# immut developer and AI agent documentation immut is the proof layer for digital files. Your software or your AI agent computes a SHA-256 hash of a file on your own machine, sends only the hash to immut, and immut anchors it on the XRP Ledger with a precise timestamp. The result is a permanent, independently verifiable, court-ready proof that the file existed at that moment, unchanged. The file itself never leaves your control. ## Who is this documentation for? It is written for two readers: developers integrating immut into their systems, and AI agents acting on behalf of immut customers. Every page here is also served as raw markdown by appending `.md` to the URL, so agents can fetch clean text without parsing HTML. ## Where should I start? - [Quickstart](/docs/quickstart): create your first proof with curl in under five minutes. Raw version: [/docs/quickstart.md](/docs/quickstart.md) - [API reference](/docs/api): the curated v1 endpoint set with full request and response examples. Raw version: [/docs/api.md](/docs/api.md) - [Agent playbook](/docs/agents): how an AI agent should watch, select, hash, and prove documents. Raw version: [/docs/agents.md](/docs/agents.md) - [Security](/docs/security): API key scopes, rate limits, the salted commitment scheme, and data handling rules. Raw version: [/docs/security.md](/docs/security.md) - [OpenAPI 3.1 specification](/docs/openapi.json): machine-readable spec for the full curated surface. ## What are the three ways to use immut? 1. **REST API.** Base URL `https://backend.immut.io/api/v1`, Bearer authentication with an API key. A keyless machine-readable quickstart is served at `https://backend.immut.io/api/v1/docs`. 2. **CLI.** `immut-cli` on npm: hash, prove, verify, and fetch certificates from any terminal or agent session. Zero dependencies, Node 18+. Source: [github.com/enroh-ops/immut-agent](https://github.com/enroh-ops/immut-agent). 3. **Agent Skill.** `npx skills add enroh-ops/immut-agent` teaches an AI agent to watch your work, decide which documents matter, and prove them automatically, with a setup wizard for choosing what to protect. ## How does authentication work? A human account owner creates an API key at [app.immut.io/account?tab=api-keys](https://app.immut.io/account?tab=api-keys) and gives it to their integration or agent. API access is included on Professional and Enterprise plans (see [pricing](/pricing)). Verification needs no key at all: anyone can check a proof at `GET https://backend.immut.io/api/public/verify/{txHash}` or on the [public verify page](https://app.immut.io/verify). ## Which ledger do proofs land on? Proofs created by paid organisations anchor to XRPL mainnet and are permanent: the record outlives immut and remains independently verifiable on the public ledger indefinitely. Free accounts operate on the XRPL testnet, which is periodically reset and is intended for evaluation only. ## Where can I get help? Email [djh@immut.io](mailto:djh@immut.io) or book a call at [cal.com/david-horne-vdktbc/30min](https://cal.com/david-horne-vdktbc/30min).