API Reference

Glacis Client

Constructor

from glacis import Glacis

# Online mode (default)
glacis = Glacis(api_key="glsk_live_...")

# Offline mode
glacis = Glacis(mode="offline")

# Offline with custom seed
glacis = Glacis(mode="offline", signing_seed=bytes)

Parameters:

Parameter	Type	Required	Description
api_key	str	No	Glacis API key (glsk_live_...). Required for online mode.
mode	str	No	"online" (default) or "offline"
signing_seed	bytes	No	32-byte Ed25519 seed for offline mode
base_url	str	No	API base URL (default: https://api.glacis.io)

---

glacis.attest()

Create an attestation for an AI operation.

receipt = glacis.attest(
    service_id="my-service",
    operation_type="inference",
    input={"prompt": "Hello"},
    output={"response": "Hi there"},
    metadata={"model": "gpt-4", "temperature": 0.7},
)

Parameters:

Parameter	Type	Required	Description
service_id	str	Yes	Identifier for your service
operation_type	str	Yes	Type of operation (e.g., "inference", "training")
input	dict	Yes	Input data (hashed locally, never sent)
output	dict	Yes	Output data (hashed locally, never sent)
metadata	dict	No	Additional metadata (sent as-is)

Returns: AttestReceipt or OfflineAttestReceipt

---

glacis.verify()

Verify an attestation receipt.

result = glacis.verify(receipt)
print(result.valid)
print(result.signature_valid)
print(result.proof_valid)  # Online receipts only

Parameters:

Parameter	Type	Required	Description
receipt	AttestReceipt | OfflineAttestReceipt	Yes	Receipt to verify

Returns: VerifyResult

---

AsyncGlacis Client

Async version of the client for use with asyncio.

from glacis import AsyncGlacis

async with AsyncGlacis(api_key="glsk_live_...") as glacis:
    receipt = await glacis.attest(
        service_id="my-service",
        operation_type="inference",
        input={"prompt": "Hello"},
        output={"response": "Hi there"},
    )

The async client has the same methods as the sync client, but all are async.

---

Models

AttestReceipt

Online attestation receipt with Merkle proofs.

class AttestReceipt:
    attestation_id: str          # "att_xxx"
    timestamp: datetime          # When attested
    service_id: str              # Service identifier
    operation_type: str          # Operation type
    payload_hash: str            # SHA-256 of input/output
    leaf_index: int              # Position in Merkle tree
    merkle_proof: list[str]      # Inclusion proof
    signed_tree_head: SignedTreeHead  # Signed tree state
    badge_url: str               # Verification URL
    verify_url: str              # API verification endpoint

OfflineAttestReceipt

Offline attestation receipt with local signature.

class OfflineAttestReceipt:
    attestation_id: str          # "oatt_xxx"
    timestamp: datetime          # When attested
    service_id: str              # Service identifier
    operation_type: str          # Operation type
    payload_hash: str            # SHA-256 of input/output
    signature: str               # Ed25519 signature
    public_key: str              # Ed25519 public key
    witness_status: str          # "UNVERIFIED"

SignedTreeHead

Merkle tree state signed by the witness.

class SignedTreeHead:
    tree_size: int               # Number of leaves
    root_hash: str               # Merkle root
    timestamp: datetime          # Tree timestamp
    signature: str               # Witness signature

VerifyResult

Result of receipt verification.

class VerifyResult:
    valid: bool                  # Overall validity
    signature_valid: bool        # Signature check passed
    proof_valid: bool | None     # Merkle proof check (online only)
    error: str | None            # Error message if invalid

---

Crypto Utilities

hash_payload()

Hash a payload using SHA-256 with RFC 8785 canonicalization.

from glacis.crypto import hash_payload

# Produces identical hashes regardless of key order
hash1 = hash_payload({"b": 2, "a": 1})
hash2 = hash_payload({"a": 1, "b": 2})
assert hash1 == hash2  # True

Note

RFC 8785 ensures that the same logical JSON object produces the same hash across Python, TypeScript, and Rust implementations.

verify_signature()

Verify an Ed25519 signature.

from glacis.crypto import verify_signature

valid = verify_signature(
    message=b"...",
    signature=bytes.fromhex("..."),
    public_key=bytes.fromhex("...")
)

---

Exceptions

GlacisError

Base exception for all Glacis errors.

from glacis.exceptions import GlacisError

try:
    receipt = glacis.attest(...)
except GlacisError as e:
    print(f"Glacis error: {e}")

GlacisAPIError

Error from the Glacis API.

from glacis.exceptions import GlacisAPIError

try:
    receipt = glacis.attest(...)
except GlacisAPIError as e:
    print(f"API error {e.status_code}: {e.message}")

GlacisVerificationError

Error during receipt verification.

from glacis.exceptions import GlacisVerificationError

try:
    result = glacis.verify(receipt)
except GlacisVerificationError as e:
    print(f"Verification failed: {e}")

---

Constants

from glacis import __version__

print(__version__)  # "0.1.0"