Legal

Privacy Policy

Last updated: 2026-05-15

Summary

TrustBench (trustbench.io) is a public registry and audit layer for x402 agent payments. We collect no personal data, store no session information, and transmit nothing about you or your agents to third parties.

What TrustBench does

A public registry of x402-style API endpoints with nightly liveness telemetry
A non-custodial routing layer for x402 agent payments
A signed-receipt audit trail for payment events
A hosted MCP server at https://trustbench.io/mcp exposing three read-only tools

Data we collect

Public API and MCP server

Standard web server access logs (IP, timestamp, path, HTTP method, response code) may be retained up to 30 days for operational monitoring. We do not link these logs to any user identity.

Receipt IDs queried via MCP tools are public identifiers with no personal information.

Routing (POST /route)

Receipts record: capability requested, provider routed to, on-chain transaction reference, and timestamp. No wallet private keys, conversation content, or PII.

What we do not collect

No names, email addresses, or account identifiers
No agent conversation content
No wallet private keys or secrets
No cookies or browser fingerprinting
No analytics SDKs (no Google Analytics, Mixpanel, etc.)

On-chain data in receipts

Receipts contain on-chain settlement data including wallet addresses and payment amounts. This data is inherently public — it exists on Base L2 and is verifiable by anyone with a transaction hash via a public block explorer such as basescan.org.

TrustBench does not associate wallet addresses with personal identities and does not enrich receipt data with off-chain identity information. Querying a receipt via the public REST API at GET /receipts/:id, via the MCP server's get_receipt or verify_receipt tools, or via the @trustbench/verify-receipt npm package returns only the on-chain settlement data plus the Ed25519 signature covering the canonical receipt body. No additional identity, contact, or behavioral data is attached.

Users who do not want their wallet activity recorded in a TrustBench receipt should not route their x402 calls through TrustBench.

Third-party services

Railway — application hosting. Privacy policy
Supabase — database (Postgres). Privacy policy
Upstash — Redis cache. Privacy policy
Cloudflare — DNS and TLS. Privacy policy

Data retention

Access logs: up to 30 days, then deleted
Signed receipts: permanently retained (public audit trail by design)
Provider registry data: updated nightly, historical probes retained indefinitely

Security

All data in transit is encrypted via HTTPS/TLS. Receipts are signed with Ed25519 and verifiable against the public key at /.well-known/trustbench-pubkey. TrustBench is non-custodial — we never hold agent funds or private keys.

Contact

Questions? Open an issue at github.com/lithvall/TrustBench/issues or email [email protected].

Changes

If this policy changes materially, the "Last updated" date at the top will be updated.