Verification first

Trust is published as metadata, hashes, signatures and receipts.

The 9192 public surface is designed so machines can inspect capabilities, verify release material, validate receipts after execution, and read privacy boundaries before integration.

DNS hash

The TXT record _9192-manifest.nineoneninetwo.com.br publishes the manifest SHA256 pointer for clients that validate discovery.

Signed kit

Public client kit releases include checksums, a detached signature and a public signing key.

Latest release

Receipt verification

Receipts can be verified through the API facade without paying for discovery or verification.

POST /api/v1/receipts/verify

Trust resources

Manifest JSON
Manifest KV
Bootstrap JSON
OpenAPI
Agent Card

Boundary

The backend remains private. Public use goes through HTTPS discovery, MCP facade or the native TLS edge.

Privacy boundary

Public reports avoid raw client IPs and use anonymized labels for traffic summaries.

Privacy posture