A signed read of your counterparty's reserves, that you control.
If you lend against, hold, or curate exposure to someone else's token, your safety rests on reserves that issuer attests to with its own verifier and its own dashboard. Kerne independently reads that counterparty's public on-chain reserves and signs the read, so you walk away with a tamper-evident proof in your own records instead of trusting a page that answers to the issuer.
A fixed $2,500 read for a single counterparty on a single chain, or a scoped $5,000 to $15,000 review for a portfolio or several chains. Objective on-chain data, signed: it proves what the public chain shows as of a block. It is not a solvency opinion, a rating, or an audit.
This panel reads an hourly signed attestation from a public endpoint and verifies it in your browser right now. It happens to be pointed at Kerne's own reserves; your commissioned read is this exact artifact, pointed instead at your counterparty's public addresses.
- Signed by the expected keyThe signature recovers, independently, to the named signing key (signer_matches_expected).
- Figures bound to the signatureThe numbers and timestamp rehash to the signed attestation hash, so they cannot be edited after signing (hash_matches).
- Fresh, not a relabelled old oneLast signed 23 min ago; re-signed every 1 h. Freshness is measured from the signed timestamp itself (is_fresh).
Reproduce the verdict yourself:
curl -s https://kerne.fi/api/por/signed | jq '._meta.verified' # expected: true (the signature recovered, the numbers are bound, it is fresh)
The full recovery snippets (ethers, eth_account, cast) ship inside the endpoint under _meta.verify. A delivered snapshot for your protocol carries your own signer, your own addresses, and your real figures.
What this proves. That a named key signed this snapshot, the figures are bound to that signature, and it is recent. It is attestation, not an audit: it does not certify solvency and does not bless the numbers. A protocol whose reserves were short would still verify; the backing figure is where a shortfall would show.
The issuer's proof answers to the issuer
When you take exposure to a token, you inherit its backing and the way that backing is proved. The trouble is that both the dashboard and the attestor are usually the issuer's. The synthetic-dollar market has been taught, repeatedly and recently, that this is exactly the dependence that fails first.
Time and again, the trigger is not a contract exploit. It is an attestation provider ending its relationship with an issuer, or a reserves dashboard coming down, after which holders and lenders have no independent, real-time read of their own and confidence moves faster than anyone can check. A read you commissioned and hold does not disappear when the issuer's page does.
Where backing sits on-chain, anyone can read it, including an outside party with no stake in the answer. We do that read for the specific counterparty you are exposed to, sign it so it cannot be edited after the fact, and hand it to you with the steps to reproduce it. We also draw the line, clearly, around the part of the backing the chain cannot see. We covered one such failure mode in depth, with sources, at kerne.fi/resolv-vs-kerne.
What a review delivers
Four artifacts, delivered together. We read the public on-chain addresses that back the token you are exposed to, separate what the chain can prove from what it cannot, assemble a canonical read, and sign a hash of it with a named key.
A short, written, point-in-time read of the counterparty's reserves as of a specific block: the public on-chain addresses and balances that back the token, the outstanding supply they back, and the resulting on-chain backing ratio. Signed with EIP-191 personal_sign by a named Kerne key, so it cannot be altered after the fact.
The part of the backing that is verifiable from public chain data, stated separately from the part that is not. If the issuer holds collateral off-chain (RWA, custody, a CEX balance), we mark that portion as unverifiable from public data rather than estimate it. You see exactly how much of the story the chain can prove and how much rests on the issuer's word.
The machine-readable bundle behind the read: the signer address, the attestation hash, the 65-byte signature, and the canonical payload string that was hashed. These make the read provable rather than asserted, and let anyone you forward it to confirm it without trusting you or us.
A short guide to reproduce the read from the same public chain data and to confirm the signature: recover the signer, rehash the canonical payload so the figures and block are bound to the signature, and re-read the on-chain balances yourself. Three lines in ethers, eth_account, or cast.
See a real one before you pay
Here is a real signed read, the exact shape your commissioned read arrives in, with the single command that recovers the signer so you can check it without trusting the issuer or us. It is pointed at Kerne's own reserves; yours is pointed at the counterparty's public addresses, and it also draws the on-chain versus off-chain boundary, marking any backing the chain cannot see.
{
"signer": "0x09a2780ac8Be6D5d2d1F85A8D92b09D40C9CA37e",
"attestation_hash": "0x57dbad69dc82f4b566bfb3384bdbb3f71aec8c6e9ad590320708a2d6844f5870",
"signature": "0x52c9f1dc96a0f2b0474cabee74e1bc7006df78e697d77603c61ad1b4be13cc2e6626e121613b7d68004b550cd007334b80f751a60cc8c6e04cf3cfb216667b331b",
"signed_payload_canonical": "{ ...the reserve figures, verbatim, that attestation_hash commits to... }",
"schema_version": 4,
"generated_at": "2026-06-30T23:49:47Z",
"block_heights": { "base": 48037020 }
}Captured 2026-06-30T23:49:47Z from Kerne's own hourly feed (Base Mainnet, block 48,037,020). A real read, not a mockup.
# Recover the address that signed this read from the signature alone; no private key and no trust in us are required. cast wallet verify \ --address 0x09a2780ac8Be6D5d2d1F85A8D92b09D40C9CA37e \ 0x57dbad69dc82f4b566bfb3384bdbb3f71aec8c6e9ad590320708a2d6844f5870 \ 0x52c9f1dc96a0f2b0474cabee74e1bc7006df78e697d77603c61ad1b4be13cc2e6626e121613b7d68004b550cd007334b80f751a60cc8c6e04cf3cfb216667b331b # prints: # Validation succeeded. Address 0x09a2780ac8Be6D5d2d1F85A8D92b09D40C9CA37e signed this message.
Prefer ethers or Python? Same three values.
import { verifyMessage, getBytes } from "ethers";
const hash = "0x57dbad69dc82f4b566bfb3384bdbb3f71aec8c6e9ad590320708a2d6844f5870";
const sig = "0x52c9f1dc96a0f2b0474cabee74e1bc7006df78e697d77603c61ad1b4be13cc2e6626e121613b7d68004b550cd007334b80f751a60cc8c6e04cf3cfb216667b331b";
const recovered = verifyMessage(getBytes(hash), sig);
// recovered === "0x09a2780ac8Be6D5d2d1F85A8D92b09D40C9CA37e"from eth_account import Account from eth_account.messages import encode_defunct hash = "0x57dbad69dc82f4b566bfb3384bdbb3f71aec8c6e9ad590320708a2d6844f5870" sig = "0x52c9f1dc96a0f2b0474cabee74e1bc7006df78e697d77603c61ad1b4be13cc2e6626e121613b7d68004b550cd007334b80f751a60cc8c6e04cf3cfb216667b331b" rec = Account.recover_message(encode_defunct(hexstr=hash), signature=sig) # rec == "0x09a2780ac8Be6D5d2d1F85A8D92b09D40C9CA37e"
- signer
- The address whose key signed this read. You do not take this field on trust: you recover it from the signature (the command on the right) and confirm it matches the named Kerne key.
- attestation_hash
- A sha256 fingerprint of the exact figures being attested. Change any number in the read and this hash changes, which is what makes the figures un-editable after signing.
- signature
- A 65-byte EIP-191 signature over the hash, produced by the signer's key. This is the byte that binds the figures to one specific key. It is what the recover command checks.
- signed_payload_canonical
- The exact, canonically ordered string of every attested figure, byte for byte. It is what attestation_hash is computed over; its full value is public at the endpoint.
- generated_at / block_heights
- When the read was signed and the chain block it was taken at, both carried inside the signed payload so the point in time and the freshness are provable, not asserted.
What this proves. That a named key signed these exact bytes. The command above recovers the signer today and will keep recovering it, because a signature is a permanent fact about the bytes; only freshness is point in time, and the live feed always carries the current read. It is attestation, not an audit: it does not certify solvency and does not bless the figures. Your delivered read is this exact structure, signed over the counterparty's public addresses, with your figures. To watch the signer recovery and the numbers binding run end to end in your browser on live data, use the free verifier at kerne.fi/verify.
Why this sits with you, not the issuer
A proof is only worth as much as your ability to check it when it matters. These are the things a read you own gives you that the issuer's own surfaces cannot.
The issuer's dashboard and the issuer's chosen attestor both answer to the issuer. When confidence moves, those are the first things to go dark or get disputed. A read you commissioned, signed and timestamped, sits in your records and does not depend on the issuer keeping a page up.
The way this exposure tends to fail is not a smart-contract exploit. It is an attestation relationship ending or a dashboard going dark, leaving lenders with no independent, real-time read of their own. An outside read removes that single point of dependence.
We point the read at the specific token, market, and addresses you are exposed to, on the chain you are exposed on. You are not buying a generic rating; you are buying a signed read of the position your capital actually sits behind.
We tell you precisely what public chain data can and cannot prove about the backing. For a fully on-chain-collateralized token that is most of the picture; for an off-chain-backed one it is a smaller slice, and we say so plainly instead of dressing an estimate up as a fact.
What this is, stated plainly
This is attestation and objective-data tooling. It proves what the public chain shows about a counterparty's backing as of a specific block, signed so the read cannot be edited after the fact. It is not a solvency opinion, not a rating, not an audit, and not financial, legal, or accounting advice.
We read only public on-chain data. We do not have the issuer's cooperation or their off-chain books, so any backing held off-chain, in real-world assets, in custody, or on an exchange, is reported as unverifiable from public data rather than estimated or vouched for. We do not render a verdict on whether a counterparty is safe, backed, or solvent; we make the on-chain-verifiable portion checkable, bound the portion that is not, and leave the conclusion to you. We are not affiliated with, and do not speak for, any issuer you ask us to read, and your commissioned read is yours. That honesty is the product: a bounded read you can verify is worth more than a confident number you cannot.
What a review costs
If your exposure is a single counterparty on a single chain, the price is set and you can start now: a fixed $2,500 signed read, no quote or email thread first. A portfolio, several chains, or deeper tracing is a short scope conversation away, not a different product.
What the fixed fee covers
- +One counterparty: one token and the public addresses that back it.
- +One chain.
- +One point-in-time signed read, as of a specific block.
- +The on-chain versus off-chain boundary, with any off-chain backing marked unverifiable from public data.
- +All four artifacts: the signed read, the boundary, the verification bundle, and the reproduction guide.
- +Delivered in 3 to 5 business days.
If one counterparty on one chain is your exposure, pay the fixed fee in USDC on Base and we begin. Same not-a-solvency-opinion terms, no retainer and no standing commitment.
Pay for one read, $2,500You pay in USDC on Base, straight to Kerne's own treasury address, and the transaction hash is your receipt; verify the address before you send. We confirm the counterparty and chain by email after payment. More than one counterparty, more than one chain, or a recurring watch? Scope a larger review.
Larger reviews, $5,000 to $15,000
A portfolio of counterparties, multiple chains and venues, or deeper tracing is scoped to your exposure, not a list price. We quote the number before any work begins and bill by invoice once scope is agreed. Three things move it.
A single token and the addresses that back it is the fixed $2,500 entry read. A short portfolio of the issuers one vault or book is exposed to moves into the scoped band.
One chain is the entry case. Multiple chains, or a token whose backing is spread across several protocols and wrappers, takes more tracing and moves into the band.
A one-time point-in-time read is the entry. A read repeated on a cadence, with alerting when the on-chain backing moves, is the standing option and is quoted against the monitoring service.
Adjacent products: if you run a protocol and want to attest your own reserves to your users and partners, that is the signed Proof-of-Reserves snapshot at a flat $1,500. A standing, cadence-based watch over a counterparty's on-chain backing is quoted against the monitoring service.
How a review starts
Our guarantee. If the read we deliver does not cryptographically verify against the named signing key, we refund the fee or re-run it, your call. That is the one promise attestation can make and keep. It is not a promise about the counterparty's figures, about their solvency, or about any outcome; a faithful read of the on-chain backing will faithfully show what the chain holds and mark what it cannot see. Typical turnaround is 3 to 5 business days.
For a single counterparty on a single chain you do not need a quote first: pay the fixed $2,500 fee in USDC on Base and we begin. The payment goes to Kerne's own treasury address and the transaction hash is your receipt; verify the address before you send. We confirm the counterparty and chain with you by email after payment.
Pay for one signed read, $2,500, then tell us which counterparty and chain. Connect a wallet to pay in one click, or pay manually from any wallet or exchange and paste the transaction hash.
Larger reviews are scoped first: send the request below, we return a fixed quote and a short statement of work, and only then issue an invoice carrying the payment destination and the same not-a-solvency-opinion terms. Payable in USDC on Base or by bank transfer.
Request a counterparty review
Tell us which counterparty you are exposed to and roughly how much, and what you would want a signed, independent read to confirm. We will scope it, send a fixed quote, and point a sample read at the public addresses before you commit. One email also starts it: kerne.systems@protonmail.com.
See the live reference instance, the same signed stack run over Kerne's own reserves every hour, at /api/por/signed, with the public verification guide at kerne.fi/transparency.
Kerne is infrastructure and a service provider, not an auditor, a rating agency, a custodian, or an investment adviser. A counterparty reserve verification is attestation and objective-data tooling: it reports and signs what public on-chain data shows about a counterparty's backing as of a block, and marks any off-chain backing as unverifiable from public data. It is not an audit, a solvency or credit opinion, a recommendation, or any form of investment, legal, tax, or accounting advice, and it does not certify that any counterparty is solvent, adequately reserved, or safe. Kerne is not affiliated with any issuer a client asks it to read. Kerne is early and not yet externally audited, disclosed at kerne.fi/dataroom; this tooling stands on cryptography and public data you verify independently, not on our posture. Review fees are confirmed per engagement.