Quickstart

Get your first Cryptographic Destruction Proof in 5 minutes.

---

1. Sign Up

curl -X POST https://api.nanorix.io/v1/signup \
  -H "Content-Type: application/json" \
  -d '{"email": "you@company.com", "jurisdiction": "US"}'

Response:

{
  "customer_id": "cust_8a3f...",
  "api_key": "nrx_live_a1b2c3d4e5f6...",
  "tier": "free",
  "message": "Save your API key — it cannot be retrieved later."
}

Save your API key

The API key is shown exactly once. Nanorix stores only a SHA-256 hash. If you lose it, you'll need to contact support for a key rotation.

The jurisdiction field determines which regulatory frameworks appear in your CDPs. Options: US, EU, UK, CA, AU, IN, OTHER.

---

2. Create a Session

curl -X POST https://api.nanorix.io/v1/sessions \
  -H "Authorization: Bearer nrx_live_a1b2c3d4e5f6..." \
  -H "Content-Type: application/json" \
  -d '{"data_classification": "PHI"}'

Response:

{
  "session_id": "sess_a8f3e71c4b2d9f06",
  "status": "active",
  "ttl_seconds": 300,
  "created_at": "2026-03-01T14:00:00Z"
}

The session is now running inside 6 layers of Linux isolation with volatile-memory-only storage. The data_classification field is your declaration of what kind of data you'll process. Options: PHI, PII, financial, credentials, general.

---

3. Execute a Command

curl -X POST https://api.nanorix.io/v1/sessions/sess_a8f3e71c4b2d9f06/exec \
  -H "Authorization: Bearer nrx_live_a1b2c3d4e5f6..." \
  -H "Content-Type: application/json" \
  -d '{
    "command": "python classify.py",
    "input_data": "{\"record_id\": \"P-1234\", \"diagnosis\": \"Type 2 diabetes\"}",
    "timeout": 30
  }'

Response:

{
  "output": "classification: chronic_condition, risk_score: 0.72",
  "stderr": "",
  "exit_code": 0,
  "timed_out": false
}

The input_data is written to a file inside the sealed sandbox before execution. Your command reads it from {tmpfs}/input/data. The data never touches persistent disk and never appears in command-line arguments.

---

4. Destroy and Get Your CDP

curl -X DELETE https://api.nanorix.io/v1/sessions/sess_a8f3e71c4b2d9f06 \
  -H "Authorization: Bearer nrx_live_a1b2c3d4e5f6..."

Response (truncated for readability):

{
  "session_id": "sess_a8f3e71c4b2d9f06",
  "status": "destroyed",
  "cdp": {
    "cdp_version": "1.0",
    "session_id": "sess_a8f3e71c4b2d9f06",
    "created_at": "2026-03-01T14:00:00Z",
    "destroyed_at": "2026-03-01T14:30:00Z",
    "chain": [
      {"step": 1, "subsystem": "eee_namespace", "operation": "environment_isolation", "...": "..."},
      "... 6 more steps ...",
      {"step": 8, "subsystem": "session_destroy", "operation": "lifecycle_completion", "...": "..."}
    ],
    "final_hash": "sha256:2c8a4f63d19e7b...",
    "attestation": {
      "algorithm": "Ed25519",
      "public_key": "base64:MCowBQYDK2Vw...",
      "signature": "base64:VGhpcyBpcyBh..."
    },
    "regulatory_context": {
      "notice": "This mapping identifies regulatory provisions potentially related to the destruction evidence. It is not a compliance certification.",
      "framework_version": "2026-02",
      "mappings": [
        {
          "step": 3,
          "subsystem": "eee_memory",
          "frameworks": [
            {"regulation": "HIPAA", "provision": "§164.310(d)(2)(i)", "description": "Device and media controls — disposal", "relationship": "related_to"}
          ]
        }
      ]
    }
  }
}

Save the CDP JSON. This is your cryptographic proof of destruction.

The regulatory_context section maps each destruction step to relevant regulatory provisions. This is a factual reference mapping, not a compliance certification. Your compliance team uses it as evidence alongside their own controls.

---

5. Verify the CDP

Online (API)

curl -X POST https://api.nanorix.io/v1/verify \
  -H "Content-Type: application/json" \
  -d @destruction_proof.json

Online (Web)

Go to nanorix.io/verify and drag-and-drop your CDP file.

Offline (Python)

import json, hashlib, base64
from nacl.signing import VerifyKey

with open("destruction_proof.json") as f:
    cdp = json.load(f)

# Verify hash chain
prev = hashlib.sha256(b"").hexdigest()
for step in cdp["chain"]:
    prev = step["chain_hash"].split(":", 1)[1]

# Verify Ed25519 signature — no network needed
pub = base64.b64decode(cdp["attestation"]["public_key"].replace("base64:", ""))
sig = base64.b64decode(cdp["attestation"]["signature"].replace("base64:", ""))
VerifyKey(pub).verify(
    bytes.fromhex(cdp["final_hash"].replace("sha256:", "")), sig)
print("VALID — Chain intact · Signature verified · Proof authentic")

For all verification methods, see Verification.

---

6. Retrieve a Stored CDP

If you need the CDP later:

curl https://api.nanorix.io/v1/proofs/sess_a8f3e71c4b2d9f06 \
  -H "Authorization: Bearer nrx_live_a1b2c3d4e5f6..."

This returns the stored CDP for any destroyed session you own.

---

What's Next

• Read the CDP Specification for the complete format reference
• Explore the API Reference for all endpoints
• Understand the Security Architecture
• Learn about Regulatory Context mappings in CDPs