Request access
RankShield Network · Financial · RS-206

A receipt you can check,not a score you must trust.Verifiable payment attestation is RankShield Financial's signed receipt for a payment. It records the exact intent, the released, held, or denied verdict, and the signer — sealed to a tamper-evident record before settlement — so you can recompute the digest and confirm it yourself.

ml-dsa-65 signedrecompute the digesttamper-evident record
Attestation verifier · run it yourself
canonical: rs-fin-intent-v1|rail=RTP|payer=acct-04f2|payee=acct-1180|amount=4850000|purpose=invoice-2261|nonce=e2e-7c19a3
01 // Attestation
Definition

What is a verifiable payment attestation?

A verifiable payment attestation is a signed receipt that proves a specific payment intent was authorized before it settled. RankShield Financial reduces each intent — payer, payee, amount, purpose — to a canonical record, signs it with post-quantum ML-DSA-65, resolves a released, held, or denied verdict, and seals the whole decision to a tamper-evident record on the RankShield Network. The receipt is not a summary of what happened; it is the cryptographic artifact itself. Anyone who holds it can rebuild the canonical string, hash it, and confirm the signature against the enrolled signer identity. Nothing about the proof depends on trusting RankShield: the math either checks or it does not. That is the whole point of an attestation — to turn a payment decision into evidence that stands on its own, independent of the party that produced it. Consider what usually passes for a payment record: a line in a log, a status field, a screenshot, each of which is only as trustworthy as the system that wrote it and each of which can be edited without leaving a trace. An attestation replaces that trust with math. Because the canonical record is deterministic and the signature is bound to a published signer, a receipt cannot be quietly altered to describe a different amount or a different payee without the signature failing to verify. And because the decision is sealed before settlement, the receipt also fixes a moment in time — it says this intent was authorized, in this state, at this point, on the record. That combination of determinism, signature, and timing is what makes it evidence rather than assertion.

See how the whole pipeline runs
Canonical
The intent is reduced to one deterministic record — the same fields always produce the same digest.
Signed
Composite ML-DSA-65 (FIPS 204), hybrid with a classical signature, crypto-agile.
Sealed
The verdict is anchored to a tamper-evident record on the RankShield Network before settlement.
02 // Evidence
Score vs proof

How is an attestation different from a black-box fraud score?

An attestation differs from a fraud score in one decisive way: you can reproduce it. A fraud score is a probability a model emits — a number you cannot recompute, audit, or independently confirm, and one that changes if the model changes. A verifiable attestation is a signed statement about a specific, canonicalized intent that anyone can rebuild and check. The score answers how risky a payment looks; the attestation answers whether this exact payment was authorized and provides the cryptographic proof. Scoring still has a place — it can inform whether an intent should be held — but the durable artifact is the attestation, because it survives the model, the vendor, and the audit horizon. When a dispute or an examiner arrives a year later, a score of 0.87 explains nothing and can no longer be regenerated from a retired model; a signed attestation can still be verified byte for byte. The two are not rivals so much as different layers: risk analytics decide, and the attestation records the decision in a form that cannot be walked back. Feedzai and others do claim pre-settlement timing, so speed alone is not the differentiator. We are not aware of another platform that combines a verifiable, cryptographic, identity-bound, and quantum-safe receipt in one artifact — and that combination, not raw latency, is what makes a RankShield attestation stand apart from a scoring output you are asked to trust.

PropertyBlack-box fraud scoreVerifiable attestation
OutputA probability you cannot reproduceA signed statement you can recompute
SubjectA risk impression of the paymentA specific canonical intent
IndependenceTrust the model and vendorCheck the digest and signature yourself
DurabilityChanges when the model changesStands after the model is retired
TimingOften after money movesSealed before settlement
Audit valueA log you have to trustEvidence you can verify
03 // Produced
Pipeline

How is a payment attestation produced?

An attestation is produced in a fixed pipeline that runs before settlement. First the payment intent is reduced to a canonical record — a deterministic string over payer, payee, amount in minor units, purpose, rail, and nonce — so the same intent always hashes to the same digest. That record is signed with composite ML-DSA-65. Identity, signature, liveness, and any agent authority are then verified against the granted mandate, and a verdict resolves: released, held, or denied. Finally the signed decision is sealed to a tamper-evident record on the RankShield Network. The diagram below reads left to right — sign, verify, seal, anchor — with coral action resolving to teal verification. Because each step operates on the same canonical record, the receipt that comes out the far side describes precisely the intent that went in, with no room for a silent substitution along the way. Two design choices make this trustworthy. Amounts are canonicalized in minor units so there is no ambiguity between, say, dollars and cents that an attacker could exploit at the margin. And the signing keys never sit exposed: they live in a hardware security module, and releasing a payment requires an M-of-N quorum rather than a single key, so no lone compromised signer can mint a false release. The pipeline is deliberately boring and repeatable — the same inputs always yield the same digest and the same verifiable outcome — because predictability is exactly what lets an outside party reproduce and trust the result.

01

Sign

The payment intent is reduced to a canonical record and signed with post-quantum ML-DSA-65.

02

Verify

Signature, identity, liveness and agent authority are checked against the granted mandate.

03

Seal

A release or hold decision is produced with a signed, independently verifiable attestation.

04

Anchor

The decision is sealed to a tamper-evident record on the RankShield Network — before settlement.

04 // Recompute
Check it yourself

Why is an attestation independently verifiable?

An attestation is independently verifiable because everything you need to check it travels with the receipt. The canonical intent fields are in the clear (as de-identified commitments), the canonicalization order is documented, and the signer identity is enrolled and public. So a verifier rebuilds the canonical string, hashes it, and compares the digest; then verifies the ML-DSA-65 signature. If both match, the receipt is authentic and describes exactly that intent — no call to RankShield required. The Verifier here does this live in your browser with WebCrypto: change any field and the digest changes and the match fails, which is the honest demonstration that the proof is real and not theatre. This is why a RankShield receipt is evidence rather than assertion — its truth does not depend on the party that issued it. Independence has a practical payoff. An auditor, a counterparty, a regulator, or a court can each verify the same receipt without a login to our systems and without taking our word for anything, because the check is pure cryptography over data they already hold. It also means the proof keeps working if RankShield is unavailable, or years from now when the original request is long gone: the receipt plus the published signer key is sufficient. Verification that requires calling the issuer is not really verification — it is a second act of trust. A recomputable attestation removes that dependency entirely, which is the difference between a claim and a proof.

Attestation verifier · run it yourself
canonical: rs-fin-intent-v1|rail=RTP|payer=acct-04f2|payee=acct-1180|amount=4850000|purpose=invoice-2261|nonce=e2e-7c19a3
05 // Reconcile
Close the loop

How does settlement-oracle reconciliation catch divergence?

Settlement-oracle reconciliation catches the gap between what was authorized and what actually settled. After a payment moves, an enrolled settlement oracle returns a signed receipt of the real outcome, and RankShield compares it to the attestation. The comparison resolves to one of three states. Settled_as_attested means the settled payment matches the authorized intent exactly. Divergence means something changed — an amount edited, a payee swapped — between authorization and settlement. Unauthorized_settlement means a payment settled with no matching attestation at all, the signature of a bypass. Because both the attestation and the oracle receipt are signed, a mismatch is provable rather than merely suspected, and it can be escalated with evidence in hand. This is how the receipt keeps its meaning past the moment of authorization and into the settled record. Pre-settlement verification answers whether an intent should proceed; reconciliation answers whether what actually happened matched what was approved — and the two together close a loop that most controls leave open. A pre-settlement gate alone cannot see a payment that was authorized correctly but then tampered with downstream, or one that skirted the gate entirely. Reconciliation is the second, independent witness that catches exactly those cases. It turns silent divergence into a signed, dated discrepancy you can act on, and it makes a bypass — the attacker's favorite move — leave a mark instead of vanishing into a reconciliation spreadsheet nobody reads in time.

settled_as_attested
The settled payment matches the authorized intent exactly — the loop closes cleanly.
divergence
Amount or payee changed between authorization and settlement — flagged with signed evidence.
unauthorized_settlement
A payment settled with no matching attestation — a bypass, caught by reconciliation.
06 // Boundaries
Honest boundaries

What does a verifiable attestation not do?

A verifiable attestation does not move, hold, or custody funds, and it does not make you compliant by itself. RankShield Financial is a verification and attestation layer — never a wallet, custodian, or payment processor — so an attestation proves an intent was authorized and records the decision while your rails still settle the money. On compliance, the honest framing is that the receipt produces independently verifiable evidence that supports your obligations, not a certificate that discharges them. And it is deliberately narrow: a signed statement about a specific intent, not a promise about your whole program or an assurance that nothing can go wrong. That narrowness is its strength. A claim you can recompute and check is worth more than a broad guarantee you have to take on faith. It is worth being equally clear about what an attestation is not: it is not a fraud model that promises to catch every scam, not a control that can inspect a live phone call, and not a substitute for the judgement of a reviewer or a quorum. It certifies that a specific intent was authorized under a specific policy, and it certifies it in a way anyone can verify. Overclaiming would undercut the one thing the receipt does well. We would rather say precisely what it proves — and let the fact that you can check it for yourself do the persuading.

The quiet substitution

A settled amount does not match the authorized intent

A payment is authorized for one amount, but the value that settles on the rail is higher — an edit slipped in after the intent was signed and before the money moved.

RankShield: the settlement oracle's signed receipt is reconciled against the attestation; the mismatch resolves to divergence and is surfaced with signed evidence, rather than disappearing into a log nobody reads.
No custody
RankShield never takes custody of funds — it proves the decision; your rails settle the payment.
07 // Anatomy
What is in a receipt

Four parts of every attestation.

A RankShield attestation is not a free-form log line. It is a structured, signed artifact whose parts each carry a specific, checkable meaning.

Canonical intent

deterministic record

The payment reduced to one canonical string over payer, payee, amount, purpose, rail, and nonce. The same intent always yields the same digest, so the receipt cannot silently describe a different payment.

Verdict

released · held · denied

The pre-settlement decision and its reasons, bound into the signed record. Held and denied intents carry why they stopped, so the receipt explains the outcome rather than just stating it.

Signature

composite ml-dsa-65

A post-quantum signature over the canonical record, hybrid with a classical scheme and crypto-agile. It ties the decision to an enrolled signer identity anyone can verify.

Anchor

tamper-evident record

The seal to a tamper-evident record on the RankShield Network, placed before settlement, so the receipt's existence and integrity can be confirmed after the fact.

FAQ

Verifiable payment attestation — questions, answered.

What is a verifiable payment attestation?
A verifiable payment attestation is a signed receipt that records exactly which payment intent was authorized, what decision was reached, and when — released, held, or denied — before the payment settled. RankShield Financial reduces the intent to a canonical record, signs it with post-quantum ML-DSA-65, and seals the decision to a tamper-evident record on the RankShield Network. Anyone holding the receipt can recompute the digest and confirm the signature, so the proof stands on cryptography rather than on trusting our word.
How is an attestation different from a fraud score?
A fraud score is a black-box probability — a number a model emits that you cannot independently reproduce or audit. A verifiable attestation is the opposite: a signed statement about a specific, canonicalized intent that you can recompute and check yourself. The score answers "how risky does this look," the attestation answers "was this exact payment authorized, and here is the cryptographic proof." One is an opinion; the other is evidence. RankShield produces the evidence, and it survives the model that generated the underlying risk view.
How do I verify an attestation myself?
Take the canonical intent fields from the receipt — payer, payee, amount, purpose, rail, nonce — rebuild the canonical string in the documented order, and hash it. If your digest matches the one in the attestation, the receipt describes the payment you think it does. Then verify the ML-DSA-65 signature against the enrolled signer identity. The Verifier instrument on this page does exactly this in your own browser using WebCrypto, so you can see a matching and a mismatching digest for yourself.
What are the possible verdicts in an attestation?
Every intent resolves to one of three verdicts before settlement: released, held, or denied. Released means the intent passed identity, signature, and authority checks and may proceed. Held means something was out of bounds — an over-limit amount, an un-permitted counterparty, a stale liveness signal — so the payment is stopped and routed to a human or a stricter quorum. Denied means the intent failed outright. The verdict and its reasons are part of the signed attestation, not a separate log you have to trust.
What does settlement-oracle reconciliation add?
Reconciliation closes the loop after money moves. An enrolled settlement oracle returns a signed receipt of what actually settled, and RankShield compares it to the attestation. The result is settled_as_attested, divergence, or unauthorized_settlement. Divergence catches an amount or payee that changed between authorization and settlement; unauthorized_settlement catches a payment that settled with no matching attestation at all — a bypass. Both produce signed evidence, so a mismatch is provable rather than merely suspected.
What does a verifiable attestation not do?
It does not move, hold, or custody funds. RankShield Financial is a verification and attestation layer, never a wallet, custodian, or processor. An attestation proves an intent was authorized and records the decision; your rails still settle the payment. It also does not make you compliant on its own — it produces independently verifiable evidence that supports your compliance and audit obligations. The proof is strong precisely because it is narrow: a signed statement about a specific intent, not a promise about your whole program.
Is the attestation signing quantum-safe?
Yes, by construction. Attestations are signed with composite ML-DSA-65 from NIST FIPS 204, hybrid with a classical signature, in a crypto-agile design that can rotate to ML-DSA-87 or SLH-DSA. That protects a receipt against harvest-now-decrypt-later collection today and against a future quantum computer. We say quantum-safe by construction, not quantum-proof — a cryptographically-relevant quantum computer does not exist yet, and no one can honestly promise an unbreakable receipt.
Does the receipt expose account numbers or PII?
No. Account references in the canonical intent are HMAC-keyed and de-identified under a secret pepper, then stored as nonce-bound commitments, so the same account looks different on every transaction and is unlinkable to an outside observer. The tamper-evident record holds commitments, not account numbers, so a verifier can confirm integrity without ever seeing PII. These are salted commitments, a zero-knowledge primitive, rather than full zk-SNARK proofs — an honest description of what the receipt reveals and conceals.
Verify, then settle

Turn every payment decision into evidence you can verify.

RankShield Financial is rolling out verifiable pre-settlement attestation with design partners. Request access and we'll walk you through recomputing a receipt end to end.

Request accessPre-settlement verification