What cryptographic evidence means in AgriBackup
When you ingest a polygon, register a batch, or link a shipment, AgriBackup submits a transaction to the Hedera Consensus Service (HCS). Hedera returns a transaction ID and a consensus timestamp that are globally and permanently recorded. AgriBackup stores these alongside a Merkle root hash derived from the submitted compliance payload. The result is that every major compliance event has three independently verifiable properties:- Existence: The Hedera transaction ID proves the event was submitted to the network at a specific time.
- Integrity: The Merkle root hash proves the content of the payload has not changed since anchoring.
- Ordering: The Hedera consensus timestamp provides a tamper-proof sequence of events across your entire supply chain.
The three evidence types
AgriBackup exposes dedicated evidence endpoints for the three entities that carry legal compliance significance:Batch evidence
ALedgerEvidenceResponse for a batch records the Hedera anchoring that occurred when you registered the commodity batch. It contains the transaction IDs from the initial registration and from any subsequent updates (e.g. risk assessment state changes).
Endpoint: GET /api/v1/enterprise/eudr/evidence/ledger/batch/{batchId}
Returns raw Hedera transaction IDs, state proofs, and Merkle root hashes for a consolidated EUDR batch. All anchoring is on the Hedera DLT layer.
Polygon evidence
ALedgerEvidenceResponse for a polygon records the satellite screening result anchored on Hedera, proving that a specific farm boundary was assessed against Copernicus imagery at a specific time.
Endpoint: GET /api/v1/enterprise/eudr/evidence/ledger/polygon/{polygonId}
Returns raw Hedera transaction IDs, state proofs, and Merkle root hashes for a verified production polygon.
Shipment evidence
ALedgerEvidenceResponse for a shipment traverses the supply chain graph to locate all EUDR batches mathematically linked to a shipment ID or Bill of Lading, returning their consolidated Hedera state proofs.
Endpoint: GET /api/v1/enterprise/eudr/evidence/ledger/shipment/{shipmentId}
Traverses the supply chain graph to locate all EUDR batches mathematically linked to this shipment ID or Bill of Lading, returning their consolidated Hedera state proofs.
The LedgerEvidenceResponse schema
All three endpoints return the sameLedgerEvidenceResponse model:
The UUID of the entity (batch, polygon, or shipment) that this evidence covers.
Either
BATCH or POLYGON. For shipment evidence, entityType reflects the batch(es) linked to the shipment.All Hedera consensus transaction IDs associated with this entity across its full lifecycle. Example entry:
"0.0.8713513@1713583200-000000000"The Merkle root hash anchored on Hedera. Use this to verify that the compliance payload content has not changed since anchoring. Example:
"0xabc123..."An array of individual Hedera state proof entries. Each entry captures a single ledger operation.
The ISO-8601 timestamp of the most recent Hedera consensus event for this entity. Example:
"2026-06-12T12:00:00Z"HederaStateProof object
Each entry in thestateProofs array describes one discrete ledger operation:
The Hedera HCS transaction ID for this operation. Format:
{shardId}.{realmId}.{accountId}@{seconds}-{nanoseconds}. Example: "0.0.12345@1234567890.000000000"The Hedera consensus timestamp for this specific operation. Example:
"2026-06-12T12:00:00"A JSON string encoding the Merkle proof path. Provide this to a Hedera state proof verifier to independently confirm the payload hash.
The type of ledger operation recorded. Example values:
CREATED, UPDATED, LINKED, REVOKED.Retrieving evidence
Use the following code samples to retrieve evidence for each entity type:- Python
- Node.js
- Java
Verifying evidence independently
Because AgriBackup anchors on the public Hedera Hashgraph, anyone with the transaction ID can verify the record without access to AgriBackup:- Retrieve the transaction ID from
hederaTransactionIdsin the evidence response. - Query the Hedera Mirror Node at
https://mainnet-public.mirrornode.hedera.com/api/v1/transactions/{transactionId}for production, or the equivalent testnet mirror node for sandbox. - Compare the Merkle root hash from the mirror node response against
merkleRootHashin the AgriBackup evidence response. - Confirm the consensus timestamp matches
consensusTimestampin the evidence response.
The
merkleProof field in each HederaStateProof entry is a JSON-encoded Merkle proof path. This path allows a verifier to reconstruct the Merkle root from the leaf node (the compliance payload hash) without needing the full dataset — standard practice for large-scale supply chain audits.Bulk archival for auditors
For regulatory inspections or large-scale audits, use the bulk archival API to export a complete evidence bundle:Trigger the archive job
Call
POST /api/v1/enterprise/eudr/reports/archive to start an asynchronous compilation job. The job assembles TRACES NT XML payloads, Hedera state proofs, and legal document hash records into a single ZIP artifact.The endpoint returns 202 Accepted with a jobId. You receive a report.ready webhook when compilation completes.Download the ZIP
Call
GET /api/v1/enterprise/eudr/reports/archive/{reportId}/download to stream the cryptographic ZIP to your storage system.The ZIP contains one folder per batch, each holding the DDS XML, the LedgerEvidenceResponse JSON, and all referenced land tenure document hashes.HMAC signatures on webhooks
In addition to Hedera-based evidence, AgriBackup uses HMAC-SHA256 to sign every webhook delivery. The signature in theX-AgriBackup-Signature header gives you cryptographic proof that the webhook payload originated from AgriBackup and was not tampered with in transit.
Rotate your webhook signing secret at any time with POST /api/v1/enterprise/eudr/webhooks/{webhookId}/rotate-secret. AgriBackup returns the new secret and begins signing subsequent deliveries with it immediately.
See Async Architecture — Verifying webhook payloads for the verification code examples.