# Certorix > Certorix is a SaaS platform that lets organizations build, publish, and embed AI-powered diagnostic trees and cryptographically verified product facts. It combines a visual no-code editor, AI generation, zero-knowledge proofs, and embeddable widgets into one product trust layer. ## Overview Certorix is built for support teams, product companies, and anyone who needs to guide customers through structured troubleshooting or publish verifiable product claims. It ships two tightly integrated products under one account: **DTT Tree Builder** (guided diagnostic trees) and **FactFlow** (AI-verified product facts). - Website: https://certorix.online - API base: https://provenance-api-i5eg.onrender.com - OpenAPI spec: https://provenance-api-i5eg.onrender.com/api/openapi.yaml - AI plugin manifest: https://provenance-api-i5eg.onrender.com/.well-known/ai-plugin.json - Help center: https://certorix.online/help - Public registry: https://certorix.online/registry (coming soon) - Status: Beta — free to start, no credit card required --- ## Products ### DTT Tree Builder — Guided Diagnostic Trees DTT (Diagnostic Tree Tool) lets teams build visual step-by-step diagnostic flows that guide customers through questions and lead them to clear resolutions or support tickets. **What it does:** - Visual drag-and-drop tree editor with 6 node types - AI tree generation in seconds from a plain-language description (Llama 3.3 via Groq) - AI chat assistant trained on your own trees (ask it anything about your flows) - Cryptographic signing of every published tree (HMAC-SHA256) - DTT Verified seal on all published trees - Version history with rollback - Auto-save with unsaved-changes protection - Undo/redo with full history - Import/export trees as JSON or Markdown **Node types:** - **Question** — presents options that route to other nodes - **Input** — captures free-text from the user, stored as a variable - **Info** — displays instructions or images with a Continue button - **Condition** — auto-routes based on previously captured input values - **Solution** — end of a branch; shows resolution, KB article links, and action buttons - **Jump** — seamlessly continues the flow inside another diagnostic tree **Embed options:** - iFrame embed on any website - Freshdesk Portal embed (new-ticket page) - Direct shareable link - AI Chat embed (conversational mode powered by published trees) **Integrations:** - **Freshdesk**: connect subdomain + API key → auto-create tickets when diagnostics fail; field mapping; portal embed - **MCP (Model Context Protocol)**: ChatGPT and AI agents can search and run trees via the public API - **Widget Generator**: no-code snippet builder with live preview, color/logo theming **Free tier:** - 3 published trees - 500 diagnostic sessions / month - 5 AI tree generations / month - 1 team member - Full widget & API access - DTT Verified seal on all trees --- ### FactFlow — AI-Verified Product Facts FactFlow lets organizations publish structured product claims as subject–predicate–object triples, run AI verification on each claim, and certify them with zero-knowledge proofs. **What it does:** - Create facts as semantic triples: `Apple iPhone 15 > battery life > 26 hours` - Run AI verification on each fact (Groq Llama 3.2 90B): true / false / uncertain / unverifiable - AI returns confidence score (0.0–1.0), reasoning, caveats, and suggested authoritative sources - Certify verified facts with BBS+ zero-knowledge proof tokens - Issue VNTs (Veridium Notary Tokens) in gold / silver / bronze tiers based on confidence - Knowledge graph visualization of all published facts as nodes and edges - Selective disclosure: prove a specific attribute without revealing the full fact set - Publish to public registry for AI agent discovery **Fact lifecycle:** 1. Draft → AI Verified → Certified → Published 2. Disputed or false facts are flagged; user can edit and re-verify **Token types:** - **BBS+ Token** — selective disclosure proof (zero-knowledge) - **VNT (Veridium Notary Token)** — signed with Ed25519; gold/silver/bronze tiers - Tokens can be verified publicly at `/public/vnt/:vntId` **Free tier:** - 10 published facts - 10 AI verifications / month - Knowledge graph access - Full public registry inclusion --- ## Pricing All plans renew monthly and can be cancelled at any time. No credit card required to start. | Plan | Price | Trees | Sessions/mo | AI Gen/mo | Team | |---|---|---|---|---|---| | Free | €0 | 3 | 500 | 5 | 1 | | DTT Premium | €9/mo | 25 | 5,000 | 100 | 5 | | FactFlow Premium | €9/mo | — | — | — | 5 | | All-in-One Premium | €99/mo | Unlimited | Unlimited | Unlimited | Unlimited | **Notes:** - DTT Premium adds Freshdesk integration and increased limits - FactFlow Premium adds 200 facts, 200 AI verifications/month, BBS+ tokens, blockchain anchoring - Each product can be upgraded independently - Only organization administrators can change the billing plan - All plans include the DTT Verified seal on published content --- ## Architecture & Technology **Frontend:** React 18, Vite, React Flow (canvas editor), Zustand (state) **Backend:** Node.js 20, Fastify, MongoDB Atlas **AI:** Groq (Llama 3.3 70B for trees, Llama 3.2 90B for fact verification) **Auth:** Argon2id (passwords), JWT HS256 (access tokens), httpOnly cookies (refresh) **Crypto:** HMAC-SHA256 (tree signing), BBS+ (ZK proofs), Ed25519 (VNT signing), SHA-256 (content hashes) **Payments:** Stripe (Checkout + Customer Portal) **Deployment:** API on Render, frontend on Vercel --- ## Public API No authentication required for all `/public/` endpoints. ### Diagnostic Trees (Public) ``` GET /public/trees/:treeId?organizationId=ORG_ID → Download a published tree with full node graph GET /public/search-tree?organizationId=ORG_ID&q=QUERY → Search trees within an organization GET /public/search?q=QUERY&brand=BRAND&model=MODEL&tags=TAGS → Global tree search across all verified organizations POST /public/diagnostic/start Body: { treeId, organizationId } → Start a diagnostic session; returns { sessionId, currentNode } POST /public/diagnostic/next Body: { sessionId, organizationId, answer: { nodeId, optionId } } → Advance one step; returns { status: 'in_progress'|'completed', currentNode } GET /public/diagnostic/:sessionId?organizationId=ORG_ID → Get current session state POST /public/tickets/create Body: { organizationId, sessionId, userInfo, formFields, diagnosticSummary } → Create a Freshdesk ticket from a completed/abandoned diagnostic ``` ### Facts (Public) ``` GET /public/facts?organizationId=ORG_ID&q=QUERY → Search published verified facts GET /public/facts/:factId → Get a single public fact GET /public/facts/verify/:contentHash → Verify fact integrity by content hash POST /public/facts/query Body: { organizationId, subject, predicate, object, status } → Complex fact queries GET /public/vnt/:vntId → Get a Veridium Notary Token GET /public/vnt/registry.json → Machine-readable VNT registry (all published VNTs for org) POST /public/vnt/verify Body: { vntId } → Verify VNT signature and status ``` ### AI Chat (Public) ``` POST /public/ai-chat Body: { organizationId, message, history: [{role, content}] } → Conversational AI support; responds only using the organization's published trees and facts; always answers in English; refuses topics not covered by the org's knowledge base ``` ### Registry (Public) ``` GET /api/registry/manifest → Registry entry point GET /api/registry/organizations → List all verified organizations GET /api/registry/:orgSlug → Organization profile with published trees and metadata GET /api/registry/verify/:treeId → Verify tree HMAC-SHA256 signature GET /api/registry/badge/:orgSlug → Download SVG DTT Verified badge for embedding on websites ``` ### Discovery ``` GET /.well-known/ai-plugin.json → OpenAI / ChatGPT plugin manifest GET /api/openapi.yaml → Full OpenAPI 3.1 specification GET /health → Service health check ``` --- ## Authentication API ``` POST /api/auth/register-org Body: { orgName, adminName, adminEmail, password } → Register new organization; returns user + accessToken if auto-verified GET /api/auth/verify-email?token=TOKEN → Verify email from link; returns { verified: true, user, accessToken } POST /api/auth/login Body: { email, password } → Returns { user, accessToken }; sets refresh cookie POST /api/auth/google Body: { idToken } → Google OAuth login/register; returns { user, accessToken } POST /api/auth/logout → Clears refresh cookie POST /api/auth/refresh → Uses httpOnly cookie; returns new accessToken GET /api/auth/me → Returns current user (Bearer token required) POST /api/auth/forgot-password Body: { email } → Sends password reset link (rate limited: 3 per 15 min) POST /api/auth/reset-password Body: { token, password } → Resets password (rate limited: 5 per 15 min) ``` All private endpoints require: `Authorization: Bearer ACCESS_TOKEN` --- ## User Flows ### Register and start (new organization) 1. Go to https://certorix.online/register 2. Enter organization name, admin name, email, and password (or use Google) 3. Verify email (link sent; auto-verified in development) 4. Land on Dashboard → choose DTT Tree Builder or FactFlow 5. Your last-used product is remembered for the next login ### Build and publish a diagnostic tree 1. Open DTT Tree Builder → click **New tree** (or use AI generation) 2. Drag node types from the left sidebar onto the canvas 3. Click a node to edit its text, options, and actions in the right panel 4. Connect nodes by dragging from the bottom handle to the top handle 5. Set the start node in **Tree Metadata** (left sidebar → Trees tab) 6. Click **Publish** in the top bar 7. The tree is signed with HMAC-SHA256 and receives the DTT Verified seal 8. Go to **Widget Generator** to embed it on your website ### Embed on a website (iFrame) 1. Go to Widget Generator (`/widget-generator`) 2. Select a published tree and choose primary color + logo 3. Choose **iFrame Embed** as delivery method 4. Copy the generated snippet and paste it into your HTML ### Embed AI Chat on a website 1. Go to Widget Generator 2. Click **✦ AI Chat** in the preview toggle (or select the AI Chat Embed tab) 3. Copy the iframe snippet — it points to `/chat/YOUR_ORG_ID` 4. The AI chat automatically uses all your published trees as its knowledge base 5. It responds only in English and refuses topics outside your data ### Verify a published fact (external tool) ``` GET /public/vnt/:vntId → { id, subject, predicate, object, tier, confidence, issuer, signature, status } ``` --- ## Frequently Asked Questions **What is the DTT Verified seal?** A cryptographic badge issued when a tree is published. It proves the tree content has not been tampered with since publication, using HMAC-SHA256 signing. Displayed on all public widgets. **Do I need a credit card to start?** No. The free plan is permanent and does not require a payment method. **Can I use both DTT Tree Builder and FactFlow with one account?** Yes. One registration gives access to both products. Switch between them from the Dashboard. **How does the AI tree generation work?** You describe your use case in plain language (e.g., "A troubleshooting tree for WiFi connectivity issues on Android phones"). The AI generates a full tree structure with nodes, options, and resolution messages. You then edit and publish it. **What is BBS+ and why does it matter?** BBS+ is a zero-knowledge proof signature scheme. It lets you prove a specific attribute of a fact (e.g., "battery life > 20h") without revealing all the other certified facts in your token set. Useful for selective disclosure in regulatory or contractual contexts. **How does the Freshdesk integration work?** Connect your Freshdesk subdomain and API key in the Freshdesk Config page. When a customer completes a diagnostic tree and clicks "Open a ticket", Certorix automatically creates a Freshdesk ticket with the full diagnostic session history pre-filled. You can also embed the diagnostic widget directly on your Freshdesk portal's new-ticket page. **Can AI assistants (ChatGPT, etc.) use Certorix trees?** Yes. The public API is fully documented at `/api/openapi.yaml` and there is an OpenAI plugin manifest at `/.well-known/ai-plugin.json`. AI agents can search trees, run diagnostics step by step, and create tickets without any authentication. **Is the AI chat limited to my organization's data?** Yes, strictly. The `/public/ai-chat` endpoint loads only the published trees and FactFlow facts belonging to the specified `organizationId`. It will refuse to answer questions outside that scope and always responds in English. **What happens when I reach a plan limit?** You receive an error when trying to exceed the limit (e.g., publish a 4th tree on the Free plan). Upgrade from the Billing page (`/billing`) at any time. Only organization administrators can change the plan. **Can customers open a support ticket from the AI chat widget?** Yes. A persistent "Open a ticket →" button is always visible during the chat. Clicking it opens a pre-filled ticket form with the full conversation transcript attached. Submitted to Freshdesk if the integration is configured. **How do I embed a widget on my website?** Go to Widget Generator, select your tree, choose a delivery method (iFrame or Freshdesk), copy the snippet, and paste it before `` in your HTML. No backend setup required for iFrame embeds. **Is Certorix GDPR compliant?** Legal documentation is available at: - Privacy Policy: https://certorix.online/legal/privacy - Data Processing Agreement: https://certorix.online/legal/dpa - Cookie Policy: https://certorix.online/legal/cookies **What AI models does Certorix use?** - Tree generation: Llama 3.3 70B Versatile (via Groq) - Fact verification: Llama 3.2 90B Vision (via Groq) - AI chat and help: Llama 3.3 70B Versatile (via Groq) **How does version control work for trees?** Every time you publish a tree, an immutable version snapshot is saved. You can view all past versions and restore any of them. Draft changes (unpublished) do not create new versions. --- ## Key Pages - Home: https://certorix.online - Register: https://certorix.online/register - Sign in: https://certorix.online/login - Help Center: https://certorix.online/help - Dashboard: https://certorix.online/dashboard (auth required) - DTT Tree Builder: https://certorix.online/trees (auth required) - FactFlow: https://certorix.online/factflow (auth required) - Widget Generator: https://certorix.online/widget-generator (auth required) - Billing: https://certorix.online/billing (auth required) - AI Chat (embeddable): https://certorix.online/chat/:orgId (public) - Public tree viewer: https://certorix.online/view/:treeId?org=:orgId (public) - Privacy Policy: https://certorix.online/legal/privacy - DPA: https://certorix.online/legal/dpa - Cookies: https://certorix.online/legal/cookies --- ## Contact & Legal - Website: https://certorix.online - Author: Jaume Martí Anguera - License: AGPL-3.0 - Copyright: © 2026 Certorix. All rights reserved.