Are you an LLM? Read llms.txt for a summary of the docs, or llms-full.txt for the full context.
Skip to content

verifyBindings

Verifies the manifest's bindings (e.g., App Attest attestation). Checks the cryptographic integrity of the hardware-backed assertion.

Usage

import { VerifiableFile } from "@succinctlabs/zcam1-verify";
 
const verifiable = new VerifiableFile(file);
 
// For development/testing
const result = await verifiable.verifyBindings(false);
 
// For production
const result = await verifiable.verifyBindings(true);

Parameters

production (required)

  • Type: boolean

Whether to verify against production App Attest environment. Use false for development/testing, true for production.

Returns

ResultAsync<boolean, Error> - true if bindings are valid, or an error.

Example

import { VerifiableFile } from "@succinctlabs/zcam1-verify";
 
const input = document.querySelector<HTMLInputElement>("#file-input")!;
 
input.addEventListener("change", async () => {
  const file = input.files?.[0];
  if (!file) return;
 
  const verifiable = new VerifiableFile(file);
  const result = await verifiable.verifyBindings(false); // Use false for dev
 
  if (result.isOk() && result.value) {
    console.log("Hardware bindings verified!");
  } else {
    console.log("Bindings verification failed");
  }
});

Notes

  • Verifies the App Attest attestation embedded in the C2PA manifest
  • The production parameter must match the environment where the file was captured
  • Files captured with ZCamera include hardware-backed bindings automatically
  • Bindings verify the authenticity of the device and key material used during capture