Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.enfinitos.com/llms.txt

Use this file to discover all available pages before exploring further.

The EnfinitOS sandbox is a fully-functional demonstration tenant running on the same primitives as the production platform — signed proof packs in byte-exact envelope.v1 form, the complete rights bounded context, real Ed25519 + SHA-256 cryptography, real constraint enforcement. It exists for one purpose: to let a buyer’s compliance team verify the platform’s claims without onboarding into a paying tenant.
Available now. Request sandbox access at enfinitos.com/apply. Provision a tenant, run a synthetic delivery batch, verify the resulting proof pack in your browser. Twenty minutes start to finish.

What’s the same vs. production

ConcernSandboxProduction
Proof-pack formatenvelope.v1, byte-identicalenvelope.v1, byte-identical
Ed25519 signaturesReal, deterministic keyReal, hardware-held key
SHA-256 hash chainReal, end-to-end intactReal, end-to-end intact
Canonical-JSON encodingField-ordered + sort-keys, byte-exactIdentical
Rights bounded contextFull state machinesFull state machines
Metering projectionPer-substrate rules, deterministicSame rules + per-tenant overrides
Settlement reconciliationBanker’s rounding, audit-ableIdentical
Constraint enforcementPre-render gate at delivery timeIdentical
PersistenceIn-memory per Worker isolate (ephemeral)Postgres with hot replicas
Tenant identityCookie-scoped, HMAC-signedOAuth + RBAC
Verification key directorySandbox-only key (publicly seeded)Production-only key (HSM-held)

What this means for the buyer

If your auditor’s tooling verifies a sandbox-issued pack successfully, it will verify production-issued packs with no code change — only a different verification-key directory pointer. The seven-step audit roundtrip the sandbox runs in your browser is exactly what @enfinitos/sdk-auditor’s verifyAll performs offline against any production pack.

What can’t impersonate what

Sandbox and production are cryptographically distinct:
  • Sandbox signing key: derived from a published seed string. Anyone can re-derive it. Anyone can issue sandbox-format packs that the sandbox key verifies — which is precisely the point of an open demonstration environment.
  • Production signing key: will be held in EnfinitOS’ production HSM, never exported. Its public half will be published at /v1/runtime-keys on api.enfinitos.com at the April 2027 production launch.
  • Verification key directories: separate. The sandbox’s /api/sandbox/runtime-keys carries only the sandbox key; the production /v1/runtime-keys will carry only production keys at launch. Cross-environment verification fails as UNKNOWN_KEY_ID.
  • Org namespaces: distinct. Every sandbox visitor gets a per-session org_… that lives only in memory.
A counterfeit sandbox pack cannot impersonate a production tenant because (a) it carries a sandbox keyId, and (b) production auditors would point at the production key directory and reject it.

Request sandbox access

Apply for a sandbox tenant — five guided steps from provision to verify.

Integration playground

Paste your API key and exercise live endpoints in the browser.

API reference

Every sandbox HTTP endpoint with request/response shapes.

Architecture deep-dive

How the sandbox is layered and how it can be migrated to a persistent (KV) backend later.