Coming soon · Private design partners

BAINK Receipts. The evidence layer for AI-assisted banking decisions.

Hosted canonicalization, signing, signed webhooks, and verification for BAINK Evidence Bundles. Send a bundle. Get a digest, a signed receipt, and a structured verification result. Keep sensitive decision data in your environment.

INFOSpec: BAINK-CM-0.1 draftPASSLocal Rust verifier: authoritativeWARNHosted API: in designINFOSandbox access: open

The thin waist

Evidence Bundle Canonical Digest Signed Receipt Verification Result

Hosted convenience. Local truth. Everything verifiable through this API is also verifiable with the open-source Rust verifier — no network egress, no lock-in. The moat is being the trusted receipt layer, not secrecy.

What v0 does

Four primitives. Nothing else.

Canonicalization

Deterministic digest of any BAINK bundle, with schema validation and warnings before you ask us to sign anything.

Signed receipts

Ed25519, org-scoped, anchored to the BAINK Ledger™. The commercial primitive — institutional proof-of-process.

Structured verification

Per-check report: schema, hash chain, signature, profile requirements, approvals, policy bindings.

Signed webhooks

HMAC-SHA256 deliveries for receipt.issued and receipt.verified — same scheme you can verify locally.

Playground · live

POST api.baink.dev/v1/canonicalize

Send a bundle. Get a deterministic digest, schema validity, and warnings. No signing, no auth, no retention.

INFONo authPASSStateless
request · json
response

Press send to call the endpoint.

POST https://api.baink.dev/v1/canonicalize · no body retention

Webhooks sandbox

Two events. One signing scheme. Verify locally.

Trigger signed receipt.issued and receipt.verified events against any URL you control. Every delivery is signed with HMAC-SHA256 over timestamp.body — the same scheme your verifier will check.

Tip: use webhook.site to inspect headers and body live.

Send an event to see the signed request and your receiver's response.

Public sandbox · no auth · payloads not stored · only public hosts allowed (localhost / RFC1918 ranges blocked). The hosted endpoint is convenience — signatures can be verified locally with the open-source Rust verifier.

Endpoint preview

Illustrative. Shape may change before GA.

POSThttps://api.baink.dev/v1/canonicalize

Developer wedge. Submit a bundle, get a canonical digest and schema validation. No signing.

httpPOST https://api.baink.dev/v1/canonicalize
POST https://api.baink.dev/v1/canonicalize
Authorization: Bearer baink_sk_live_...
Content-Type: application/json

{
  "profile": "BAINK-CM-0.1",
  "bundle": {
    "header": {},
    "decision": {},
    "inputs": [],
    "steps": [],
    "policy_bindings": [],
    "approvals": []
  }
}

200 OK
{
  "profile": "BAINK-CM-0.1",
  "schema_version": "0.1",
  "canonicalization_version": "baink-c14n-0.1",
  "bundle_digest": "sha256:0a1b...",
  "valid_schema": true,
  "warnings": []
}
POSThttps://api.baink.dev/v1/receipts

Issue a signed receipt for a valid bundle digest. Ed25519, org-scoped, anchored.

httpPOST https://api.baink.dev/v1/receipts
POST https://api.baink.dev/v1/receipts
Authorization: Bearer baink_sk_live_...
Content-Type: application/json

{
  "profile": "BAINK-CM-0.1",
  "bundle_digest": "sha256:0a1b...",
  "issuer_org_id": "org_7Q...",
  "external_reference": "loan_12345"
}

200 OK
{
  "receipt_id": "rcpt_01HXY...",
  "bundle_digest": "sha256:0a1b...",
  "profile": "BAINK-CM-0.1",
  "issued_at": "2026-05-24T18:32:00Z",
  "signature": {
    "alg": "ed25519",
    "key_id": "baink_signing_key_2026_01",
    "value": "..."
  },
  "verification_url": "https://api.baink.dev/v1/receipts/rcpt_01HXY..."
}
POSThttps://api.baink.dev/v1/verify

Verify a bundle, a receipt, or both. Returns structured per-check results — not just pass/fail.

httpPOST https://api.baink.dev/v1/verify
POST https://api.baink.dev/v1/verify
Authorization: Bearer baink_sk_live_...
Content-Type: application/json

{ "bundle": { }, "receipt": { } }

200 OK
{
  "verified": true,
  "profile": "BAINK-CM-0.1",
  "checks": {
    "schema_valid": true,
    "hash_chain_valid": true,
    "receipt_signature_valid": true,
    "profile_requirements_met": true,
    "approval_roles_present": true,
    "policy_bindings_present": true
  },
  "bundle_digest": "sha256:0a1b...",
  "receipt_id": "rcpt_01HXY...",
  "verified_at": "2026-05-24T18:36:00Z"
}
GEThttps://api.baink.dev/v1/receipts/:receipt_id

Public verification metadata. No bundle contents — banks keep their sensitive data.

httpGET https://api.baink.dev/v1/receipts/:receipt_id
GET https://api.baink.dev/v1/receipts/rcpt_01HXY...

200 OK
{
  "receipt_id": "rcpt_01HXY...",
  "bundle_digest": "sha256:0a1b...",
  "profile": "BAINK-CM-0.1",
  "issued_at": "2026-05-24T18:32:00Z",
  "issuer_org_id": "org_7Q...",
  "signature": {
    "alg": "ed25519",
    "key_id": "baink_signing_key_2026_01",
    "value": "..."
  },
  "status": "active"
}
POSThttps://api.baink.dev/v1/webhooks/test

Trigger a signed receipt.issued or receipt.verified event to a URL you control. Try it live in the sandbox above.

httpPOST https://api.baink.dev/v1/webhooks/test
POST https://api.baink.dev/v1/webhooks/test
Content-Type: application/json

{
  "event": "receipt.issued",
  "target_url": "https://api.your-app.com/webhooks/baink",
  "secret": "whsec_...",
  "receipt_id": "rcpt_demo_01"
}

→ POST https://api.your-app.com/webhooks/baink
BAINK-Event-Id: evt_01HXY...
BAINK-Event-Type: receipt.issued
BAINK-Timestamp: 1716580000
BAINK-Signature: t=1716580000,v1=<hex hmac-sha256>
Content-Type: application/json

{ "id": "evt_01HXY...", "type": "receipt.issued", "data": { "receipt": { ... } } }
POSThttps://api.baink.dev/v1/webhooks/verify

Confirm a webhook came from BAINK. Returns per-check results: format, freshness, signature match.

httpPOST https://api.baink.dev/v1/webhooks/verify
POST https://api.baink.dev/v1/webhooks/verify
Content-Type: application/json

{
  "secret": "whsec_...",
  "signature": "t=1716580000,v1=<hex>",
  "payload": "<raw request body as string>"
}

200 OK
{
  "valid": true,
  "checks": {
    "signature_format": true,
    "timestamp_fresh": true,
    "signature_match": true
  },
  "computed_signature": "..."
}

Out of scope for v0

Discipline is the feature.

The hosted API does not own the bundle. The open standard does. v0 certifies, anchors, and verifies — nothing more.

  • Full bundle storage
  • Policy editor
  • Examiner portal
  • Insurer scoring
  • Webhook retry queue
  • User-facing dashboard

Trust model

Bearer keys. Org-scoped. Ed25519 receipts. HMAC-signed webhooks.

  • + API keys are issued per organization and per environment.
  • + Receipts are Ed25519; verification public keys are published per org.
  • + Webhook deliveries are HMAC-SHA256 over timestamp.body.
  • + Every receipt and verification event is recorded in the BAINK Ledger™.

The hosted API is convenient. The local Rust verifier is authoritative.

Who it's for

For vendors

Add BAINK receipts to your product in an afternoon. Ship a badge banks can verify.

For banks

Keep sensitive decision data in your environment. Share only receipts and hashes.

For insurers

Evaluate whether AI-assisted decisions produce structured, tamper-evident evidence.

For developers

One install. Canonicalize, sign, and verify with the same primitives as the open verifier.

Apply for sandbox access

Sandbox credentials for funded AI banking teams.

Tell us where to deliver signed receipt events and which event types you'll consume. We issue sandbox keys within one business day and read every application.

View pricing →

Where we'll POST signed receipt events once you're issued sandbox credentials.

Intended events *

One business-day response. We only email about your application.

Trademark notice

BAINK™, BAINKING™, BAINK Assure™, BAINK Ledger™, BAINK Binder™, and BAINK Verified™ are trademarks of the BAINK Working Group. The BAINK Evidence Standard is an open protocol licensed under Apache-2.0.