Every system that delegates API access faces the same challenge. A customer service representative needs to process Stripe refunds. An AI agent needs to query an order database. A smart contract needs to pull portfolio valuations from a proprietary financial API. A regulated financial system needs to verify holdings with a custodian. Each operation demands proof of correctness—verification of which endpoint was called, what data was returned, and that execution matched intent. Furthermore, the designated agent may not be trusted to store credentials and/or correctly report API calls. In short, third-party applications require verifiable data and delegated credential management.
Traditional API calls provide opaque results. Partners, auditors, and downstream systems must trust logs, infrastructure and reputation-based claims of data accuracy. On the other hand, API calls made by third-parties involve sharing credentials, coordinating integrations and risk extraneous and unauthorized API access. The first path sacrifices verifiability while the latter sacrifices credibility, security, and simplicity. Neither method offers reproducible results due to API non-determinism. For example, a counter API will return a different response on each call. Crucially, regardless of how calls are handled, non-determinism impairs auditability.
Consider a tokenized, on-chain fund. Its smart contract needs to receive continuous portfolio valuations from the custodian’s API to calculate share prices and process redemptions. Even when the operator fetches the valuation and pushes it onto a blockchain, investors and regulators must trust that a black box infrastructure called the custodian, received a response, and accurately reported it. Alternatively, granting a third-party service access to custodian credentials, introduces integration complexity, exposes sensitive API access, and implicitly assumes trustworthy infrastructure. Neither option provides cryptographic proof that the valuation came from the custodian’s authenticated endpoint at a specific time.
Real World Asset (RWA) applications frequently integrate traditional finance and blockchain data sources. These applications require verifiable third-party calls to private APIs without exposing underlying credentials.
Each scenario involves the same core requirement: cryptographic proof of operational correctness along with privacy for credentials and sensitive data.
Truebit API Tasks delegate API operations within predesignated bounds without exposing credentials. Secrets live encrypted inside a Trusted Execution Environment (TEE), also known as secure enclave, wherein manifest (OpenAPI specifications) constraints limit each credential to its intended use—a Stripe key can only call the refund endpoint, and a custodian API key can only read balances. Guardrails run as restricted code inside the TEE, and unlike external policies, are provably enforceable. Each API execution produces attestation data proving what was called and returned. Coming soon: sensitive portions of attestations can be cryptographically redacted programmatically, for example “greater than $50” replaces “$1,000,000”.
What is an API Task?
An API Task is a declarative definition that wraps an HTTP request with credential isolation and execution attestation. The task manifest follows the OpenAPI standard, specifying the target endpoint, HTTP method, headers, and body template—with placeholders for parameters the caller provides at runtime. Credentials are referenced by key name and resolved at execution time from encrypted storage; they never appear in the manifest itself. Each credential includes a manifest constraint that limits its use to specific endpoints and methods: a Stripe key configured forPOST /v1/refunds cannot be used to call /v1/charges, enforced at the TEE level before the request is even constructed.
Creating an API Task involves defining the manifest and uploading credentials via the Truebit CLI—credentials are encrypted client-side before transmission and remain encrypted at rest. Once deployed to a namespace, the task becomes callable at:
https://run.truebit.network/task/api/{namespace}/{task-name}
Callers authenticate with a task authorization token that grants execution rights, not credential access. You can issue tokens to partners, agents, or systems, each scoped to specific tasks and revocable independently.
Execution occurs inside a TEE. The TEE provides point-in-time security: it decrypts credentials, validates parameters, enforces manifest constraints, executes the HTTP request, and returns the response—then retains nothing. It’s a stateless machine that performs actions on behalf of a requestor without persisting any sensitive execution data. Durability comes from the Transcript: a human-readable, cryptographic record that captures what endpoint was called and when, what response was received, and attestation data including enclave measurements and TLS session information. For compliance-sensitive industries, this changes the game. Auditors and third-parties can make private or review auditable API calls without accessing production credentials or sensitive customer data. Auditors need only observe cryptographic Transcripts in order to definitively conclude that systems operated according to specification.
In short: anAPI Task delivers two guarantees that are usually hard to achieve together.
- Credential isolation—partners, internal systems, AI agents, or smart contracts can trigger operations without gaining visibility into the underlying credentials or how they’re stored.
- Verifiable execution—every call produces a Transcript with cryptographic attestation proving exactly what API endpoint was called and when, the data that was returned, and that the operation executed precisely as defined. This allows you to delegate API access without sharing secrets and prove exactly what happened without relying on self-reported logs.
The TEE guarantees secure execution; the Transcript proves it happened.
Creating an API Task
Creating an API task involves two main steps:
- Create an OpenAPI manifest:
- This manifest describes the accessible endpoints, data formats, validation rules, and any caller restrictions.
- If the API requires authentication, you also need to securely upload locally encrypted credentials to the Truebit Verify API endpoint.
- The manifest schema is used by Truebit Verify to validate all calls before executing network requests. Tools like Swagger Editor can help build or modify an existing schema provided by the API publisher.
- Deploy the task:
- Before deploying, use the Truebit CLI command
start-apito directly call the API server from your Terminal and verify that the task functions correctly with the target API. - Once the manifest is ready, instantiate the task within Truebit Verify using the Truebit CLI command
create-apiwith your manifest as the input. - If the API requires authentication, you must securely deploy the credentials using the
api-authcommand. These credentials are then stored encrypted at rest on Truebit Verify.
- Before deploying, use the Truebit CLI command
- Use the task:
- Call the task using the Task Execution Endpoint.
- You may optionally define specific permissions regarding who is allowed to execute the task.
- Upon execution, the system returns an API call result and generates a verifiable Transcript.
Understanding the Transcript
Truebit’s core innovation lies in its ability to bridge the gap between the inherently non-deterministic “outside” world and the rigorous, deterministic environment required by blockchain technology and high-assurance industries. By design, blockchains demand absolute certainty and verifiable execution; however, interfacing with external APIs, legacy systems, or complex off-chain computations introduces potential points of failure and non-determinism. Truebit resolves this fundamental tension by establishing a durable, cryptographically-secure attestation of correctness for operations that occur off-chain.
The mechanism by which Truebit achieves this level of assurance is through the generation of a Transcript. This Transcript is not merely a log; it is a meticulous, cryptographic record of everything that occurred during the execution of an off-chain API call or compute task. This comprehensive, step-by-step documentation transforms a non-deterministic interaction into a sequence of verifiable steps.
Crucially, this system dramatically changes the paradigm of reproducibility and verification. Instead of relying on the cumbersome, resource-intensive, and potentially inconsistent method of re-executing the entire task—which would require calling the external source again and risking a different result—Truebit achieves reproducibility by verifying the Transcript itself. Specialized verification algorithms mathematically prove the integrity and correctness of the deterministic operation based on the submitted Transcript. If the Transcript holds up to this mathematical proof, it confirms, beyond a shadow of a doubt and with rigorous certainty, that the original execution was performed exactly as intended and without error, all while eliminating the need to ever trust or call the external, non-deterministic source again for validation.
Detailed information about this process is available in Truebit’s Documentation portal: How to create API tasks. If you would like to try it, we have developed a demo site where it is possible to call an API Task and inspect its certificates here: https://demo.truebit.network/.
