Skip to content

Add location proof plugin documentation #24

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
johnx25bd wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Add location proof plugin documentation #24

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
62cc3bf
feat: add interactive ASCII globe with mouse repulsion animation
claude Feb 1, 2026
81e0d9c
docs: add location proof plugin system documentation
johnx25bd Feb 11, 2026
9071d46
docs: sync plugin system with SDK implementation
johnx25bd Feb 12, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
160 changes: 155 additions & 5 deletions api-reference/overview.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
---
title: "API Overview"
description: "REST APIs for geospatial operations and location records"
description: "REST APIs for location verification, verifiable geospatial operations, and location records"
---

<Warning>
Expand All @@ -9,19 +9,23 @@ description: "REST APIs for geospatial operations and location records"

# API Reference

Astral provides two REST APIs:
Astral provides three REST APIs:

| API | Purpose | Base URL |
|-----|---------|----------|
| **Verify API** | Location proof verification | `/verify/v0` |
Copy link
Member Author

@johnx25bd johnx25bd Feb 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reorder, verify shoudl be first, then compute, then records

| **Compute API** | Verifiable geospatial operations | `/compute/v0` |
| **Records API** | Query location attestations | `/api/v0` |
| **Records API** | Query location attestations | `/records/v0` |

<CardGroup cols={2}>
<CardGroup cols={3}>
Copy link
Member Author

@johnx25bd johnx25bd Feb 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

again reorder Verify Compute Records

<Card title="Verify API" icon="shield-check" href="#verify-api">
Verify location stamps and evaluate proof credibility
</Card>
<Card title="Compute API" icon="calculator" href="#compute-api">
Distance, containment, proximity checks with signed attestations
</Card>
<Card title="Records API" icon="database" href="/api-reference/records/overview">
Query existing location attestations across chains
Query location records across systems
</Card>
</CardGroup>

Expand Down Expand Up @@ -163,3 +167,149 @@ The following table shows addresses for supported chains. The **Attester Address
Length of a line
</Card>
</CardGroup>

---

# Verify API

The Verify API verifies location stamps and evaluates location proofs, returning credibility assessments with optional TEE-signed attestations.

## Base URL

```
https://api.astral.global/verify/v0
```

## Endpoints

### POST /verify/v0/stamp

Verify a stamp's internal validity (signatures, structure, signal consistency). Does **not** evaluate the stamp against a claim.

```bash
curl https://api.astral.global/verify/v0/stamp \
-H "Content-Type: application/json" \
-d '{
"stamp": {
"lpVersion": "0.2",
"locationType": "geojson-point",
"location": {"type": "Point", "coordinates": [2.2945, 48.8584]},
"srs": "http://www.opengis.net/def/crs/OGC/1.3/CRS84",
"temporalFootprint": {"start": 1738200000, "end": 1738200300},
"plugin": "mock",
"pluginVersion": "0.1.0",
"signals": {},
"signatures": [{"signer": {"scheme": "eth-address", "value": "0x..."}, "algorithm": "secp256k1", "value": "0x...", "timestamp": 1738200000}]
}
}'
```

**Response (200):**

```json
{
"valid": true,
"signaturesValid": true,
"structureValid": true,
"signalsConsistent": true,
"details": {
"signatureRecovered": true,
"recoveredAddress": "0x..."
}
}
```

### POST /verify/v0/proof

Verify a full location proof (claim + stamps) and return a credibility assessment with a signed EAS attestation.

```bash
curl https://api.astral.global/verify/v0/proof \
-H "Content-Type: application/json" \
-d '{
"proof": {
"claim": {
"lpVersion": "0.2",
"locationType": "geojson-point",
"location": {"type": "Point", "coordinates": [2.2945, 48.8584]},
"srs": "http://www.opengis.net/def/crs/OGC/1.3/CRS84",
"subject": {"scheme": "eth-address", "value": "0x..."},
"radius": 100,
"time": {"start": 1738200000, "end": 1738200300}
},
"stamps": [...]
},
"options": {
"chainId": 84532,
"schema": "0x...",
"recipient": "0x..."
}
}'
```

**Response (200):**

```json
{
"uid": "0x...",
"credibility": {
"confidence": 0.72,
"stampResults": [
{
"stampIndex": 0,
"plugin": "mock",
"signaturesValid": true,
"structureValid": true,
"signalsConsistent": true,
"supportsClaim": true,
"claimSupportScore": 0.72,
"pluginResult": {}
}
]
},
"proof": { "..." : "..." },
"attestation": { "..." : "..." },
"delegatedAttestation": { "..." : "..." },
"attester": "0x...",
"timestamp": 1738200000
}
```

### GET /verify/v0/plugins

List available verification plugins.

**Response (200):**

```json
{
"plugins": [
{
"name": "proofmode",
"version": "0.1.0",
"environments": ["react-native"],
"description": "ProofMode device-level location proofs"
},
{
"name": "witnesschain",
"version": "0.1.0",
"environments": ["react-native", "node", "browser"],
"description": "WitnessChain network infrastructure proofs"
}
]
}
```

## Error Format

Errors follow the same [RFC 7807](https://tools.ietf.org/html/rfc7807) format as the Compute API:

```json
{
"type": "https://api.astral.global/errors/invalid-input",
"title": "Invalid Input",
"status": 400,
"detail": "stamp.signatures: Required",
"instance": "/verify/v0/stamp"
}
```
152 changes: 152 additions & 0 deletions concepts/location-proofs.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,152 @@
---
title: "Location proofs"
description: "Evidence-based location verification through proof-of-location plugins"
---

<Warning>
**Research Preview** — The location proof system is under active development.
</Warning>

# Location proofs

GPS is spoofable. A user can claim to be anywhere in the world, and a smart contract has no way to challenge that claim. Astral's location proof system addresses this by combining evidence from multiple independent proof-of-location sources — device sensors, network measurements, hardware attestation — into a single credibility assessment.

## The evidence problem

Astral Location Services solve the *computation* problem — given location data, we can verifiably check spatial relationships. But computation alone doesn't answer: **was the user actually there?**

```mermaid
graph LR
A["1. Location Verification<br/><b>← Location Proofs</b>"] --> B["2. Geospatial Computation<br/>Astral Location Services"]
B --> C["3. Onchain Verification<br/>EAS Resolvers"]
```

Location proofs fill in step 1. They provide *evidence* that a subject was at a claimed location, scored by credibility rather than binary yes/no.

## Terminology

| Term | Definition |
|------|-----------|
| **Claim** | An assertion that a subject was at a location during a time window |
| **Stamp** | Evidence from a single proof-of-location system (one observation) |
| **Proof** | A claim bundled with one or more stamps |
| **Verify** | Check a stamp's internal validity — signatures, structure, signal consistency |
| **Evaluate** | Assess how well stamps support a claim — SDK-side analysis producing a credibility vector |

## How it works

A location proof bundles a **claim** with supporting **stamps**:

```typescript
interface LocationProof {
claim: LocationClaim; // "I was at [2.2945, 48.8584] at 14:30"
stamps: LocationStamp[]; // Evidence from ProofMode, WitnessChain, etc.
}
```

Each stamp carries evidence from a different proof-of-location system — device GPS with sensor data, network latency measurements, hardware attestation results. The verification system evaluates each stamp independently and then analyzes cross-correlation.

### The verification pipeline

<Steps>
<Step title="Stamp verification">
Each stamp is checked for internal validity: are the cryptographic signatures correct? Is the data structure well-formed? Are the signals self-consistent?
</Step>
<Step title="Claim evaluation">
Each stamp is evaluated against the claim. How close is the stamp's location to the claimed location? Does the temporal footprint overlap the claimed time window? The result is a **credibility vector** with spatial and temporal scores.
</Step>
<Step title="Cross-correlation">
For multi-stamp proofs, the system analyzes independence (are stamps from different physical phenomena?) and agreement (do they corroborate each other?). Two stamps from different systems that agree are stronger than two from the same system.
</Step>
<Step title="Credibility assessment">
A multidimensional credibility vector is produced with spatial, temporal, validity, and independence measurements. Applications define their own trust models to weight these dimensions according to their requirements.
</Step>
</Steps>

## Credibility, not certainty

The credibility assessment is **not** a calibrated probability. It's a multidimensional measurement across four dimensions:

- **Spatial**: How close are stamps to the claimed location? (mean/max distance, within-radius fraction)
- **Temporal**: How well do stamps overlap the claimed time window? (mean/min overlap, fully-overlapping fraction)
- **Validity**: Are signatures correct, structures well-formed, and signals consistent? (per-check fractions)
- **Independence**: Are stamps from different plugins? How well do they agree spatially? (unique plugin ratio, spatial agreement)

Applications weight these dimensions according to their own trust models. A ProofMode stamp with self-reported GPS provides device-level evidence. A WitnessChain stamp using network latency triangulation provides independent infrastructure-level verification. Together, they score higher on the independence dimension than either alone.

## The plugin architecture

Plugins are the abstraction layer that makes Astral a framework. Each proof-of-location system — ProofMode, WitnessChain, and others in the future — is a plugin that implements a standard interface.

```mermaid
graph TB
subgraph SDK["Astral SDK"]
Registry[Plugin Registry]
Stamps[stamps module]
Proofs[proofs module]
end

subgraph Plugins
PM[ProofMode Plugin]
WC[WitnessChain Plugin]
Mock[Mock Plugin]
end

Registry --> PM
Registry --> WC
Registry --> Mock
Stamps --> Registry
Proofs --> Registry
```

All methods on the plugin interface are optional. A mobile-only plugin might implement `collect`/`create`/`sign` but skip `verify` (letting the hosted service handle validation). A verification-only plugin might implement just `verify` for stamp validation.

<Card title="Plugin architecture details" icon="puzzle-piece" href="/concepts/plugins">
How the plugin system works — interface, registry, runtime model
</Card>

## Available plugins

<CardGroup cols={3}>
<Card title="ProofMode" icon="mobile">
Device-level evidence: GPS, cell tower, WiFi, hardware attestation. Runs on Android via React Native.
</Card>
<Card title="WitnessChain" icon="tower-broadcast">
Infrastructure-level evidence: network latency triangulation, multi-source IP geolocation. Runs everywhere.
</Card>
<Card title="Mock" icon="flask">
Configurable test plugin with real ECDSA crypto. For development and testing without hardware.
</Card>
</CardGroup>

## Local vs hosted verification

Plugins implement `verify` as regular code — you can run it anywhere. The distinction between local and hosted verification is whether you want a TEE attestation on top:

| Mode | What happens | Attestation |
|------|-------------|-------------|
| **Local** | SDK calls plugin's `verify` directly and evaluates in the ProofsModule | None — you trust the plugin code |
| **Hosted** | SDK calls the Astral service, which runs the same plugin code in a TEE and evaluates server-side | Signed EAS attestation from TEE |

```typescript
// Local verification — runs plugin code in your environment
const result = await astral.stamps.verify(stamp);
const assessment = await astral.proofs.verify(proof);

// Hosted verification — same logic, but with TEE attestation
const assessment = await astral.proofs.verify(proof, {
mode: 'hosted',
endpoint: 'https://api.astral.global/verify/v0'
});
```

Both paths produce the same credibility assessment. The hosted path adds a signed attestation you can submit onchain.

<CardGroup cols={2}>
<Card title="Creating location proofs" icon="rocket" href="/guides/creating-location-proofs">
End-to-end tutorial with the mock plugin
</Card>
<Card title="Writing plugins" icon="code" href="/guides/writing-plugins">
Build a custom proof-of-location plugin
</Card>
</CardGroup>
Loading