Independent observer of the fd0.sh server's signed tree heads. Consistency-verified observations are cosigned; fork evidence is archived and flagged. Pin the witness pubkey below in your client to require its cosign on every sync.
[witness] url = "https://witness.fd0.sh" pubkey = "233848710d80517e09718e3d18abc4afd12fea4f4fb83b911ec7a383dc7cf567" required = true
The witness API is read-only and unauthenticated. Pull any STH and compare against what the server gave your client — the cosign should match.
$ curl -sS https://witness.fd0.sh/v1/server-info | cbor2json { "witness_pub": "0x233848710d80517e...", "witness_pub_hex": "233848710d80517e..." } # All chains the witness has archived for https://api.fd0.sh $ curl -sS https://witness.fd0.sh/v1/observed/$(echo -n "https://api.fd0.sh" | basenc --base64url -w0 | tr -d '=')
With the witness pinned in your client and required = true, every sync verifies the server's STH against this witness's cosign. If the server ever publishes a fork — two distinct root hashes at the same tree_size — the witness flags equivocation and your client refuses the sync. That makes server-side equivocation cryptographically detectable rather than a matter of trust.
Run your own witness: docs/TRANSLOG.md §8. The more independent witnesses, the harder undetected equivocation becomes.