Trust, but verify.
Call inference from a contract.

Every Plumb receipt is signed with ed25519 over a stable canonical payload:v1\nrequest_hash=...\nresponse_hash=...\nmodel=...\ncost_micro=...\nissued_at=.... The Python SDK ships a verify_receipt(receipt) helper; the explorer's receipt page renders a one-click verify button that runs the signature check in the browser against @noble/ed25519.

For on-chain consumers, PipeOracle provides the same signature discipline in Solidity. A contract calls oracle.request(modelHash, inputHash, callback); the worker picks up the JobRequested event, runs the model via onnxruntime, signs with the rotated gateway key, and submits fulfill(jobId, result, sig). The oracle recovers the signer and invokes the caller's IPipeCallback.

Roadmap: TEE-backed attestation quotes (Nitro / SGX) swap in behind the sameAttester interface — the verification mode on each receipt becomestee-nitro or tee-sgx instead of vanilla.

Client-side receipt verify

from plumb_sdk import Client

c = Client(base_url="https://api.plumbtech.xyz")
rcpt = c.receipts.get("rc_01HVBZ...")

ok = c.verify_receipt(rcpt)
assert ok, "signature did not match canonical payload"
print("verified →", rcpt.id)

Request inference from a contract

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.24;

import {IPipeOracle, IPipeCallback} from "@plumb/contracts/src/IPipeOracle.sol";

contract Example is IPipeCallback {
    IPipeOracle public oracle;
    mapping(uint256 => bytes) public results;

    constructor(IPipeOracle _oracle) { oracle = _oracle; }

    function ask(bytes32 modelHash, bytes32 inputHash) external returns (uint256) {
        return oracle.request(modelHash, inputHash, address(this));
    }

    function pipeCallback(uint256 jobId, bytes calldata result) external {
        require(msg.sender == address(oracle), "not oracle");
        results[jobId] = result;
    }
}

↳ Deployed contract addresses
↳ verify_receipt reference