Jatobá

Introduction

Jatobá — document notarization with proof of existence anchored on multiple blockchains

Jatobá is a digital notarization platform. Every document gets a SHA-256 hash computed over its original bytes, which is then anchored simultaneously on two independent public networks:

  • An attestation via Ethereum Attestation Service (EAS) on Optimism
  • A record on a Clarity contract on Stacks, whose blocks settle on Bitcoin via Proof of Transfer

The file itself is stored encrypted (AES-256, server-side) on Cloudflare R2, optionally gzip-compressed at rest — the anchored hash always matches the original bytes. Each document receives a unique serial number (JAT-XXXXX, prefix configurable per tenant).

Base URL

The API is a Fastify server. All authenticated routes are prefixed with /api:

https://jatoba-web3-production.up.railway.app/api

In development the interactive Scalar reference is available at /docs on the API host.

Core concepts

ConceptDescription
DocumentA notarized record: file metadata, SHA-256, serial number, on-chain anchor status
Serial numberUnique human-readable ID (JAT-7K2M9), printed on certificates and QR codes
Dual anchoringFire-and-forget anchoring on Optimism (EAS) and Stacks after upload; each has its own status (pending / registered / failed)
TenantA personal workspace or a Clerk organization. Documents, serial prefixes, and acervo tokens are scoped per tenant
AcervoA tenant's public archive feed of published documents
LGPDBrazilian data-protection compliance: consent is required on every ingestion, deletion is self-service, and the hash survives deletion for integrity verification

Ways to notarize

  1. UploadPOST /api/documents/upload (multipart, up to 250 MB)
  2. IPFS importPOST /api/documents/import/ipfs (reference-only, the bytes stay on IPFS)
  3. Web capturePOST /api/captures/web (server-side headless browser captures a page into an evidence ZIP)

Verifying without an account

Anyone holding a file and a Jatobá certificate can verify it with no auth:

  • GET /api/public/verify?hash=<sha256> — compute the hash of your copy locally and check for a match
  • GET /api/public/documents/:serial — resolve the serial printed on the certificate

Authentication

Clerk session tokens, acervo tokens, and rate limits

On this page

Base URLCore conceptsWays to notarizeVerifying without an account