Trigger a verification
packages/api/src/routes/verify.ts. Validates businessTransactionId (required, and must match the same UUID pattern used by POST /execute), then calls application.verify(businessTransactionId) — VerificationService.verify in packages/runtime/src/services/verification-service.ts.
VerificationService.verify re-hashes the stored Execution Trust Record with VerificationCrypto.verify (packages/crypto/src/VerificationCrypto.ts) and compares it against the persisted trustRecordHash. A new, immutable Verification record is created and appended to the trust record either way — status is VERIFIED or FAILED depending on the hash comparison.200 — the newly created Verification.
Response 400
Get the latest Verification
verify-get.ts loads the trust record via application.getTrustRecord(id) and returns record.verifications.at(-1) — the most recently appended Verification, not a specific one by its own verificationId.
Response 200 — the latest Verification.
Response 404
SDK equivalents
Both SDKs’ “verify” call is a read of the latest Verification, not a way to trigger
POST /verify directly. TypeScript’s VerificationApi.verify() (typescript/src/client/VerificationApi.ts) sends GET /verification/${businessTransactionId} — it correctly targets the real mounted path, matching what’s described above rather than the /verify/:id shape you might expect from the method name. Neither SDK exposes a method that calls POST /verify — in practice, verification is triggered as a side effect of execute(), and these SDK calls are for reading the result afterward.Related
Verification
The concept this endpoint reads and writes.
Replay
A related but distinct integrity check — see that page for how it differs from verification.
Error Model
Canonical vs. actual error shapes for these routes.
Receipt Verification Guide
Using verification as a precondition for receipt generation.