Skip to content
TruCore logoTruCore

Developer Reference

ATF Execution Example

A complete request cycle: protect an intent, inspect the deterministic receipt, and verify the outcome. Framework-agnostic. No external plugins required.

CLI install: Run commands with npx @trucore/atf@1.5.1. No global install needed.

Protect an intent

Submit the proposed transaction to the firewall before signing or broadcasting. The firewall evaluates it against your active policy and returns a decision synchronously.

HTTP

POST /v1/bot/protect
Content-Type: application/json
Authorization: Bearer <api_key>

{
  "action": "swap",
  "amount_usd": 500,
  "slippage_bps": 40,
  "market": "SOL-USDC",
  "venue": "jupiter"
}

CLI (stdin)

echo '{"action":"swap","amount_usd":500,"slippage_bps":40,"market":"SOL-USDC","venue":"jupiter"}' \
  | atf bot protect --stdin
Tip: The firewall is fail-closed. Any request that does not match a policy rule is rejected before it reaches a signer.

Deterministic receipt fields

Every decision produces a receipt. The fields below are present in all outcomes, approved or rejected. They are deterministically reproducible: the same input and policy always produce the same content_hash.

{
  "decision":      "approved",          // "approved" | "rejected"
  "receipt_token": "rcpt_01J...",       // stable receipt ID
  "content_hash":  "sha256:e3b0c4...", // deterministic fingerprint
  "policy_id":     "pol_01J...",        // policy evaluated
  "reason_codes":  [],                  // array of rejection reason strings
  "evaluated_at":  "2026-03-04T21:00:00Z",
  "ttl_seconds":   30
}
FieldTypeDescription
content_hashstringSHA-256 fingerprint of the canonical receipt payload. Identical for the same input and policy.
receipt_tokenstringUnique ID for this receipt. Use this to retrieve or verify it later.
reason_codesstring[]Empty on approval. On rejection, lists the rule(s) that blocked the transaction.
ttl_secondsnumberHow long the decision remains valid. After expiry, re-submit the intent.

Verify a receipt

Verification re-derives the content_hash from the receipt payload and confirms it matches the value returned at issuance. Any third party with the receipt data can run this check independently.

HTTP

POST /v1/receipts/verify
Content-Type: application/json
Authorization: Bearer <api_key>

{
  "receipt_token": "rcpt_01J..."
}

CLI

atf receipts verify rcpt_01J...
Deterministic: Verification does not require server state. The hash algorithm and canonical field ordering are public. Any SDK or script that follows the same encoding spec can verify offline.

Ready to configure limits for your bot?

See guardrails checklist