All systems operational Ed25519 · KMS

Audit-grade receipts for AI voice agents.

When an AI bot calls a consumer on behalf of a brand, Adjuro issues a signed receipt — proving who the agent is, what consent authorized the call, and on whose behalf. Verifiable by anyone in under 50 milliseconds.

From the Latin adjurō/ad·YOO·roh/— “I attest under oath.”

Request early access Read the protocol
Mint PROTOCOL A signed receipt before connect Verify PROTOCOL Confirm any agent in <50ms
SIGNED
consent-receipt.json Ed25519
{
  "agent_id":      "adj:7k9n2p4f8m1q5w3r",
  "brand":         "Acme Collections",
  "callee_hash":   "sha256:7c4f…e2a1",
  "consent_id":    "crm-12847-consent",
  "scope":         ["debt_collection"],
  "jurisdiction":  "US-CA",
  "issued_at":     "2026-05-30T00:00:00Z",
  "kid":           "adjuro-root-2026w20"
}
Trust registry
Checking…
Verify latency p99
47 ms
V0 endpoints live
13
Test suite
142 / 142

Production cryptography, open from day one

EdDSA · Ed25519 AWS KMS · HSM-backed Transparency log FRE 901 chain of custody adjuro · Apache 2.0
I The Receipt

A signed JWS. Court-admissible by design.

Every Adjuro receipt is a JOSE-standard JWS signed with pure Ed25519 (RFC 8032) inside an AWS KMS HSM. Each field proves a specific claim — and the signature over them is unforgeable without HSM-backed key access. Any third party verifies it independently, no call to Adjuro required.

  • Who & on whose behalf

    agent_id and brand bind the AI agent to the legal entity that placed the call.

  • What consent authorized it

    consent_id and scope reference the capture record and constrain the legal purpose.

  • Recipient, without the PII

    callee_hash is an HMAC of the E.164 — attests the consumer at call time without revealing the number.

consent-receipt.json SIGNED ✓
{
  "iss": "https://api.adjuro.ai",
  "jti": "adj_rcpt_x9k2tqp4f7a3w1n5b8c2d6e3",
  "iat": 1780099200,
  "exp": 2095459200,
  "agent_id": "adj:7k9n2p4f8m1q5w3r6t2y8u4i",
  "tenant_id": "acme-collections-mid-atlantic",
  "brand": "Acme Collections",
  "brand_verified": true,
  "trust_tier": "verified",
  "trust_root_id": "adjuro-root-sample",
  "event_type": "voice_call",
  "caller_number": "+18005551212",
  "callee_hash": "sha256-hmac:a8j1bzs9c5y2v7m6p4n3f8d2",
  "campaign_id": "acct-recovery-q2-2026",
  "consent_id": "crm-12847-consent-2026-03-14",
  "scope": ["debt_collection"],
  "jurisdiction": "US-CA",
  "issued_at": "2026-05-30T00:00:00.000Z",
  "expires_at": "2036-05-27T00:00:00.000Z"
}
Verify latency p99
47 ms
Signature size
64 bytes
Algorithm
EdDSA · Ed25519
Key custody
AWS KMS · us-east-1
II Evidence Packets

Win the motion with a packet, not a screenshot.

When discovery comes, export a self-contained evidence bundle for any call — signed receipt, historical keys at time of issuance, and an integrity manifest. Designed for FRE 901 chain-of-custody without an expert witness to explain a hash.

  • One API call, one ZIP

    Pull a complete audit packet for any receipt id — no CRM archaeology.

  • Provable at time of issuance

    Historical JWKS shows the receipt was valid when minted, years later.

  • Tamper-evident manifest

    A signed manifest.json seals the whole packet against alteration.

audit-packet.zip FRE 901
# GET /v1/calls/adj_rcpt_x9k2…/evidence

audit-packet.zip
├── metadata.json            # receipt + verifier log
├── receipts/
│   └── <id>.jws            # signed receipt
├── jwks-at-issuance.json    # historical keys
├── README.txt
├── manifest.json
└── manifest.json.sig        # packet integrity
Day-1 verifications
6 / 6
Test suite
142 tracked ✓
V0 endpoints live
13
Pure Ed25519
RFC 8032

Compliance teams shouldn’t reconstruct consent from CRM screenshots. They should hold a signature.

The case for cryptographic receipts

III The compliance bomb of 2025

$6.6M

Average TCPA class-action settlement in 2024–2025. Federal filings grew 60% year-over-year, and roughly 80% are class actions. The Lowery v. OpenAI / Twilio suit now exposes platforms to $500–$1,500 per call for downstream consent failures.

Sources Womble Bond Dickinson · CompliancePoint · ActiveProspect · Lowery v. OpenAI / Twilio

2,628
TCPA federal cases in 2025 · 60% YoY growth
~80%
Filed as class actions
$500–1.5K
Platform exposure per call · Lowery v. OpenAI / Twilio
10–40 hrs
Compliance time per discovery request

IV How it works

Three calls. Sign at issue. Verify offline. Export the packet.

Drop Adjuro into an existing call flow in an afternoon. The verifier is open source, so anyone can confirm a receipt without an Adjuro account.

A · Issue

Before each outbound call, your app asks Adjuro to sign a receipt binding the agent, the consent reference, and the call metadata.

# POST /v1/consent-receipts curl -X POST https://api.adjuro.ai/v1/consent-receipts \ -H "Authorization: Bearer $ADJURO_KEY" \ -H "Content-Type: application/json" \ -d '{ "agent_id": "adj:7k9n2p4f8m1q5w3r", "brand": "Acme Collections", "consent_id": "crm-12847", "scope": ["debt_collection"], "jurisdiction": "US-CA", "nonce": "a1b2c3d4e5f60718" }' # → 201 { "receipt_id": "adj_rcpt_x9k2…", "receipt_jws": "eyJh…", # "verify_token": "…", "status": "pending" }
B · Verify

Any third party — a contact center, a law firm, opposing counsel — verifies the signature against the published JWKS. Offline once the JWKS is cached.

// npm install adjuro import { verifyReceipt } from "adjuro"; const result = await verifyReceipt(receiptJws); // → { valid: true, kid: "adjuro-root-2026w20", // receipt_id: "adj_rcpt_x9k2…", // payload: { agent_id: "adj:7k9n…", scope: ["debt_collection"] } }
C · Export

For discovery, audit, or a motion to dismiss: the receipt, the JWKS at time of issuance, and packet metadata, bundled into a signed ZIP.

# GET /v1/calls/:receipt_id/evidence curl https://api.adjuro.ai/v1/calls/adj_rcpt_x9k2…/evidence \ -H "Authorization: Bearer $ADJURO_KEY" -o evidence.zip unzip -l evidence.zip # metadata.json # receipts/adj_rcpt_x9k2….jws # jwks-at-time-of-issuance.json # manifest.json + manifest.json.sig
Verify a receipt now — runs in your browser, no account needed.
Sample receipt (editable) — signed at build time with a real Ed25519 key

      

    

  







  

    

      
Watch the roundtrip

      
Vapi call → Adjuro receipt → verified.

    

    

      
 adjuro-demo.mp4 2 MIN

      

        
      

    

    
2 MIN · VAPI OUTBOUND CALL → ADJURO RECEIPT → VERIFY ROUNDTRIP

  







  

    

      
V Why Adjuro

      
Built for the receipt to outlive the company that issued it.

      
The hard part of trust infrastructure isn't issuing a token — it's proving it holds up in court, years later, to a party that doesn't trust you. Adjuro is engineered around that.

    

    

      

        
        
Court-admissible by design

        
HSM-backed signatures plus the JWKS at time of issuance — chain of custody by construction, built for FRE 901.

        
FRE 901 · pure Ed25519

      

      

        
        
Sub-50ms verification

        
Any third party verifies a receipt independently — no round-trip to Adjuro required.

        
47ms p99

      

      

        
        
Federated trust network

        
Ships with three roots reserved. Voice platforms can run their own signing roots — the verifier accepts all.

        
adjuro · vapi · retell

      

      

        
        
Open-source SDK

        
The verifier is published to npm under Apache 2.0. No vendor lock-in, by design.

        
npm · adjuro

      

      

        
        
Public transparency log

        
Receipts are designed to append to a tamper-evident log with Merkle inclusion proofs anyone can check.

        
log.adjuro.ai · live

      

      

        
        
HSM-backed signing

        
Keys live in AWS KMS and are never exposed in plaintext. Receipts are unforgeable without HSM access.

        
Ed25519 · KMS

      

    

  







  

    

      

        
VI Security & trust

        
The receipt is the proof — even if Adjuro disappears.

        
Verification needs only the public keys and the open-source SDK. Your evidence doesn't depend on us staying online, and your work never trains a shared model.

      

    

    

      
EdDSA
Ed25519, HSM-backed via AWS KMS

      
100%
Receipts designed for the public log

      
0
Plaintext key exposure

      
Apache 2.0
Open verifier · independent audit

    

  







  

    

      
Make every AI call provable.

      
Sixty-minute integration with an open SDK. Bring a real call flow — we'll mint and verify a receipt against it live.

      

        Request early access
        See the Transparency Log
      

    

  







  

    
The trust infrastructure, by the numbers

    

      
      

        
Day-1 verifications
complete

        
6 / 6

        
VAPI + KMS · 2026-05-17

      

      

        
V0 endpoints live

        
13

        
JWKS · DID · AGENTS · CONSENT-RECEIPTS · API-RECEIPTS · RECEIPTS · REVOCATIONS · VERIFY · CALL-EVENTS · CALLS · TRANSPARENCY-LOG · AUTH · TENANTS

      

      

        
Test suite

        
233 tracked

        
BUN TEST · MAIN · 49 FILES

      

      

        
Transparency log

        
LIVE

        
LOG.ADJURO.AI · SINCE 2026-06-09

      

      

        
OSS verifier SDK

        
v1.1.0

        
NPM · ADJURO · APACHE-2.0 · 2026-06-08

      

      

        
Production cryptography

        
Ed25519 · KMS

        
VERIFIED 2026-05-17

      

      
    

  









  

    
    
Request early access

    
Tell us about your use case and we'll get you onto the early-access list.

    

      

        
        
      

      

        
        
      

      

        
        
      

      

        
        
      

      

        
        
      

      

        
        
      

      
      
      
No spam. We'll reply within one business day.