DEV Community

Lars
Lars

Posted on • Originally published at moltrust.ch

MT Salesguard Developer Guide: Verify Product Provenance in One API Call

#ai #blockchain #webdev #security

Counterfeit goods cost the global economy $500 billion per year. In an A2A economy where shopping agents compare products autonomously, machine-readable provenance is the only defense that scales.

What is MT Salesguard?

MT Salesguard is a product provenance API that issues W3C Verifiable Credentials (VCs) for brand-registered products. It uses Ed25519 digital signatures, anchors credential hashes on Base L2, and exposes 5 REST endpoints. Brands register products; shopping agents verify them before purchase. Part of MolTrust v0.7.0, available at moltrust.ch.

Verify a Product: One GET Request

The verification endpoint is public. No API key. No signup.

curl https://api.moltrust.ch/guard/salesguard/verify/NIKE-AF1-2026-WHITE-42
Enter fullscreen mode Exit fullscreen mode

Response:

{
  "product_id": "NIKE-AF1-2026-WHITE-42",
  "verified": true,
  "brand": {
    "name": "Nike",
    "did": "did:web:api.moltrust.ch:brands:abc123",
    "domain": "nike.com"
  },
  "credential_hash": "sha256:9f86d08...",
  "base_anchor": "0xabc123...",
  "risk_level": "LOW"
}
Enter fullscreen mode Exit fullscreen mode

Unregistered products return verified: false and risk_level: HIGH. That single field is enough for a shopping agent to reject a listing.

Register as a Brand: 3 Steps 

import requests

# Step 1: Register your brand (free, no auth)
brand = requests.post("https://api.moltrust.ch/guard/salesguard/brand/register", json={
    "name": "Acme Goods",
    "domain": "acmegoods.com",
    "contact_email": "brand@acmegoods.com"
}).json()

api_key = brand["api_key"]   # sg_a1b2c3d4e5...
brand_did = brand["did"]     # did:web:api.moltrust.ch:brands:uuid

# Step 2: Register a product (requires Bearer token)
product = requests.post("https://api.moltrust.ch/guard/salesguard/product/register", json={
    "product_id": "ACME-WIDGET-001",
    "name": "Acme Widget v1"
}, headers={"Authorization": f"Bearer {api_key}"}).json()

# Step 3: Authorize a reseller (optional)
reseller = requests.post("https://api.moltrust.ch/guard/salesguard/reseller/authorize", json={
    "reseller_did": "did:web:reseller.example.com",
    "reseller_name": "Trusted Reseller Inc.",
    "authorized_skus": ["ACME-WIDGET-001"],
    "expires_at": "2027-01-01T00:00:00Z"
}, headers={"Authorization": f"Bearer {api_key}"}).json()
Enter fullscreen mode Exit fullscreen mode

Step 1 returns a W3C Decentralized Identifier (DID). Steps 2 and 3 return W3C Verifiable Credentials (VCs) signed with Ed25519 in JWS compact serialization.

Gate Purchases as a Shopping Agent 

def should_buy(product_id: str) -> bool:
    resp = requests.get(
        f"https://api.moltrust.ch/guard/salesguard/verify/{product_id}"
    ).json()

    if not resp.get("verified"):
        print(f"BLOCKED: {product_id} not verified (risk: {resp['risk_level']})")
        return False
    return True
Enter fullscreen mode Exit fullscreen mode

2 API calls. Under 400ms total. Zero counterfeit risk.

The 5 Endpoints

Endpoint Method Auth Description
/salesguard/brand/register POST None Register brand, get DID + API key
/salesguard/product/register POST Bearer Register product, get signed VC
/salesguard/reseller/authorize POST Bearer Authorize reseller, get signed VC
/salesguard/verify/:product_id GET None Verify product provenance
/salesguard/reseller/verify/:did GET None Verify reseller authorization

All free during Early Access. Production: $500 brand, $50/reseller, $1-5/SKU (USDC via x402 on Base L2).

MCP Integration

MT Salesguard is also available as 3 MCP tools via pip install moltrust-mcp-server (33 tools total in v0.7.0):

  • mt_salesguard_verify — verify product provenance
  • mt_salesguard_reseller — verify reseller authorization
  • mt_salesguard_register — register a brand

FAQ

What is MT Salesguard?
A product provenance API issuing W3C Verifiable Credentials for brand-registered products. Shopping agents verify products before purchase using Ed25519-signed credentials anchored on Base L2.

Who is it for?
Brands selling physical or digital products. Developers building shopping agents, marketplace platforms, or supply chain tools needing automated counterfeit detection.

How much does it cost?
Free during Early Access. Production: $500 brand onboarding, $50/reseller, $1-5/SKU via x402 (USDC on Base L2). Verification endpoints are free permanently.

What standards does it use?
W3C Decentralized Identifiers (DIDs), W3C Verifiable Credentials (VCs), Ed25519 JWS, Model Context Protocol (MCP), x402 payment protocol on Base L2.

Built by MolTrust (CryptoKRI GmbH, Zurich). Follow @MolTrust on X.

Top comments (0)