CapchaCloud — Live Evidence Demos

CapchaCloud Operator console →
2 Seal it

Freeze it in time.

One click computes a cryptographic fingerprint of the exact message bytes — right here, in your browser, using the same SHA-256 algorithm banks and auditors already trust.

Not yet sealed
SHA-256 fingerprint
This is the exact fingerprint on the live CapchaCloud production chain — your browser just computed it independently.
3 Try to fake it

Now change one penny.

This is the whole point. Edit the amount below — anything, even a single digit — and watch what happens to the seal.

Change anything. A single penny. The record will catch you.

$ USD
Sealed fingerprint (beat 2)
Live fingerprint (this record, right now)
One changed digit → a completely different fingerprint. This is the avalanche effect: SHA-256 gives no partial credit. A record either matches, byte for byte, or it doesn't match at all.
4 Prove it

Prove it — without trusting us.

The proof doesn't live only on our servers. It's cryptographically signed and anchored outside our own control, so anyone — including someone who has never spoken to CapchaCloud — can check it independently.

Checking connection…

Certificate — chain anchor

GET /api/v1/iso20022/​isoev_b5dc…/certificate (public, no key)

Anchored
TSA status
Block height
Vault hash
Message SHA-256

Factset — signed statement

GET /api/v1/iso20022/​isoev_b5dc…/factset (public, no key)

Signed
Signer
Algorithm

Signed by the operator key — verifiable by anyone, offline, against the published public key.

Verify offline — no connection to CapchaCloud required
node examples/chain/verify-capchachain.mjs https://capchacloud.com

Runs on a laptop that has never talked to our servers. If CapchaCloud vanished tomorrow, this still verifies.

Open the live, human-readable certificate →

What this does not prove: a sealed record proves what was checked, when, and that it hasn't changed since. It does not vouch for the truth of the underlying claim — that the payment was authorized, that funds actually moved, or that either bank's internal ledger agrees. That honesty is the point.

Document signing

Send it for signature. Get a sealed certificate back.

CapchaSign handles multi-party e-signature envelopes from a signed-in account. Every completed envelope produces a sealed document and a completion certificate — the same kind of hash-anchored evidence as the wire and transaction demos on this page, applied to signed PDFs.

CapchaSign is a full signed-in product rather than a stateless public API demo, so it isn't embedded inline here the way the other three sections are. Open it directly to see a real signing envelope and completion certificate, or the studio to see how envelopes get built.

Six live calls. No slides, no mock data.

This page is a real client of CapchaCloud's own public API. Every button below fires an actual HTTP request against production — sanctions screening, a fail-closed consent gate, a compliance decision envelope, a public reserve-coverage ledger, and a tamper-evident evidence chain. If a call fails, you'll see the honest failure, not a fake success.

1 Sanctions screening

Screen a name against the real OFAC/SDN list.

Matching is exact, normalized-string equality only (case-fold, diacritic-strip, punctuation-collapse) — no fuzzy or phonetic matching. Names must match EXACTLY as listed by OFAC, last-name-first (e.g. "MADURO MOROS, Nicolas"). A clear verdict means "no exact match against the stated list version" — it is never presented as a sanctions clearance.

Query name
List version
Algorithm
Matches
Evidence ID
Names must match EXACTLY as listed by OFAC (last-name-first format). A "clear" verdict means no exact match against the stated list version — never a sanctions clearance.
List status
2 Consent gate (CC-GATE)

Revoke consent. Watch the very next request get refused.

A demo requester ("demo.capchacloud.com") wants three fields — email, full name, account reference — but is only approved for the minimum necessary: email. Click through: first a normal release, then revoke consent for that same person and try again. Refusal, pending, or an outage all HOLD — nothing executes.

Step 1: not run yet
Subject
Outcome
Decision ID
Evidence ID
Step 2: not run yet
Outcome
Refusal class
Invariant
Decision ID
Evidence ID
Consent revoked → the very next request is refused and the refusal itself is sealed evidence. Refusal, pending, or outage all HOLD — nothing executes.
3 Compliance decision envelope

One call: screening verdict, policy decision, sealed envelope.

This runs a $250,000 stablecoin-rail transaction through CapchaCloud's own compliance oracle — the exact code path a tenant integration uses. It embeds a live sanctions screen for "MADURO MOROS, Nicolas" and assembles a 13-plane Proof-of-Compliance envelope on the Spine, with a certificate id you can fetch independently.

Evidence record
Screening verdict
List version
PoComp status
PoComp cert ID
One API call → screening verdict + policy decision + 13-plane sealed envelope, cert id you can fetch. Advisory only — CapchaCloud never executes, custodies, or reverses a transaction.
4 Reserve coverage (KV-ALM)

Every vendor shows you green. Watch red work.

These two URLs are public — fetched directly by your browser, no proxy. One instrument is healthy (150% reserve coverage). The other is intentionally breached (40%) so you can see the ledger actually flag a problem instead of only ever reporting good news.

Healthy instrument loading…
Coverage
Liabilities
Reserve
Breached instrument loading…
Coverage
Liabilities
Reserve
Tamper-evident, not an audit of the reserves themselves — the ledger compares issued liabilities against the reserve figure the institution itself attests. No regulatory status is conferred.
5 Evidence chain, public

A tamper-evident chain, cross-signed into the RSN certificate.

This is the current head of the Spine's public evidence chain, fetched live. Every sealed record — sanctions ingests, consent decisions, compliance envelopes — flows into it.

Loading…
Tamper-evident, cross-signed into the RSN certificate — verify it here.
6 Guardian payment holds

An opt-in fail-closed hold gate — honestly, not fully interactive yet.

A tenant can bind a document-signature payment release to a guardian circle (M-of-N cosign, fiduciary co-sign, single trusted contact, custodian hold-and-notify, or an objection window). Refused, pending, or an outage all HOLD the release — the gate never silently approves. There is no public interactive cosigner demo on this page yet, so we're not going to fake one.

Static explainer — no live cosigner loop here
Live-sealed hold evidence
envelope env_4bf1934183304740b9473d2da604855f, Spine evidence ev_068cfa5e…
Approved path
covered by automated tests; the first real cosigner is an onboarding step for a live tenant, not yet run on this demo page
This hold is opt-in and additive — it does not move or custody funds. The guardian decision is advisory evidence a tenant's own release logic chooses to honor. An unreachable or non-approved result HOLDS the release; it is never silently approved.

Transaction Evidence — verify it yourself

Paste a record id to independently check a CapchaCloud transaction evidence record. Nothing here trusts us on our word: you can recompute the hash in your own browser.

CapchaShield — KYC/AML

Any vendor can tell you a name matched a list. We seal the check itself.

This is the sanctions/AML screening layer of CapchaShield, CapchaCloud's KYC/AML compliance product. The button below hits the exact same live endpoint as the Banking & Compliance panel above — the real OFAC/SDN list, exact_normalized_v1 matching only (no fuzzy or phonetic matching). What's different in this framing is the point: any vendor can tell you a name matched a list. CapchaCloud seals that screening decision — the name, the list version, the verdict, and the timestamp — into a tamper-evident record you, a counterparty, or a regulator can verify independently. That's the difference between "we checked" and "here's provable evidence we checked."

Query name
List version
Algorithm
Matches
Names must match EXACTLY as listed by OFAC (last-name-first format). A "clear" verdict means no exact match against the stated list version — never a sanctions clearance, and never a substitute for a compliance officer's own review. This is a screening record, not a regulatory determination.

The rest of CapchaShield — native tier vs. bring-your-own vendor

Sanctions screening above is genuinely live. These other check types are real, built adapters — but honestly labeled: native checks are a screening aid with no certified assurance and no validated error rate, and certified-vendor checks activate only once a tenant supplies their own licensed vendor credentials. Nothing below is a fake demo — it's what's actually built, described accurately.

Native + BYO vendor

ID document

Document capture and triage natively, or a full certified verification via your own Sumsub, Jumio, Veriff, Ondato, or Shufti Pro contract.

Native

Video presence & face match

Randomized active challenges plus a Workers AI vision face comparison — a real, honestly-labeled screening signal, never marketed as certified biometric liveness.

BYO vendor

PEP & adverse media

No free authoritative source exists for this data, so it's vendor-backed by design — via your own ComplyAdvantage or LexisNexis license.

Native + BYO vendor

KYB & UBO

Business registry lookups natively; full beneficial-ownership resolution via your own Trulioo or licensed KYB provider.

Native

Case management

Every check groups into a case a compliance officer opens, notes, escalates, and closes — and every action on the case is sealed just like a check.

BYO vendor

Transaction monitoring

Event capture and rule-based alerting natively; full behavioral AML monitoring via a licensed vendor such as Alessa.

This sanctions screen is one check inside CapchaShield. See every check type, the two-tier model, and the one-click evidence package.