·Samples

Anchor everything. Disclose exactly what you choose — later, offline.

Two live mainnet samples for sealed deep-content mode: an agent’s run report (text-tree-v1, one salted leaf per paragraph, sentence, and token) and its session policy (json-ast-v1, one salted leaf per node). Each was anchored client-side — the notary never saw the plaintext — then selectively disclosed: the customer-identity paragraph and the credentials subtree stay [REDACTED], every other span verifies against the on-chain commitment.

Start here: README.md — why deep-content hashing, and the three-step verification walkthrough. ANCHORS.md has the txids and on-chain hashes.

01The two samples

What’s in this directory.

TXT

Agent run report

An end-of-session run report from a billing-support agent. 157 leaves; the disclosure reveals three paragraphs and withholds the customer-identity paragraph (name, account, invoice, refund amount, email) — unguessable behind its per-leaf salt.

txid: 4e600adf…b1d74e
agent-run.txt, agent-run.redacted.txt, agent-run.disclosure.mbnt

JSON

Session policy

The policy the agent ran under (model, tools, limits). 22 leaves; the disclosure reveals seven top-level fields and withholds the credentials object (key-vault ref, webhook secret) as a subtree.

txid: 3b67854f…ca1d31
session-policy.json, session-policy.redacted.json, session-policy.disclosure.mbnt

The originals are published on purpose — everything here is synthetic — so you can reproduce every hash. In real use the original never leaves the owner’s machine; only the salted hash tree does. The *.disclosure.mbnt bundles are salt-stripped and safe to share: they prove the revealed spans and cannot reveal more.

02Verify it yourself

No account, no notary in the loop.

  • Drop a *.disclosure.mbnt with its *.redacted.* copy into the in-browser verifier.
  • Open a txid above on WhatsOnChain — the OP_RETURN carries the 20-byte doc_hash listed in ANCHORS.md.
  • Tamper test: change any character of a redacted copy and re-run the verifier — it fails with a specific code.
  • Made with Satsignal’s disclosure tooling — the same pure modules the in-browser verifier runs, served at proof.satsignal.cloud/static/disclosure-builder/. The packaged satsignal-anchor / satsignal-redact CLIs are not yet published; the runnable headless recipe is the headless redaction guide.
  • Sibling sample directories: chain-anchor (interop batching), merkle-row (selective row-reveal).