Back to Nodes

Signatrust

Last updated Jul 13, 2026

n8n community node for Signatrust. Generate, verify, and retrieve cryptographically signed AI Decision Receipts (Ed25519) for autonomous AI agents. Cloud and self-hosted enterprise.

256 Weekly Downloads
2,665 Monthly Downloads

Included Nodes

Signatrust

Description

n8n-nodes-signatrust

![npm version](https://www.npmjs.com/package/n8n-nodes-signatrust)
![license](./LICENSE)

Sign every AI decision in your n8n workflow with Signatrust — the trust, verification and accountability layer for autonomous AI agents.

This community node lets any n8n workflow generate, verify and retrieve cryptographically signed AI Decision Receipts against Signatrust Cloud or your self-hosted enterprise endpoint.

  • One unified credential for Cloud and Self-Hosted (Connection Type selector)
  • Three focused operations — nothing more, by design
  • Privacy-first — raw prompts and outputs are SHA-256 hashed; only the hash is stored unless you opt in
  • MIT-licensed, open source
  • Production-deployed adapter at https://signatrust.net/api/v1/n8n
  • > Full landing page, recipes and FAQ:

    What this node is — and what it isn’t

    | Does | Doesn’t |
    | — | — |
    | Cryptographically signs the AI output you hand it (Ed25519 over canonical JSON) | Stream or persist your workflow execution logs |
    | Returns receipt id, signature, hash, public verify URL, full receipt | Replace n8n Enterprise Log Streaming, Audit Logs, RBAC or Workflow Monitoring |
    | Hashes raw inputs/outputs server-side, storing only the hash | Send raw prompts or business data to Signatrust unless you opt in |
    | Verifies and retrieves any previously sealed receipt | Embed analytics or telemetry beyond the three operations you trigger |
    | Works against Cloud or self-hosted via one credential | Require a separate package or credential per deployment |

    Install

    In your n8n instance go to Settings → Community Nodes → Install and enter:

    n8n-nodes-signatrust
    

    Or, in a self-hosted n8n:

    npm install n8n-nodes-signatrust
    

    Requires n8n >= 1.0 and Node.js >= 20.

    Set up the credential

    1. Sign up at — register an agent and copy the sklive API key it issues (shown once).
    2. In n8n, create a new Signatrust API credential.
    3. Pick the Connection Type:
    Signatrust Cloud (default) — Base URL is https://signatrust.net/api/v1/n8n, no further config needed.
    Self-Hosted Enterprise — Base URL field appears; set it to e.g. https://signatrust.your-company.com/api/v1/n8n.
    4. Paste the API key.
    5. Click Test — the node hits GET /ping against your endpoint; a green check means the credential resolved to a live, non-suspended agent.

    Operations

    Generate Decision Receipt

    | Field | Required | Notes |
    | — | — | — |
    | Agent Name | yes | Display name of the AI agent that made the decision |
    | Workflow Name | yes | Defaults to {{$workflow.name}} |
    | Action Taken | yes | Short description of what the agent did |
    | Decision Output | yes | The AI output. Only its SHA-256 hash is stored unless you opt in |
    | AI Model / Provider / Version | no | e.g. gpt-4o / openai / 2025-08-01 |
    | Input / Prompt | no | Raw prompt — only the hash is stored |
    | Decision Type | no | Semantic label (e.g. loan_decision) |
    | Risk Level | no | low · medium · high · critical |
    | Human Review Took Place | no | Boolean |
    | Policies / Permissions / Tags | no | Comma-separated lists |
    | Include Raw Decision in Metadata | no | Off by default — opt in to persist the raw text |
    | Receipt Mode | no | finaldecisiononly (default), everytoolcall, everyagentstep, custom |
    | Trace ID / Step fields | no | Optional timeline controls (traceid, stepindex, steptype, stepname, tool_name) |

    The node also automatically attaches workflowid, executionid and node_name from n8n’s execution context.

    Response (handed to the next n8n step verbatim):

    {
      "ok": true,
      "receipt_id": "STR-3525207773",
      "sequence": 324,
      "timestamp": "2026-06-26T15:20:26.592Z",
      "hash": "sha256:3a58bff6...",
      "signature": "fj9FpBMPgP...",
      "public_key": "MCowBQYDK2VwAyEA0Cv4w...",
      "algorithm": "ed25519",
      "verify_url": "https://signatrust.net/api/v1/n8n/receipts/STR-3525207773/verify",
      "share_url": "https://signatrust.net/verify?id=STR-3525207773",
      "fetch_url": "https://signatrust.net/api/v1/n8n/receipts/STR-3525207773",
      "trace": { "traceid": "exec123", "receiptmode": "everyagentstep", "stepcount": 4, "steps": [] },
      "receipt": { "id": "STR-3525207773", "type": "decision_receipt", "...": "..." }
    }
    

    Verify Decision Receipt

    Looks up a receipt by id and returns the four-pillar verdict used on the public verify portal:

    {
      "ok": true,
      "receipt_id": "STR-3525207773",
      "valid": true,
      "signed": true,
      "integrity": true,
      "chain": true,
      "checks": { "hashmatches": true, "signaturevalid": true, "chain_linked": true },
      "errors": [],
      "timestamp": "...",
      "sequence": 324,
      "share_url": "https://signatrust.net/verify?id=STR-3525207773"
    }
    

    Get Decision Receipt

    Fetches the full canonical receipt body for archival, downstream signing, or to render inside Slack / Notion / your CRM alongside the original decision.

    Example workflows

    A minimal example workflow ships in this package as example-workflow.json. Three full recipes are documented at :

  • Loan rejection → signed receipt → Slack
  • Claude approval → signed receipt → CRM
  • Inbound webhook → verify → IF branch → fulfilment
  • 24 ready-to-import workflows

    A full, free library of 24 production-style workflows built on this node lives in a companion repo — every workflow seals its AI decision with a signed receipt, covering finance, payments, support, HR, healthcare, governance and verification utilities:

    abokenan444/n8n-signatrust-workflows (browse the showcase)

    Each workflow can be imported straight into n8n via Import from URL using the raw links listed in that repo’s README.

    Release notes (0.3.5)

  • Removed dead requestDefaults config from the programmatic node (n8n review fix); request headers are handled per-request via json: true and the credential’s X-API-Key authenticate block.
  • Published from the dedicated GitHub repository via GitHub Actions with npm provenance.
  • Release notes (0.3.3)

  • Added Receipt Mode controls: finaldecisiononly, everytoolcall, everyagentstep, custom.
  • Added trace controls in Generate operation: traceid, stepindex, steptype, stepname, tool_name.
  • Node now forwards trace fields to the Signatrust n8n API so responses can include execution timeline metadata.
  • Error handling

  • 401 — missing or revoked API key
  • 402 — plan quota exceeded; response carries tier, used, limit, upgrade_url
  • 403 — agent suspended
  • 404 — receipt id not found (on Verify / Get)
  • Enable Continue On Fail on the node to route over-quota or invalid-receipt errors to a fallback branch.

    Links

  • Landing page:
  • REST docs:
  • Receipt specification (ADR v1.0):
  • Discovery document:
  • Public verify portal:
  • Source:
  • Workflow library (24 recipes):
  • Compatibility

  • n8n >= 1.0.0
  • Node.js >= 20

License

MIT © Signatrust