Kerne Logo
Kerne Signed Address Read

A signed read of any one address, for $149.

Name a single public address and Kerne returns a signed, point-in-time statement of what it held on-chain as of a specific block: the token balances, the block, and the timestamp, signed so they cannot be edited after the fact. Anyone you forward it to can verify it themselves in about three lines, without trusting you and without trusting us. No quote, no call, no account. Pay once and name the address.

Live attestation verifiedBacking ratio, stated1.00Last signed23 min agoSigned by0x09a2780ac8…0c9ca37e

This is the same hourly attestation Kerne runs over its own reserves, re-verified in your browser on the next page. It proves the figures are authentic and fresh, not that reserves are sufficient: attestation, not an audit.

/api/por/signed

$149 flat, one time, self-serve in USDC on Base. Objective on-chain data, signed: it proves what the public chain shows for one address as of a block. It is not a solvency opinion, a rating, or an audit, and it proves nothing about who owns or controls the address.

The same signing stack, live

This panel reads an hourly signed attestation from a public endpoint and verifies it in your browser right now. It happens to be pointed at Kerne's own reserves; your $149 read is this exact artifact, pointed instead at the one public address you name.

Live attestation verified
/api/por/signed
  • Signed by the expected keyThe signature recovers, independently, to the named signing key (signer_matches_expected).
  • Figures bound to the signatureThe numbers and timestamp rehash to the signed attestation hash, so they cannot be edited after signing (hash_matches).
  • Fresh, not a relabelled old oneLast signed 23 min ago; re-signed every 1 h. Freshness is measured from the signed timestamp itself (is_fresh).
Signed by0x09a2780ac8…0C9CA37e
Attestation hash0xe33217a17a…32fa944e
Tooling schemav4

Reproduce the verdict yourself:

curl -s https://kerne.fi/api/por/signed | jq '._meta.verified'
# expected: true   (the signature recovered, the numbers are bound, it is fresh)

The full recovery snippets (ethers, eth_account, cast) ship inside the endpoint under _meta.verify. A delivered snapshot for your protocol carries your own signer, your own addresses, and your real figures.

What this proves. That a named key signed this snapshot, the figures are bound to that signature, and it is recent. It is attestation, not an audit: it does not certify solvency and does not bless the numbers. A protocol whose reserves were short would still verify; the backing figure is where a shortfall would show.

What $149 delivers

Four artifacts, delivered together for one address. We read what the address holds on-chain as of a block, assemble a canonical read, sign a hash of it with a named key, and hand you the steps to check all of it yourself.

1
The signed read

A short, written, point-in-time statement of what the address held as of a specific block: the on-chain token balances at that address, with the block number and timestamp. Signed with EIP-191 personal_sign by a named Kerne key, so it cannot be altered after the fact.

2
The verification bundle

The machine-readable artifacts behind the read: the signer address, the attestation hash, the 65-byte signature, and the canonical payload string that was hashed. These are what make the read provable rather than asserted, and let anyone you forward it to confirm it without trusting you or us.

3
The reproduction guide

A short guide to reproduce the read from the same public chain data and to confirm the signature: recover the signer, rehash the canonical payload so the figures and block are bound to the signature, and re-read the on-chain balances yourself. Three lines in ethers, eth_account, or cast.

4
The on-chain boundary

What a single public address can and cannot tell you, stated plainly. We read what the address holds on-chain at a block. We do not assert who controls it, we do not see any off-chain holdings, and we do not infer what the balance backs. You get a fact about the chain, with its edges marked.

See a real one before you pay

Here is a real signed read, the exact shape the one you commission arrives in, with the single command that recovers the signer so you can check it without trusting us. The read below is pointed at Kerne's own reserves; yours is pointed at the address you name.

A real signed read, and the one line that checks it/api/por/signed
The verification bundle
{
  "signer": "0x09a2780ac8Be6D5d2d1F85A8D92b09D40C9CA37e",
  "attestation_hash": "0x57dbad69dc82f4b566bfb3384bdbb3f71aec8c6e9ad590320708a2d6844f5870",
  "signature": "0x52c9f1dc96a0f2b0474cabee74e1bc7006df78e697d77603c61ad1b4be13cc2e6626e121613b7d68004b550cd007334b80f751a60cc8c6e04cf3cfb216667b331b",
  "signed_payload_canonical": "{ ...the reserve figures, verbatim, that attestation_hash commits to... }",
  "schema_version": 4,
  "generated_at": "2026-06-30T23:49:47Z",
  "block_heights": { "base": 48037020 }
}

Captured 2026-06-30T23:49:47Z from Kerne's own hourly feed (Base Mainnet, block 48,037,020). A real read, not a mockup.

Recover the signer yourself
# Recover the address that signed this read from the signature alone; no private key and no trust in us are required.
cast wallet verify \
  --address 0x09a2780ac8Be6D5d2d1F85A8D92b09D40C9CA37e \
  0x57dbad69dc82f4b566bfb3384bdbb3f71aec8c6e9ad590320708a2d6844f5870 \
  0x52c9f1dc96a0f2b0474cabee74e1bc7006df78e697d77603c61ad1b4be13cc2e6626e121613b7d68004b550cd007334b80f751a60cc8c6e04cf3cfb216667b331b

# prints:
# Validation succeeded. Address 0x09a2780ac8Be6D5d2d1F85A8D92b09D40C9CA37e signed this message.
Prefer ethers or Python? Same three values.
import { verifyMessage, getBytes } from "ethers";
const hash = "0x57dbad69dc82f4b566bfb3384bdbb3f71aec8c6e9ad590320708a2d6844f5870";
const sig  = "0x52c9f1dc96a0f2b0474cabee74e1bc7006df78e697d77603c61ad1b4be13cc2e6626e121613b7d68004b550cd007334b80f751a60cc8c6e04cf3cfb216667b331b";
const recovered = verifyMessage(getBytes(hash), sig);
// recovered === "0x09a2780ac8Be6D5d2d1F85A8D92b09D40C9CA37e"
from eth_account import Account
from eth_account.messages import encode_defunct
hash = "0x57dbad69dc82f4b566bfb3384bdbb3f71aec8c6e9ad590320708a2d6844f5870"
sig  = "0x52c9f1dc96a0f2b0474cabee74e1bc7006df78e697d77603c61ad1b4be13cc2e6626e121613b7d68004b550cd007334b80f751a60cc8c6e04cf3cfb216667b331b"
rec = Account.recover_message(encode_defunct(hexstr=hash), signature=sig)
# rec == "0x09a2780ac8Be6D5d2d1F85A8D92b09D40C9CA37e"
What each field means
signer
The address whose key signed this read. You do not take this field on trust: you recover it from the signature (the command on the right) and confirm it matches the named Kerne key.
attestation_hash
A sha256 fingerprint of the exact figures being attested. Change any number in the read and this hash changes, which is what makes the figures un-editable after signing.
signature
A 65-byte EIP-191 signature over the hash, produced by the signer's key. This is the byte that binds the figures to one specific key. It is what the recover command checks.
signed_payload_canonical
The exact, canonically ordered string of every attested figure, byte for byte. It is what attestation_hash is computed over; its full value is public at the endpoint.
generated_at / block_heights
When the read was signed and the chain block it was taken at, both carried inside the signed payload so the point in time and the freshness are provable, not asserted.

What this proves. That a named key signed these exact bytes. The command above recovers the signer today and will keep recovering it, because a signature is a permanent fact about the bytes; only freshness is point in time, and the live feed always carries the current read. It is attestation, not an audit: it does not certify solvency and does not bless the figures. Your delivered read is this exact structure, signed over the single public address you name, with your figures. To watch the signer recovery and the numbers binding run end to end in your browser on live data, use the free verifier at kerne.fi/verify.

What this is, stated plainly

This is attestation and objective-data tooling. It proves what the public chain shows for one address as of a specific block, signed so the read cannot be edited after the fact. It is not a solvency opinion, not a rating, not an audit, and not financial, legal, or accounting advice.

We read public on-chain data only. We do not assert who controls the address you name, we cannot see anything that address holds off-chain or on another chain we were not asked to read, and we do not infer what the balance is meant to back. We report what is there and mark the edges of what a single address can prove. That honesty is the product: a bounded read you can verify is worth more than a confident number you cannot.

Pay, then name your address

Our guarantee. If the read we deliver does not cryptographically verify against the named signing key, we refund the fee or re-run it, your call. That is the one promise attestation can make and keep. It is not a promise about the figures, about who controls the address, or about any outcome; a faithful read of an empty address will faithfully show it is empty. Typical turnaround is 2 business days.

The fee is $149, fixed, one time. Pay in USDC on Base, straight to Kerne's own treasury address, and the on-chain transaction is your receipt; verify the address before you send. As soon as it confirms, reply to the receipt email with the one public address you want read and the chain it is on. We send your signed read, typically within 2 business days.

Pay $149 in USDC on Base, then tell us the one address and chain. Connect a wallet to pay in one click, or pay manually from any wallet or exchange and paste the transaction hash.

After you pay, send the address to kerne.systems@protonmail.com (or just reply to the receipt email). One address, one chain, one signed read.

When you need more than one address

A single signed address read is the entry point. When the question is bigger than one address, the same signing stack scales into the rest of the lineup, all of it built on the cryptography you just verified above.

Want to check something for free first? Read any stablecoin's live supply and reserve transparency with Verify Any Stablecoin, check a signed proof someone handed you with the self-serve verifier, or read the public verification guide at kerne.fi/transparency.

Kerne is infrastructure and a service provider, not an auditor, a rating agency, a custodian, or an investment adviser. A signed address read is attestation and objective-data tooling: it reports and signs what public on-chain data shows for one address as of a block. It does not assert who controls the address, does not value or vouch for off-chain holdings, and is not an audit, a solvency or credit opinion, a recommendation, or any form of investment, legal, tax, or accounting advice. Kerne is early and not yet externally audited, disclosed at kerne.fi/dataroom; this tooling stands on cryptography and public data you verify independently, not on our posture. The read fee is $149 fixed, earned on delivery.