Reclaim ProtocolReclaim ProtocolTrust Center

Tamper-Proof Verifications

Our guarantee

A Reclaim Protocol verification, once generated, cannot be altered by anyone (including us) without the receiving application detecting it.

The threat model

We assume anyone in the pipeline could be adversarial. Our own servers. Our cloud provider. One of our own engineers. A man-in-the-middle. An end user trying to forge a fact about themselves. The integrity guarantee has to hold against all of them.

How it’s enforced

Three independent layers, each one sufficient against a different attacker:
  1. Cryptographic binding (zk proofs). Every verification is cryptographically bound to its underlying data. Change any byte, and the proof falls apart. This is what stops malicious users and man-in-the-middle attackers.
  2. Open-source verification code. All of the code that generates a verification (SDKs, proof generators, attestor services) is public on GitHub. There is no proprietary path that could be quietly weakened.
  3. TEE attestation (for server-side verifications). When the verification runs on our infrastructure (the Node SDK path), the running code is provable, end-to-end, against the open-source code on GitHub via hardware-signed attestations. Neither we nor our cloud provider can substitute a malicious implementation. How →

Plus continuous AI-based security scanning of the open-source code itself. It's a tripwire to catch any regression that might weaken layer 1.

How you verify

Every verification repo is open. Clone it and audit it yourself. We publish recipes for running independent AI-based security audits with Anthropic Code Security and Trail of Bits. The full report from our own continuous scan is available under NDA, see below.

What you still trust

The mathematical soundness of Reclaim Protocol's cryptography (peer-reviewed at IACR ePrint 2024/733), the TEE attestation chain (AMD SEV on Google Cloud Confidential VMs, covered separately on the TEE page), and the open-source toolchain the SDKs are built with.

What follows on this page

The architectural guarantees above are sufficient against malicious users and man-in-the-middle attackers — the cryptography simply doesn't allow tampering. What you see below is the live status of the tripwirelayer: a continuous AI scan over the open-source verification code itself. Its job is to catch any bug or regression that could ever weaken layer 1 before it ships. A red row below doesn't mean a verification was tampered with — it means we found code that needs to be fixed before the next release.

Last checked: 4d ago
reclaim-js-sdkreclaim-logs-backendreclaim-inapp-sdkpopcornreclaim-portalattestor-corereclaim-sdk-backendreclaim-tee
JunJulAug
Monitoring started · May 8Aug 5

Today · Jun 24· 42 days ahead are placeholders for future runs

© 2026 Reclaim Protocol · trust.reclaimprotocol.org

DocumentationContact

Checks run every Friday at 10:00 IST · 9 weekly runs on record.

Looks OK

Last checked: 6/19/2026

Security scan of 8 repositories identified 16 critical issues requiring immediate attention, primarily in cryptographic validation and secret management. 50 warnings and 19 minor issues also flagged. Triage and remediation are in progress.

Last checked: 4d ago

Repositories scanned (8)

  • attestor-core
  • popcorn
  • reclaim-inapp-sdk
  • reclaim-js-sdk
  • reclaim-logs-backend
  • reclaim-portal
  • reclaim-sdk-backend
  • reclaim-tee

Methodology

A verification, once generated, cannot be altered by anyone — not the user, not us, not a man-in-the-middle. Enforced by zero-knowledge proofs, open-source code, and TEE attestation, plus continuous AI-based scanning of the verification code as a tripwire.

+Reclaim Protocol

github.com/reclaimprotocol

Stars121