Verifiable data for IoT & edge devices.
An edge device acts on data. How does it know that reading wasn't stale, swapped, or tampered in transit? Dynamic Feed signs every datapoint over its exact bytes, so a device can verify it on-device — against a published key — before it acts.
The call
Keyless. Fetch a signed datapoint, then verify it on the device before acting — no network round-trip needed to check a signature.
# 1) keyless: a gateway fetches a signed reading the device acts on
curl -s https://dynamicfeed.ai/v1/batch -H "Content-Type: application/json" \
-d '{"calls":[{"tool":"air_quality","args":{"city":"Sydney"}}]}'
# 2) verify the Ed25519 signature on-device against the published key
curl https://dynamicfeed.ai/.well-known/keys
# canonical = the response WITHOUT its "signature" field, keys sorted, compact
# open-source verifier (Python + JS): github.com/dynamicfeed/df-verify · or /proofSample response
{ "us_aqi": 45, "us_aqi_category": "Good", "pm2_5": 8.3,
"provenance": { "source": "Open-Meteo Air Quality",
"measured_at": "2026-06-14T04:00:00Z", "age_seconds": 696 },
"signature": { "alg": "Ed25519", "key_id": "df-ed25519-4cb32e72f333",
"canonicalization": "json-sorted-compact", "sig": "..." } }Why live data
An edge device that acts on a bare number trusts the connection, not the data. Dynamic Feed signs every datapoint with Ed25519 over its exact canonical bytes and stamps it with provenance — source, source URL, measurement time. A gateway or device verifies that signature on-device against the published key before acting: if it's stale, swapped or tampered, the signature breaks. The same open-source verifier runs on the device. A signature proves the datapoint existed unchanged as we reported it at that time — it is not a claim the value is objectively true, and it is evidence, not a safety guarantee; the device's own stack owns the decision.
Use it for
- Industrial IoT / SCADA — verify a world-data reading before a controller acts on it
- Energy / DER / VPP devices — check a signed grid or carbon signal before dispatch
- Environmental & smart-city sensors — corroborate a local sensor with a signed feed
- Drone & robotics edge — a signed gps_interference reading before a flight
FAQ
How does a device verify a datapoint?
Drop the response's 'signature' field, canonicalize the rest (JSON, keys sorted, compact separators), and check the Ed25519 signature against the key at /.well-known/keys. The open-source verifier (Python + JS) does this on-device with no network round-trip; the /proof page does it in a browser.
Do I need an API key?
No. The feeds are keyless to start over MCP (npx dynamicfeed-mcp) and a plain REST endpoint. An optional key identifies your app as limits roll out.
Is this a safety system?
No. It is a verifiable data layer — evidence, not a safety guarantee, and not device management or certification. The signature proves a datapoint existed unchanged at a time; your device's own stack owns every decision.