Quickstart
Install an SDK and request your first receipt-attested entropy in a few minutes.
Prerequisites
A reachable EMS deployment. Examples below use http://localhost:8080 — the nginx edge, which routes /v1/* to the entropy egress and /api/v1/* to the admin registry. SDKs may also connect to the egress directly (default http://localhost:7081).
Step 1: Install an SDK
pip install -e sdk-python/
Step 2: Request entropy
Request 32 bytes against the quantum_verified policy. The SDK pins the server's public key and automatically verifies the receipt attached to the response.
from lr_entropy import EntropyClient, Policy
cli = EntropyClient("http://localhost:8080")
cli.fetch_verifier() # pin server key; receipts auto-verify from here
r = cli.get_bytes(32, policy=Policy.QUANTUM_VERIFIED)
print(r.bytes_.hex())
print(r.receipt.quality_score, r.receipt.contributing_sources)Step 3: Verify the receipt
Each response carries a signed receipt. SDK clients verify it before returning bytes — a tampered or unsigned response raises an error instead of yielding output. To verify independently, fetch the active public key from GET /v1/pubkey and check the signature over the canonicalized receipt (details in Receipts & verification).
r = cli.get_bytes(32, policy=Policy.HIGHEST_QUALITY) # Already verified by the client; inspect the attestation: r.receipt.signature_alg # "Ed25519" or "ML-DSA-65" r.receipt.quality_score # real-time score from the quality stage r.receipt.rct_pass, r.receipt.apt_pass # health-test outcomes
Limits & authentication
- Request size: 1 – 65,536 bytes per call.
- When the deployment sets
EMS_API_KEYS, every/v1/*call must carryAuthorization: Bearer <key>. SDKs accept the key via constructor option or theLR_EMS_API_KEYenvironment variable.
Next steps
- Policies — route requests to the right quality tier.
- Multi-source extraction — combine independent sources.
- Streaming — continuous delivery over WebSocket.