Attestto is open-source sovereign identity infrastructure built on W3C and IETF standards. It lets you verify documents, issue verifiable credentials, and bridge national PKI systems — all without vendor lock-in. Apache 2.0 licensed.

How does Attestto verify documents?

Drop a PDF on verify.attestto.com and it verifies the digital signature entirely in your browser. No file upload, no backend. The verifier checks the certificate chain against national PKI trust anchors and validates document integrity cryptographically.

What are did:pki and did:sns?

did:pki bridges national PKI certificates into the DID ecosystem — if a government CA exists, it already has a DID. did:sns provides human-readable identifiers via the Solana Name Service. Both are on the W3C standards track with live resolvers at resolver.attestto.com.

Is Attestto free to use?

Identity, signature, anchoring, recovery, and verification are free for citizens, forever. Professional credential issuance and the module marketplace have fee structures that fund the free infrastructure.

Verify any document. Issue any credential. Bridge any PKI.

Identity infrastructure built on W3C and IETF standards. Technologically neutral — works with any stack, any vendor, any government. Open source reference implementations anyone can deploy.

Verify a document Explore the standards

What we build

Identity infrastructure for the real world

Each use case below is either live or in active development, using open standards for identity resolution and credential verification.

Document verification

Drop a digitally signed PDF. The signature, certificate chain, and issuing authority are verified cryptographically — no account required, no data uploaded.

Live verify.attestto.com

Cross-border PKI bridge

Costa Rica's Firma Digital PKI hierarchy mapped to did:pki DIDs. Every CA resolvable as a DID Document. A document signed in CR can be verified anywhere — one resolver endpoint, any country.

Live did:pki spec

Professional credentials

Proposed framework for Verifiable Credentials for licensed professionals — doctors, lawyers, engineers. Mastery-based continuous competency model with issuance by professional bodies.

Proposed Architecture

Digital driving credentials

Proposed mobile driving license architecture following ISO 18013-5, with proctored exams, decay scoring, and renewal gates — anchored to the holder's DID.

Proposed Costa Rica

Tools

Use it today

Four surfaces, progressive adoption. Start with zero friction in the browser, go deeper as you need.

Live

Verify

Drag and drop a signed PDF. Verify the signature, certificate chain, and issuing CA — in your browser, nothing uploaded.

verify.attestto.com →

Live

App

Sovereign identity wallet. Store credentials, take proctored exams, present proofs. Progressive Web App — works on any device.

app.attestto.com →

Pre-release

Station

Desktop vault, signer, verifier, and mesh node. Full offline capability. Electron on macOS, Windows, and Linux.

Learn more →

Coming soon

Extension

Browser extension for web-native verification. Validates digital signatures on any page you visit.

Downloads →

Standards

W3C standards-track DID methods

Two DID methods, both on the W3C standards track, both with live resolvers. They bridge existing trust infrastructure into the DID ecosystem without replacing anything.

did:pki

Read-only DIDs derived from X.509 CA certificates. If a government CA exists, it already has a DID.

Spec W3C PR #697

did:sns

Alias-anchored DIDs via Solana Name Service. Human-readable, verifiable identifiers.

Spec W3C PR #674

resolver

Unified HTTP endpoint resolving both methods. DIF Universal Resolver compatible.

Try it live DIF PR #542

All standards & use cases →

Reference Implementations

Standards-based. Open source. Deployable.

We publish reference implementations for every standard we propose. Traditional vendors can adopt the standards without using our code. Or fork it. Apache 2.0.