immut developer and AI agent documentation
immut is the proof layer for digital files. Your software or your AI agent computes a SHA-256 hash of a file on your own machine, sends only the hash to immut, and immut anchors it on the XRP Ledger with a precise timestamp. The result is a permanent, independently verifiable, court-ready proof that the file existed at that moment, unchanged. The file itself never leaves your control.
Who is this documentation for?
It is written for two readers: developers integrating immut into their systems, and AI agents acting on behalf of immut customers. Every page here is also served as raw markdown by appending .md to the URL, so agents can fetch clean text without parsing HTML.
Where should I start?
- Quickstart: create your first proof with curl in under five minutes. Raw version: /docs/quickstart.md
- API reference: the curated v1 endpoint set with full request and response examples. Raw version: /docs/api.md
- Agent playbook: how an AI agent should watch, select, hash, and prove documents. Raw version: /docs/agents.md
- Security: API key scopes, rate limits, the salted commitment scheme, and data handling rules. Raw version: /docs/security.md
- OpenAPI 3.1 specification: machine-readable spec for the full curated surface.
What are the three ways to use immut?
- REST API. Base URL
https://backend.immut.io/api/v1, Bearer authentication with an API key. A keyless machine-readable quickstart is served athttps://backend.immut.io/api/v1/docs. - CLI.
immut-clion npm: hash, prove, verify, and fetch certificates from any terminal or agent session. Zero dependencies, Node 18+. Source: github.com/enroh-ops/immut-agent. - Agent Skill.
npx skills add enroh-ops/immut-agentteaches an AI agent to watch your work, decide which documents matter, and prove them automatically, with a setup wizard for choosing what to protect.
How does authentication work?
A human account owner creates an API key at app.immut.io/account?tab=api-keys and gives it to their integration or agent. API access is included on Professional and Enterprise plans (see pricing). Verification needs no key at all: anyone can check a proof at GET https://backend.immut.io/api/public/verify/{txHash} or on the public verify page.
Which ledger do proofs land on?
Proofs created by paid organisations anchor to XRPL mainnet and are permanent: the record outlives immut and remains independently verifiable on the public ledger indefinitely. Free accounts operate on the XRPL testnet, which is periodically reset and is intended for evaluation only.
Where can I get help?
Email djh@immut.io or book a call at cal.com/david-horne-vdktbc/30min.