Introduction

Pruweba is a deterministic verification engine — it proves claims, enforces invariants, and produces immutable evidence records stored in a hash-linked chain.

Named from the Cebuano word for "proof," Pruweba operates on a simple, non-negotiable pipeline:

CLAIMVERIFYPROVEATTEST

Quick Start

# Submit your first claim
curl -X POST https://api.pruweba.com/verify \
  -H "Content-Type: application/json" \
  -d '{
    "id": "my-001",
    "subject": "system-health",
    "predicate": "status",
    "object": "operational",
    "origin": "developer-console",
    "timestamp": "2026-07-06T01:00:00Z"
  }'

# Check the evidence chain
curl https://api.pruweba.com/chain/verify
# {"valid": true}

Architecture

LayerPackageDescription
Engine@pruweba/engineCore verification logic — claims, invariants, proofs, attestations, evidence store
API@pruweba/apiREST server — Express endpoints for verification
Site@pruweba/siteLanding page and documentation

POST /verify

POST https://api.pruweba.com/verify

Submit a claim through the full verification pipeline. The claim is validated, checked against invariants, cryptographically proven, and attested to the evidence store.

Request Body

FieldTypeRequiredDescription
idstringYesUnique claim identifier
subjectstringYesWhat entity the claim is about
predicatestringYesThe asserted relationship or action
objectanyYesThe asserted value or target
originstringYesClaim source identifier
timestampstringYesISO 8601 timestamp
evidenceobjectNoSupporting data

Response 201

{
  "id": "att-000042",
  "claim": { ... },
  "verdict": {
    "status": "VERIFIED",
    "confidence": 0.6,
    "reason": "All invariants pass."
  },
  "proof": {
    "claimHash": "6edc310f...",
    "previousHash": "000000...",
    "proofHash": "a8f9eb3c...",
    "algorithm": "sha256"
  },
  "sequence": 42,
  "recordedAt": "2026-07-06T02:57:09.800Z"
}

Verdict States

StatusMeaning
VERIFIEDAll violation invariants pass. Confidence score provided.
REJECTEDA violation invariant failed. Reason and counterevidence included.
UNVERIFIABLEThe claim could not be evaluated (e.g., missing required context).

GET /attestations

GET https://api.pruweba.com/attestations

Returns all attestations in the evidence store as a JSON array.

[
  {
    "id": "att-000001",
    "claim": { ... },
    "verdict": { ... },
    "proof": { ... },
    "sequence": 1
  },
  ...
]

GET /attestations/:claimId

GET https://api.pruweba.com/attestations/:claimId

Returns a single attestation by its original claim id.

404 if the claim ID has no attestation.

curl https://api.pruweba.com/attestations/claim-001

GET /chain

GET https://api.pruweba.com/chain

Returns the full evidence chain — every record with its cryptographic hash and link to the previous record. Each record includes recordHash and previousRecordHash for chain verification.

GET /chain/verify

GET https://api.pruweba.com/chain/verify

Verifies the integrity of the entire evidence chain by recomputing and comparing all cryptographic hashes.

# Chain intact
{ "valid": true }

# Chain broken at record 7
{
  "valid": false,
  "brokenAt": 7,
  "reason": "Record 7 hash mismatch"
}

GET /health

GET https://api.pruweba.com/health
{
  "status": "ok",
  "name": "Pruweba API",
  "version": "0.1.0",
  "attestations": 42,
  "chainValid": true
}

GET /invariants

GET https://api.pruweba.com/invariants

Lists all registered invariants that are checked against every claim.

Claims

A Claim is an assertion submitted to Pruweba by an agent, module, or external system. Claims follow a subject-predicate-object structure:

Every claim must have a unique id, a valid origin, and an ISO 8601 timestamp. Claims with future timestamps are automatically rejected.

Invariants

Invariants are rules that must always hold. Pruweba checks every claim against all registered invariants before producing a verdict.

Built-in invariants include timestamp validation (claims must not be in the future) and origin validation (claims must come from a known source).

Proof Chain

Every verified claim generates a cryptographic proof using SHA-256 that links to the previous proof. This forms an unbroken, verifiable chain of custody from the genesis block to the latest attestation.

Genesis hash: 0000000000000000000000000000000000000000000000000000000000000000

Proof formula: SHA-256(claimHash + previousHash + timestamp)

Evidence Store

The Evidence Store is an append-only, hash-linked log of all attestations. Each record contains:

Tampering with any record breaks the chain — detectable immediately via GET /chain/verify. The store enforces write-once semantics: records cannot be modified or deleted.