07 — Attestation & Ledger Pulse

Every Microhost provision is cryptographically sealed to a public audit ledger. Learn why this matters and how to verify yours.

What Is Ledger Pulse?

Ledger Pulse is DrkLynX's public, append-only audit ledger. Every event in the Microhost system—provisioning, upgrades, downgrades, deletions—is recorded and sealed with a quantum-resistant cryptographic signature (ML-DSA-65).

You get three things:

Proof your provision happened at a specific timestamp
Cryptographic verification of authenticity (no tampering)
Audit trail for compliance and transparency

No vendor lock-in claims. No marketing fluff. Real attestation.

Your Attestation Record

When you signed up and paid, your provision created an ast_ record sealed to the ledger:

Record Type: ast_ (attestation)
Customer ID: abc123def456
Event: MICROHOST_STARTER_PROVISION
Timestamp: 2026-04-20T14:32:15Z
Tier: STARTER
Data Hash: 0x7c89d3e2f51a6b9c...
Signature: ML-DSA-65 (quantum-resistant)

This record is immutable—it cannot be changed or deleted.

Finding Your Attestation

Go to ledger.drklynx.com
Search for your customer ID: abc123def456
Click your ast_MICROHOST_STARTER_PROVISION record
You'll see:
- Timestamp
- Tier (Starter, Pro, etc.)
- Cryptographic hash
- Signature

Verifying the Signature

To prove the record wasn't tampered with, verify the ML-DSA-65 signature locally.

Download the Verification Script

curl -O https://ledger.drklynx.com/verify.py

Run It

python verify.py \
  --ledger-id abc123def456 \
  --record-type ast_ \
  --customer-id abc123def456

Expected output:

✓ Signature valid
✓ Record untampered
✓ Timestamp: 2026-04-20T14:32:15Z

One-Liner Verification

If you want to skip the script:

python3 -c "
import hashlib
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import ml_dsa

# Your attestation data
data = b'abc123def456|MICROHOST_STARTER_PROVISION|2026-04-20T14:32:15Z'

# Public key (from ledger.drklynx.com/public-key)
pubkey = '''-----BEGIN ML-DSA-65 PUBLIC KEY-----
... (key content from ledger)
-----END ML-DSA-65 PUBLIC KEY-----'''

# Signature (from your attestation record)
signature = bytes.fromhex('...')

# Verify
try:
    ml_dsa.verify(pubkey, signature, data)
    print('✓ Signature valid')
except:
    print('✗ Signature invalid')
"

Why This Matters

1. Compliance & Audit

If a regulator asks, "Prove you had this infrastructure on this date," you have a cryptographically signed ledger entry. No dispute possible.

2. Quantum-Safe (Not Marketing Fluff)

ML-DSA-65 (CRYSTALS-Dilithium) is lattice-based cryptography. It's resistant to quantum computing attacks. Traditional RSA/ECDSA aren't. If quantum computers become practical, this attestation is still valid.

3. Anti-Tampering

Every record is hashed and signed. If someone (including DrkLynX) tries to change your provision date, record details, or any other data, the signature breaks and verification fails.

4. Transparency

The entire ledger is public. You can audit DrkLynX's operations. No hidden provisioning, no surprise charges—it's all there.

Ledger Pulse Chains

Ledger Pulse uses Blake3 hashing and triple-sealing:

sov_ (sovereignty seal) — Your data is locked to your account
ast_ (attestation seal) — Cryptographic proof of the event
scn_ (scene seal) — Cross-linked to the main ledger chain

This triple-seal prevents forking and ensures each record is immutable and traceable.

Downloading Your Attestation

You can export your attestation as a JSON file for your records:

curl https://ledger.drklynx.com/export/abc123def456 > my-attestation.json

Contents:

{
  "customer_id": "abc123def456",
  "record_type": "ast_",
  "event": "MICROHOST_STARTER_PROVISION",
  "timestamp": "2026-04-20T14:32:15Z",
  "tier": "STARTER",
  "data_hash": "0x7c89d3e2f51a6b9c...",
  "signature": "ml_dsa_65:...",
  "verified": true
}

Store this securely. It's your permanent proof of ownership.

Future Upgrades & Attestations

Every time you upgrade, downgrade, or delete your Microhost account, a new attestation record is created and sealed. You'll have a complete timeline:

2026-04-20 14:32:15 → MICROHOST_STARTER_PROVISION
2026-05-15 09:44:22 → MICROHOST_TIER_UPGRADE (Starter → Pro)
2026-06-30 16:21:08 → MICROHOST_BACKUP_CREATED

Each with its own ML-DSA-65 signature.

Accessing the Ledger API

If you want to programmatically query your attestations:

curl -H "Authorization: Bearer YOUR_API_TOKEN" \
  https://ledger.drklynx.com/api/v1/attestations/abc123def456

Response:

{
  "customer_id": "abc123def456",
  "attestations": [
    {
      "record_type": "ast_",
      "event": "MICROHOST_STARTER_PROVISION",
      "timestamp": "2026-04-20T14:32:15Z",
      "signature_verified": true
    }
  ]
}

Your API token is in your credentials email.

FAQ

"Can you delete my attestation?"

No. The ledger is append-only. Your provision record is permanent. This is by design—it proves you owned the infrastructure.

"Can someone forge an attestation?"

No. Forging an ML-DSA-65 signature is computationally infeasible (256-bit security level). The only way to add records is through the DrkLynX provisioning system, which is the sole signer.

"Is the ledger really public?"

Yes. Go to ledger.drklynx.com and search any customer ID. You'll see provisioning events, but no sensitive data (passwords, API keys, etc.). Just metadata: tier, timestamp, event type.

"What if DrkLynX goes out of business?"

Your attestations are immutable. Even if DrkLynX shuts down, the ledger persists. Third parties can verify your records independently using the public key.