Embeddable verification badge

Publishing contract

Quick start

Replace att_REPLACE_WITH_YOUR_ID with your own attestation ID. The anchor stays a clean proof link if the badge script fails to load.

<a href="https://existbefore.com/proof/att_REPLACE_WITH_YOUR_ID"
   class="existbefore-badge"
   data-att="att_REPLACE_WITH_YOUR_ID">ExistBefore certified</a>
<script async src="https://existbefore.com/embed.js"></script>

Live preview

Below is a real, live example badge for att_28525. It is preview content only; use your own ID in published markup.

ExistBefore certified

What readers should understand

Why use it

• Always live. The badge re-fetches the current state on every page view, even on cached or archived pages — no stale snapshots.
• Auto-upgrades. When the attestation reaches T1 (eIDAS TSA) or T2 (Bitcoin anchor), the badge updates automatically. You never need to edit the embed.
• Zero tracking. No cookies. No localStorage. No analytics. The script reads only the data-att attribute on its own anchor.
• Privacy by design. The script never reads any other DOM content of the host page and never sends anything from the host page to ExistBefore.
• Graceful fallback. If the network call fails, the anchor stays a navigable link to the proof page — no broken UI.
• Lightweight. ~5 KB gzipped, no dependencies, modern browsers only.

Security and privacy contract

• The script is shipped verbatim from https://existbefore.com/embed.js over TLS.
• It validates the data-att value against a strict regex (^[a-zA-Z0-9][a-zA-Z0-9_-]{1,255}$) before any network call.
• It calls only GET https://existbefore.com/api/attestation/<id>/status. This endpoint is public, anonymous, rate-limited per IP, and never accepts user content — only the (already public) attestation ID.
• It does not use innerHTML with any value sourced from the API; status text is set via textContent only.
• It does not pollute the global namespace (no window.ExistBefore, just side effects).
• It cannot bypass the host page's Content-Security-Policy: if the host page restricts connect-src, the badge will fall back gracefully.

Recommended host CSP additions:

script-src 'self' https://existbefore.com;
connect-src 'self' https://existbefore.com;
style-src 'self' 'unsafe-inline';

The badge injects one static style block. If your host page forbids inline styles, use the static badge templates instead.

Customisation

The badge inherits font-family from the host page and respects prefers-color-scheme. To override the visual style, override the CSS rules scoped to .existbefore-badge in your own stylesheet — they have low specificity and will lose to host rules. Themes, sizes, and a Markdown/README-friendly SVG endpoint are planned for a future release.

Attribution

By default the badge advertises its provenance to assistive technologies via aria-label / title (the visible label is unchanged). The text appended is “ · Powered by CertiSigma”. To opt out, set data-attribution="hidden" on the anchor:

<a href="https://existbefore.com/proof/att_REPLACE_WITH_YOUR_ID"
   class="existbefore-badge"
   data-att="att_REPLACE_WITH_YOUR_ID"
   data-attribution="hidden">ExistBefore certified</a>

The opt-out is purely cosmetic for screen readers — it never disables the live status check, never changes the visible badge, and never adds extra DOM nodes.

Why no nested link to CertiSigma in the badge: <a> inside <a> is invalid HTML and breaks keyboard / screen-reader navigation. The CertiSigma CTA lives below on this page instead.