Anchor build artifacts to Bitcoin. One line in your workflow.
artifact → artifact.proof
- uses: AnchoringTrust/anchor-action@v1
with:
file: build/output.tar.gz
env:
UMARISE_API_KEY: ${{ secrets.UMARISE_API_KEY }}That's it. Every build gets a .proof file — uploaded as a GitHub Actions artifact.
- Hashes your file locally (SHA-256, bytes never leave your runner)
- Anchors the hash to Bitcoin via Umarise Core API
- Downloads the
.proofbundle (certificate + OTS proof) - Uploads
<file>.proofas a build artifact
The proof is independently verifiable. No Umarise account needed to verify.
Your GitHub release will look like:
v1.2.0
release.tar.gz
release.tar.gz.proof
Anyone can verify: what is this .proof file? → that's your marketing.
name: Build & Anchor
on:
push:
branches: [main]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Build
run: tar czf build.tar.gz dist/
- name: Anchor to Bitcoin
uses: AnchoringTrust/anchor-action@v1
with:
file: build.tar.gz
env:
UMARISE_API_KEY: ${{ secrets.UMARISE_API_KEY }}| Input | Required | Default | Description |
|---|---|---|---|
file |
✅ | — | Path to the file to anchor |
upload-artifact |
— | true |
Upload .proof as build artifact |
| Output | Description |
|---|---|
origin-id |
The origin ID from Umarise |
hash |
SHA-256 hash of the file |
proof-path |
Local path to the .proof file |
- Get an API key at umarise.com/developers
- Add
UMARISE_API_KEYto your repo secrets (Settings → Secrets → Actions) - Add the step to your workflow
- Push. Done.
unzip build.tar.gz.proof
sha256sum build.tar.gz # compare with certificate.json
ots verify proof.ots # verify against Bitcoin blockchainOr use verify-anchoring.org — independent, client-side, no upload.
- Get API key
- CLI —
npx @umarise/cli anchor <file> - Node.js SDK
- Python SDK
- Anchoring Specification
Unlicense (Public Domain)