- Mirrored across three regions
Offline verification
Anyone can verify that an order was anchored, given an attestation and the day's root.
- Open-source CLI inopay-cli
- Documented curl recipe
- No trusted third party required
Public statistics
Updated at each daily snapshot.
[To configure]
Cumulative routed orders
[To configure]
Anchored Merkle snapshots
[To configure]
Last anchor
[To configure]
Third-party verifiers
Verify it yourself
Verify it yourself
An attestation and one command are enough to confirm an order is included in the day's Merkle root.
With the official CLI:
# Vérifier qu'un ordre est bien ancré dans la racine du jour
inopay-cli verify \
--order-id=ord_01H8X4KJZQ \
--attestation=./attestation.json \
--root=https://getinopay.com/.well-known/inopay/audit/2026-04-24
# OK : SHA-256 inclus dans la Merkle root signée Ed25519Or directly with curl:
# 1. Récupérer la racine Merkle du jour
curl -s https://getinopay.com/.well-known/inopay/audit/2026-04-24 \
| jq '.merkle_root, .signature_ed25519'
# 2. Recalculer localement le hash de votre payload
sha256sum order-payload.json
# 3. Reconstruire la chaîne d'inclusion à partir du proof JSON
inopay-cli verify --proof=./proof.json --root=<merkle_root>Latest snapshots
The five most recently anchored Merkle roots.
| Date | Merkle root (SHA-256) | Orders | Signature |
|---|---|---|---|
| 2026-04-24 | a3f1b9c4d2e7f0a51b62c8d4e9f307a8b1c2d3e4f5a60718293a4b5c6d7e8f90 | 12 487 | ed25519:9k…f4 |
| 2026-04-23 | 7e2b8d4a1c9f6e0b3d5a7c8e1f2b9d0a4c6e8f1b3d5a7c9e0f2b4d6a8c0e1f30 | 11 902 | ed25519:2p…a1 |
| 2026-04-22 | c4d6e8f0a2b4c6d8e0f2a4b6c8d0e2f4a6b8c0d2e4f6a8b0c2d4e6f8a0b2c4d8 | 12 014 | ed25519:7m…b3 |
| 2026-04-21 | b1c3e5f7a9b1c3d5e7f9a1b3c5d7e9f1a3b5c7d9e1f3a5b7c9d1e3f5a7b9c1d3 | 11 651 | ed25519:5j…e7 |
| 2026-04-20 | d2e4f6a8b0c2d4e6f8a0b2c4d6e8f0a2b4c6d8e0f2a4b6c8d0e2f4a6b8c0d2e4 | 11 203 | ed25519:1q…c0 |
Four guarantees
Four guarantees
Inopay's chained audit relies on verifiable properties, with no third-party dependency.
Immutable
Once the root is anchored, altering any order invalidates the snapshot's Ed25519 signature.
Public
No authentication required to fetch a root or its tree.
Offline-verifiable
Once the root is fetched, inclusion verification is purely local.
No trusted third party
No notary, no third-party blockchain. Inopay publishes, you verify.
Read the technical spec
Snapshot format, JSON schemas and Merkle algorithms are documented alongside the portable KYC spec.