Signed payload standard draft

Make invoices and payment instructions harder to fake.

DocTrust is an open, machine-verifiable format for signed documents, QR payloads, and bank-facing references. It helps software reject altered IBANs, mismatched beneficiaries, stale references, forged payment data, and registry misuse before a transfer is approved.

View on GitHub Read the status Open the spec

Status

Transport JSON + QR

Envelope dtp1z.

SDKs JS, Python, .NET

Trust Local registry + issuer binding

Profile Payment validation

QR Bounded decode

{
  "intent": "payment",
  "document": {
    "iban": "BE68 5390 0754 7034",
    "amount": 1499.95,
    "currency": "EUR",
    "reference": "RF18539007547034"
  },
  "sig": "base64url..."
}

Why it exists

Email and PDF workflows are trivial to imitate. DocTrust adds a signed payload and a trust registry so verification software can compare what the user sees with what the issuer actually approved.

Prevent substitution

Changing an IBAN, beneficiary name, or payment reference breaks verification unless the payload is re-signed by a trusted issuer.

Keep it offline

Verification can happen locally on a laptop, browser, or payment app, with no dependency on a live remote service.

Stay portable

The same payload works across QR codes, PDFs, emails, and attached files, so SDKs can target the same format.

Profiles

Invoice profile

Minimal shared fields for document validation when the goal is to compare what was issued with what is shown to the user.

document_idTraceable document identifier.
beneficiary_nameName displayed to the payer.
ibanBeneficiary account number.
amount / currencyExact payment value.
due_dateValidity and timing anchor.

Payment profile

Extra fields that help software correlate a signed invoice with the actual payment operation.

transaction_idCorrelates the document to one operation.
communicationHuman-visible payment reference.
referenceStructured or bank-facing remittance ID.
due_dateShort-lived validity window.

Interactive check

Paste a payload, set the expected payment details, and see whether the profile matches. This is a simple browser-side illustration of the verification logic.

Payload

Expected IBAN

Expected Beneficiary

Expected Amount

Expected Reference

Expected Due Date

Expected Transaction ID

Expected Communication

Upload examples

Upload a document export or use one of the built-in examples to see how the page can recover a compact QR payload or a hidden PDF metadata payload from the file itself.

The file can be a PDF, a text export, or a raw attachment. The demo scans for the compact `dtp1z.` envelope and, when found, decodes it back to JSON.

Choose a file or load an example to inspect its embedded payload.

SDKs

JavaScript

Reference verifier, QR transport helpers, and trust registry lookup for browser or Node-based integrations.

Python

Reference implementation for workflows, tooling, and server-side verification.

.NET

Reference library plus console harness for payment and document verification on Windows and cross-platform .NET.

Project status

DocTrust is early-stage but already executable. The current work is to keep the SDKs aligned, harden the trust registry and transport profile, and expand conformance coverage.

Governance

The trust registry is documented as a neutral, signed publication layer. It defines issuer binding, anchor status, key status, and offline-friendly verification rules.

Open governance doc