Quickstart.
Verify any Handshake receipt from the browser or Node, no infrastructure to stand up. Emit-side SDKs (Python, Go, Rust, JVM, .NET) are in private beta with design partners, see /partners for access.
Docs vs Spec. Docs explain how to use the SDKs to ship Handshake into your stack. The Spec is the protocol itself, the wire format, the algorithms, what every implementer must agree on. You read Docs once. You cite the Spec.
1. Install the verifier
The TypeScript verifier is Apache-2.0 and ships on npm. One package, conditional exports for browser (WASM) and Node (NAPI-RS).
install.shSHELL
# Browser + Node receipt verification (public, on npm)
npm install @handshake-ai/handshake2. Verify your first receipt
Receipts verify offline against the issuing service’s DID document. The Registry is consulted only for freshness/revocation checks; the cryptographic verification itself does not require a round-trip.
verify.tsTYPESCRIPT
import { verifyReceipt } from "@handshake-ai/handshake/browser"; const result = await verifyReceipt(envelope, { registryBaseUrl: "https://registry.handshake.ai", }); if (result.ok) { // Receipt is cryptographically verified. } else { console.error("verification failed:", result.reason); }
Where to next
- SDK reference, language-by-language status (what’s public, what’s in private beta).
- Examples, integrations for MCP, A2A, LangGraph, and OpenAI Agents SDK (available to design partners).
- FAQ, eight questions developers ask in their first hour.
- Spec, the protocol itself, normative.
- Apply to be a design partner, get access to the emit-side SDKs.