CLI Reference

The Glacis CLI provides command-line tools for working with attestation receipts.

Installation

The CLI is included with the SDK:

pip install glacis

Commands

Verify a Receipt

Verify a receipt file and check its cryptographic validity:

python -m glacis verify receipt.json

Example output (valid online receipt):

Receipt: att_abc123def456...
Type: Online

Status: VALID
  Signature: PASS
  Merkle proof: PASS

Example output (valid offline receipt):

Receipt: oatt_xyz789...
Type: Offline

Status: VALID
  Signature: PASS

Example output (invalid receipt):

Receipt: att_abc123...
Type: Online

Status: INVALID
  Error: Signature verification failed

Receipt File Format

The CLI expects a JSON file containing the receipt object:

Online Receipt

{
  "attestation_id": "att_abc123...",
  "timestamp": "2025-01-02T12:00:00Z",
  "service_id": "my-service",
  "operation_type": "inference",
  "payload_hash": "sha256:abc123...",
  "leaf_index": 42,
  "merkle_proof": ["hash1", "hash2", "hash3"],
  "signed_tree_head": {
    "tree_size": 100,
    "root_hash": "sha256:def456...",
    "timestamp": "2025-01-02T12:00:00Z",
    "signature": "ed25519:..."
  },
  "badge_url": "https://glacis.io/verify/att_abc123..."
}

Offline Receipt

{
  "attestation_id": "oatt_xyz789...",
  "timestamp": "2025-01-02T12:00:00Z",
  "service_id": "local-dev",
  "operation_type": "inference",
  "payload_hash": "sha256:abc123...",
  "signature": "ed25519:...",
  "public_key": "ed25519:...",
  "witness_status": "UNVERIFIED"
}

Saving Receipts for CLI Verification

from glacis import Glacis
import json

glacis = Glacis(api_key="glsk_live_...")

receipt = glacis.attest(
    service_id="my-service",
    operation_type="inference",
    input={"prompt": "test"},
    output={"response": "result"},
)

# Save to file
with open("receipt.json", "w") as f:
    json.dump(receipt.model_dump(), f, indent=2, default=str)

# Verify from command line
# $ python -m glacis verify receipt.json

Exit Codes

Code	Meaning
0	Receipt is valid
1	Receipt is invalid or verification failed
2	File not found or invalid JSON

Use Cases

CI/CD Verification

.github/workflows/verify.yml

- name: Verify attestation
  run: |
    python -m glacis verify receipt.json
    if [ $? -ne 0 ]; then
      echo "Attestation verification failed!"
      exit 1
    fi

Batch Verification

#!/bin/bash
for receipt in receipts/*.json; do
    echo "Verifying $receipt..."
    python -m glacis verify "$receipt"
    if [ $? -ne 0 ]; then
        echo "FAILED: $receipt"
        exit 1
    fi
done
echo "All receipts verified!"

Tip

For programmatic verification, use the SDK’s glacis.verify() method instead of the CLI.