Skip to main content
The Next.js app exposes a small set of routes under /api. The gate runs server-side in these handlers, in @carry/core, before any model is called.

POST /api/chat

Gate, generate, and return an answer with its receipt (Chat A / Chat B).
The gate runs before the model: recall(agentId, query, memories, policy) returns only allowed memories plus the blocked namespaces. Blocked memory never enters the prompt. “verified” is a live Walrus GET, done in parallel over the used blobs.

POST /api/companion

Aria — same shape as /api/chat but with a health-companion persona (Claude) and a warm blocked message when a namespace is revoked.

POST /api/memories · GET /api/memories

Capture a fact to Walrus, or list all stored memories.

GET /api/policy · POST /api/policy

Read or flip the access policy.

POST /api/anchor

Store the receipt to Walrus and verify the blob resolves.

POST /api/anchor-sui

The full on-chain proof: store the receipt to Walrus, compute its blake2b256 digest, and submit anchor_receipt — minting a verifiable Receipt object.
Anchoring is signed server-side via the Sui CLI keystore (no wallet). The digestHex is blake2b256 over the canonical receipt bytes; the verifier re-derives it from the stored Walrus blob.

POST /api/reset

Reset the demo to seed state (seed memories + default policy). Handy before a recording.

Typed client

A thin client wraps these in apps/web/lib/api.ts: