Provenance Certificates

Every API request generates a provenance certificate - a cryptographically signed record proving the quantum origin, statistical quality, and chain of custody of your random values.

What's in a Certificate?

Each certificate contains the complete audit trail for a single API request:

Section	Contents
Identity	Certificate ID, request ID, issue timestamp, status
Provenance	QuBitLang circuit name and version, quantum backend, qubits used, circuit depth
Verification	NIST SP800-22 results (7/7), Dieharder (not yet implemented), min-entropy per bit
Hashes	SHA-256 hashes of raw output, processed output, and delivered values
Verify URL	Public URL for independent third-party verification

Certificate Structure

Certificate JSONJSON

{ "certificate": { "id": "cert_a7f2b9c4d8e1", "status": "valid", "issued_at": "2026-03-09T15:42:17Z", "request_id": "req_a1b2c3d4e5f6", "provenance": { "qubitlang_circuit": "qrng_hadamard_v2.3", "qubitlang_version": "1.4.0", "quantum_backend": "ibm_fez", "qubits_used": 8, "circuit_depth": 1 }, "verification": { "nist_sp800_22": "7/7 passed", "dieharder": "not yet implemented", "min_entropy_per_bit": 0.9998 }, "hashes": { "raw_output": "sha256:a7f2b9c4d8e1f3a5b7c9...", "processed": "sha256:c3d5e7f9a1b3c5d7e9f1...", "delivered": "sha256:b0c2d4e6f8a0b2c4d6e8..." }, "verify_url": "https://trueentropy.net/verify/?id=cert_a7f2b9c4d8e1" } }

Retrieving Certificates

Every API response includes a certificate_id in the metadata. Use it to retrieve the full certificate:

# Generate entropy and get the certificate result = client.integers(count=10) cert = client.certificate(id=result.metadata.certificate_id) print(cert.verification.nist_sp800_22) # 7/7 passed print(cert.hashes.delivered) # sha256:b0c2d4... print(cert.verify_url) # https://trueentropy.net/verify/?id=...

const result = await client.integers({ count: 10 }); const cert = await client.certificate({ id: result.metadata.certificateId }); console.log(cert.certificate.verification); console.log(cert.certificate.verifyUrl);

curl https://api.trueentropy.net/v1/certificate \ -H "Authorization: Bearer te_live_YOUR_KEY" \ -G -d "id=cert_a7f2b9c4d8e1"

Hash Chain

Each certificate includes three SHA-256 hashes forming a verifiable chain of custody:

Hash	What it proves
`raw_output`	Hash of the raw quantum measurement bits - proves the original output from the quantum hardware
`processed`	Hash after Von Neumann debiasing - proves the post-processing step was applied correctly
`delivered`	Hash of the final values returned to you - proves nothing was modified in transit

Public Verification

Any certificate can be independently verified - no API key required - at the public verification page:

https://trueentropy.net/verify/?id=cert_a7f2b9c4d8e1

This allows auditors, regulators, and end-users to confirm quantum provenance without needing access to your TrueEntropy account.

PDF Export

Certificates can be downloaded as PDFs for offline filing and regulatory submissions:

curl https://api.trueentropy.net/v1/certificate \ -H "Authorization: Bearer te_live_YOUR_KEY" \ -G -d "id=cert_a7f2b9c4d8e1" \ -d "format=pdf" \ -o certificate.pdf

Previous← NIST SP800-22 NextSDKs Overview →