Skip to content
Developers

Build on hardware-rooted device trust

Root Herald moves the trust anchor below the attacker's reach — into the TPM, Secure Enclave, or StrongBox the device already has. You get one integration that returns a verifiable answer to "is this a real, distinct, healthy device?" — without CAPTCHAs, fingerprint scripts, or PII.

What you build

Core concepts (the whole model in 90 seconds)

  • Device — a physical machine identified by its hardware key (TPM Endorsement Key, Secure Enclave key, or Android attestation key). Enrolled once.
  • Attestation— the device's state (boot chain, PCRs, or platform attestation) is appraised against a policy. IETF RATS Background-Check is the default: a dumb client collects an opaque evidence blob (no keys, no Root Herald contact) and hands it to your server; your server calls Root Herald server→server with its rh_sk_ secret key and a named policy, and gets the verdict back directly. The Passport model (the client mints a portable token your server verifies offline) remains as the backend-less badge fallback — for a SPA with no server to hold a secret key.
  • TPM class — the root of trust: hardware, firmware-tpm, cloud-vtpm, mobile-hardware, emulated. You decide which classes you accept; full table in the taxonomy reference.
  • Acceptance policy — a named ruleset that decides which classes and assurance levels pass. The default (rootherald:builtin:strict-hardware) rejects every virtual / emulated TPM.
  • Verdict— what your server gets back. Under Background-Check it's returned directly by rh.verify() (server→server) — no token to verify. The optional token you can request with returnToken: true (and the badge-tier token) is itself verifiable offline with verifyAttestationToken(). Either way it's a typed AttestationVerdict carrying acr, a stable device.ueid, device.verdict (pass/warn/fail), device.earStatus, device.attestationType, and an EAR trustworthiness vector.
the verdict you get back (AttestationVerdict)json
{
  "acr": "urn:rootherald:device:high",
  "device": {
    "ueid": "2f9c8a14…",                 // stable per-tenant device id (no PII)
    "verdict": "pass",                   // pass | warn | fail
    "earStatus": "affirming",            // affirming | warning | contraindicated
    "attestationType": "tpm20",
    "secureBootVerified": true,
    "trustworthinessVector": { "hardware": 2, "configuration": 2 }
  }
}

Get started

SDKs

Transport modes & wire protocol

Reference

Guides by use case