AttestLayerAttestLayer

Intake Engine

100% automated, deterministic PASS/FAIL — no human handling.

Pipeline overview

  1. Upload: Partner submits a ZIP file containing artifacts (PDF, DOCX, XLSX, CSV, JSON, PNG, JPG). Max 500 MB per upload.
  2. Extract & normalize: ZIP contents are extracted. Each file is renamed to a deterministic, conflict-free path preserving the original structure via mapping.json.
  3. Classify: Every file is classified into one of 10 artifact buckets: contracts, policies, reports, security, controls, tickets, exports, evidence, screenshots, unknown. Classification uses filename tokens, folder path analysis, content sniffing (PDF title, JSON keys, CSV headers), and extension-based type detection. Confidence scores are computed per bucket in [0, 1].
  4. Validate: The system checks that all required artifact groups are present with at least one file meeting the 0.90 confidence threshold:
    • policies — at least one policies file
    • reports_or_security — at least one reports or security file
    • contracts — at least one contracts file
    • evidence_or_controls — at least one evidence or controls file
    Missing groups produce a machine-readable checklist.
  5. PASS / FAIL: If all required groups are satisfied → PASS. Otherwise → FAIL with a detailed report listing missing groups, low-confidence files, and suggested remediation.
  6. Kit issuance (PASS only): On PASS, the system produces:
    • kit.zip — normalized evidence kit
    • manifest.json — SHA-256 hashes for every file
    • receipt.json — issuer-signed receipt (Ed25519)
    • Offline verifier bundle for hash + signature validation without internet
    • diff.json (optional) — file-level diff vs previous kit when diff_scope_id is provided

API endpoints

MethodPathDescription
POST/v1/intake/jobsCreate a new job (returns upload URL)
POST/v1/intake/jobs/{id}/uploadUpload ZIP for processing
GET/v1/intake/jobs/{id}Get job status
GET/v1/intake/jobs/{id}/artifactsGet download URLs for outputs

Supported file types

ZIP contents may include: .pdf, .docx, .xlsx, .csv, .json, .png, .jpg, .jpeg, .txt, .md, .html. Images are classified as screenshots and do not satisfy required artifact groups.

Determinism contract

Same input ZIP → same classification, same PASS/FAIL result, same kit structure. Versioned via FES-DIFF-1.0 scope. No randomness, no LLM dependency, no human judgment.

← Back to docs