One API call verifies token balances, NFT ownership, or EAS attestations across 33 blockchains. Every result is ECDSA-signed. Verify it client-side. No trust required.
Get a free API key. Replace YOUR_API_KEY. Run this.
AI agents: buy a key autonomously with USDC via POST /v1/keys/buy — no email required.
// npm install node-fetch (or use native fetch in Node 18+) const res = await fetch("https://api.insumermodel.com/v1/trust", { method: "POST", headers: { "Content-Type": "application/json", "x-api-key": "YOUR_API_KEY" }, body: JSON.stringify({ wallet: "0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045" }) }); const { data } = await res.json(); console.log(data.trust.dimensions); // { stablecoins, governance, nfts, staking }
import requests res = requests.post( "https://api.insumermodel.com/v1/trust", headers={"x-api-key": "YOUR_API_KEY"}, json={ "wallet": "0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045" } ) data = res.json()["data"] print(data["trust"]["dimensions"]) # { stablecoins, governance, nfts, staking }
curl -X POST https://api.insumermodel.com/v1/trust \ -H "Content-Type: application/json" \ -H "x-api-key: YOUR_API_KEY" \ -d '{ "wallet": "0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045" }' # Response: { "ok": true, "data": { "trust": { "dimensions": {...}, "summary": {...} }, "sig": "...", "kid": "..." }, "meta": {...} }
36 checks across 4 dimensions. Just a wallet address — no contract or chain config needed. See trust profiles → | Custom conditions →
Every response is ECDSA-signed. Verify it client-side so you don't have to trust the network.
// npm install insumer-verify import { verifyAttestation } from "insumer-verify"; // Pass the full API response envelope, not response.data const response = await res.json(); const result = await verifyAttestation(response, { jwksUrl: "https://api.insumermodel.com/v1/jwks" }); console.log(result.valid); // true — signature matches JWKS public key console.log(result.payload); // the verified attestation data
# pip install cryptography requests import json, requests from cryptography.hazmat.primitives.asymmetric import ec, utils from cryptography.hazmat.primitives import hashes, serialization import base64 # Fetch the public key from JWKS jwks = requests.get("https://api.insumermodel.com/v1/jwks").json() key = jwks["keys"][0] # kid: insumer-attest-v1 # Verify: decode sig, reconstruct payload, check sig_bytes = base64.urlsafe_b64decode(data["sig"] + "==") payload = json.dumps(data["attestation"], separators=(",", ":"), sort_keys=True).encode() # Build EC public key from JWK x/y coordinates x = base64.urlsafe_b64decode(key["x"] + "==") y = base64.urlsafe_b64decode(key["y"] + "==") pub = ec.EllipticCurvePublicNumbers(x=int.from_bytes(x, "big"), y=int.from_bytes(y, "big"), curve=ec.SECP256R1()).public_key() pub.verify(sig_bytes, payload, ec.ECDSA(hashes.SHA256())) print("Signature valid")
The JWKS endpoint serves the public key for kid: insumer-attest-v1. Static copy also at /.well-known/jwks.json. insumer-verify on npm →
In production: AsterPay KYA, SettlementWitness, and Revettr use InsumerAPI in production.
Every endpoint maps to this pipeline. Blockchain state in, signed credential out.
33 chains via RPC
Tokens, NFTs, EAS, Farcaster
ECDSA P-256 attestation
or ES256 JWT via JWKS
40 checks → 7 dimensions
Signed wallet profiles
Commerce, compliance
Access control, agent trust
POST /v1/attest → Read + Sign ·
POST /v1/trust → Read + Sign + Trust ·
POST /v1/acp/discount → Full pipeline
Get an API key and make your first attestation call in under 5 minutes. No setup required.
Start here →Boolean attestation for token balances, NFT ownership, EAS credentials, and Farcaster identity. ECDSA-signed, optional Merkle proofs.
Verification docs →36 curated checks across 4 dimensions. ECDSA-signed fact profiles for agent-to-agent trust. Single and batch endpoints.
Trust docs →Verify KYC credentials on-chain. Pre-configured templates for Coinbase Verifications, Gitcoin Passport, and Farcaster identity.
Compliance docs →ACP and UCP protocol integration. Verify holdings, generate discount codes, validate at checkout. Built for autonomous agents.
Commerce docs →Programmatic merchant setup. Create, verify domain, configure tokens and NFTs, publish to directory. No dashboard needed.
Onboarding docs →Complete reference for all 26 endpoints. Auth, response format, rate limits, and every parameter documented.
Full reference →Gate any API on wallet state using standard JWT bearer tokens. Compatible with any OAuth-compatible gateway or middleware. No blockchain knowledge required.
Wallet Auth docs →Interactive visual graph of all 26 endpoints. See how they connect across 17 reference patterns with credit costs and data flows.
Explore topology →See what shipped and when on the changelog. Or read the AI agent verification guide for a complete walkthrough.
26 tools covering all endpoints. Verify holdings, EAS attestations, compliance templates, wallet trust profiles, batch trust, ACP/UCP commerce, and onboard merchants.
npx -y mcp-server-insumer
View on npm →
View source on GitHub →
View on Glama →
26 tools covering all endpoints. Verify holdings, EAS attestations, compliance templates, wallet trust profiles, batch trust, ACP/UCP commerce, domain verification, and code validation. Also available via langchain-community.
pip install langchain-insumer
View on PyPI →
View source on GitHub →
Use the OpenAPI spec directly in GPT Actions. Available via the GPT Store for end-user access.
insumermodel.com/openapi.yaml
Reference library to independently verify attestation signatures, condition hashes, block freshness, and expiry. Verifies both raw ECDSA attestations and Wallet Auth JWT tokens — auto-detected. Zero dependencies.
npm install insumer-verify
10 actions covering the full agent lifecycle — key purchase, merchant onboarding, verification, trust profiling, ACP/UCP commerce.
npm install eliza-plugin-insumer
View on npm →
Browse code examples on GitHub.
Also listed in awesome-mcp-servers, TensorBlock MCP directory, and awesome-erc8004.
Free tier with 10 verification credits. Pro ($29/mo, 1,000 credits) and Enterprise ($99/mo, 5,000 credits) for production. Agents can buy credits directly with USDC, USDT, or BTC.
Know Your Agent hook for ERC-8183 agentic commerce. One POST /v1/attest call evaluates 4 conditions—USDC balance, Coinbase KYC, country, Gitcoin Passport—feeding a 7-component trust score. JWT verified via JWKS.
Settlement Attestation Records for agent commerce. POST /v1/attest qualifies the wallet before a transaction, then verifies state change after settlement. ECDSA-signed pre/post pair.
Pre-payment risk assessment for AI agent transactions. Calls POST /v1/trust to profile counterparty wallets across 7 dimensions before agents settle via x402.
Cold-start identity signal in the Coinbase x402 ecosystem. Uses POST /v1/attest to check Base USDC balance as one dimension of an agent trust score.
KCP defines how AI agents discover and access structured knowledge. We contributed the attestation_url pattern to RFC-0004, enabling any KCP manifest to require credential verification before granting agent access. InsumerAPI is the first production implementation. The pattern is mechanism-agnostic: on-chain tokens, Verifiable Credentials, OIDC, or SPIFFE all fit.
We submitted comments to the NIST National Cybersecurity Center of Excellence proposing on-chain credential verification as a complement to OAuth, OIDC, and SPIFFE for AI agent identity. The submission addresses all six question areas in NIST's concept paper, from cold-start trust to prompt injection resistance.