Why verify signatures?

Signature verification proves your AI responses came from verified TEE hardware. This prevents tampering and ensures response authenticity. Every Confidential AI API response includes a cryptographic signature you can verify. Here we provide a Full Signature Verification Example to help you understand how to verify the signature of the response from Confidential AI API. Here we explain the key processes of verifying.

Get the signature

When you finish the request, parse chat_id from the response and then get the signature:
Python
...
# Parse `chat_id` from the response result
chat_id = result["chat_id"]
response_hash = result["response_hash"]
...
# Retrieve the signature
sig_response = requests.get(
    f"{BASE_URL}/v1/signature/{chat_id}?model={MODEL}",
    headers={"Authorization": f"Bearer {API_KEY}"},
)
The key fields in the signature response are:
  • text: It contains the request body hash and response body hash separated by :.
  • signature: The cryptographic signature of the text signed by the signing_address account in TEE.
  • signing_address: The public key of the account generated in TEE that signed the signature.
  • signing_algo: The signature algorithm used.

Verify signature

The verification process involves the following steps:
Python
message = encode_defunct(text=text)
recovered_address = Account.recover_message(message, signature=signature)
return recovered_address.lower() == signing_address.lower()
# True means the signature is valid
Or you could try verifying on Etherscan. Go to Etherscan’s Signature Verification and click Verify Signature button, then fill in the following fields:
  • Address: Use the signing_address from the attestation API
  • Message: Use the text field from the signature response
  • Signature Hash: Use the signature field from the signature response
Click Continue to see the signature verification result.

How signature verification works

The signature proves two things:
  1. Request integrity: The text field contains hashes of both your request and the AI’s response
  2. Hardware authenticity: The signature comes from the TEE’s signing_address you verified earlier
When you verify the signature, you confirm:
  • The response matches what the TEE generated
  • No one tampered with the data in transit
  • The response came from genuine TEE hardware

Verify using Etherscan (optional)

You can also verify signatures visually using Etherscan Tool:
  1. Enter the signing_address from your attestation report
  2. Paste the text field from the signature response
  3. Enter the signature value
  4. Click verify to see the confirmation
This gives you a visual confirmation that everything matches correctly.
Signature verification completes your trust chain. You’ve now verified the hardware, software, and response authenticity - your AI workload is fully secured!