Settings / Integration Guide

SDK Integration Guide

Integrate GLACIS attestations into your AI systems

How It Works

1

Hash Locally

Your input/output payload is hashed on your infrastructure using RFC 8785 canonical JSON + SHA-256. The actual data never leaves your system.

2

Attest

Only the hash is sent to GLACIS. We sign it with Ed25519 and append it to an RFC 6962 Merkle tree.

3

Verify

Anyone can verify your attestations using the public log. Auditors can confirm you ran the AI operations you claimed.

TypeScript / Node.js

Install 
npm install @glacis/sdk
Usage 
import { Glacis } from '@glacis/sdk';

// Initialize with your API key
const glacis = new Glacis({
  apiKey: process.env.GLACIS_API_KEY
});

// Create an attestation
const receipt = await glacis.attest({
  serviceId: 'my-ai-service',
  operationType: 'inference',
  input: { prompt: 'Hello, world!' },
  output: { response: 'Hi there!' }
});

// The payload is hashed locally - only the hash is sent to GLACIS
console.log('Attestation ID:', receipt.attestationId);
console.log('Leaf Index:', receipt.leafIndex);

Python

Install 
pip install glacis
Usage 
from glacis import Glacis
import os

# Initialize with your API key
glacis = Glacis(api_key=os.environ["GLACIS_API_KEY"])

# Create an attestation
receipt = glacis.attest(
    service_id="my-ai-service",
    operation_type="inference",
    input={"prompt": "Hello, world!"},
    output={"response": "Hi there!"}
)

# The payload is hashed locally - only the hash is sent to GLACIS
print(f"Attestation ID: {receipt.attestation_id}")
print(f"Leaf Index: {receipt.leaf_index}")

REST API (cURL)

Create Attestation 
# Hash your payload locally (RFC 8785 canonical JSON + SHA-256)
PAYLOAD_HASH=$(echo -n '{"input":{"prompt":"Hello"},"output":{"response":"Hi"}}' | \
  jq -cS '.' | shasum -a 256 | cut -d' ' -f1)

# Create attestation
curl -X POST https://api.glacis.io/v1/attest \
  -H "X-Glacis-Key: glsk_live_YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "serviceId": "my-ai-service",
    "operationType": "inference",
    "payloadHash": "'$PAYLOAD_HASH'"
  }'
Verify & Browse 
# Verify an attestation (no auth required)
curl https://api.glacis.io/v1/verify/att_xxx

# Get current tree head
curl https://api.glacis.io/v1/root

# Browse the public log
curl https://api.glacis.io/v1/log

API Reference

POST
/v1/attest
Create a new attestation (requires API key)
GET
/v1/verify/:attestationId
Verify an attestation with Merkle proof (public)
GET
/v1/log
Browse the public attestation log (public)
GET
/v1/root
Get signed tree head (public)
GET
/v1/orgs/:orgId
Get organization info (public)

Base URL: https://api.glacis.io

Glacis Control Mapping

Attestations automatically provide evidence for these compliance controls:

A.6.2.6 AI system verification and validation
A.6.2.7 AI system output review and verification
A.8.2 AI system operation and monitoring
A.8.4 AI system incident management
Back to Settings