Standards & Compliance
Headless Oracle is cryptographically verifiable market-state infrastructure, built to meet emerging regulatory requirements for autonomous agents and tokenized collateral.
On this page
What is a Signed Market-State Attestation (SMA)?
A Signed Market-State Attestation (SMA) is a cryptographically signed claim about the current trading state of a regulated venue at a specific moment in time. Every response from Headless Oracle is an SMA: a structured payload describing whether a market is open, closed, in pre-auction, in lunch break, or on an early-close schedule, together with the exchange's ISO 10383 MIC code, an RFC 3339 timestamp, and an Ed25519 signature over the canonical form of the payload.
The design goal is simple: make market state a verifiable fact rather than a trusted claim. A smart contract, trading agent, or compliance process can independently validate an SMA against Headless Oracle's published Ed25519 public key, without ever calling back to our service. The signature is the source of truth. If the public key verifies the signature, the payload is authentic; if it doesn't, the payload is rejected. There is no middle state.
SMAs are short-lived by design. Each attestation carries a 60-second time-to-live, after which downstream consumers must refuse to act on it. This bounds the window in which a stale reading can drive an incorrect decision — a critical property for autonomous systems handling real capital.
Regulatory Alignment
The SEC/CFTC Technical Framework for tokenized collateral and agent-driven settlement identifies cryptographic attestation of venue state as a core requirement. SMAs are designed to map one-to-one onto that requirement.
Ed25519 signatures
Every response is signed with Ed25519 (RFC 8032). The public key is published at /ed25519-public-key.txt and can be pinned by consumers for deterministic verification without external trust.
60-second TTL
Attestations are valid for 60 seconds from issuance. Consumers must reject expired receipts. This bounds the risk window for autonomous settlement and matches the cadence at which regulated venues publish state transitions.
ISO 10383 MIC codes
Every SMA identifies its venue using the ISO 10383 Market Identifier Code — the same standard used by the SEC, ESMA, and global clearing infrastructure. No ambiguous aliases, no custom identifiers.
Fail-closed architecture
When Headless Oracle cannot confirm a venue's state with confidence, it returns an explicit unknown with a 4xx status — never a permissive default. Agents treating "unknown" as "open" fail safe.
Multi-Oracle Verification
A single oracle is a single point of failure — and a single point of trust. For high-value settlement and tokenized collateral flows, we recommend consuming attestations from three or more independent oracles and acting only on majority consensus.
Multi-oracle consensus converts the question "do you trust Headless Oracle?" into "do you trust that three independent operators all signed the same claim?" — a materially stronger guarantee. Divergent readings are a first-class signal: they indicate an upstream venue issue, an oracle outage, or an attempted data-integrity attack, and should trigger a fail-closed response in downstream systems.
Independent oracles recommended for high-value settlement
Byzantine-fault tolerance: consensus survives one oracle compromise per three
Every oracle's attestation carries its own Ed25519 signature — trivially aggregatable
28 Global Exchanges
Coverage spans the primary regulated venues across every major time zone, plus the derivatives and 24/7 crypto venues most relevant to autonomous settlement. Every venue is addressed by its ISO 10383 MIC code.
Americas
3 venuesEurope
6 venuesMiddle East & North Africa
3 venuesAfrica
1 venueAsia-Pacific
10 venuesDerivatives & Crypto
5 venuesTotal: 28 venues. ~1,300 schedule edge cases handled annually (holidays, DST, lunch breaks, early closes, circuit breakers).
Built for the Agentic Economy
Human-facing market data APIs assume a human operator will handle ambiguity, read documentation, and retry on error. Autonomous agents cannot. Headless Oracle is designed for consumers that must act on the response without human mediation.
Model-agnostic
No lock-in to a single LLM provider or agent framework. HTTP, JSON, and standard crypto primitives work for any runtime — from LangGraph and Claude Agent SDK to bespoke Go and Rust stacks.
Protocol-native
Discoverable over MCP for agent runtimes, billable via x402 micropayments, and interoperable with emerging A2A agent-to-agent flows. No bespoke SDKs required.
Fail-closed by default
Ambiguous or unverifiable states return an explicit unknown status with a 4xx code. An agent that treats 4xx as "do not act" will always fail safe. Never a 200 with an error body.
Autonomous agent payments
x402 lets an agent pay per-request in USDC on Base with no human-in-the-loop onboarding, no API key provisioning, and no subscription management. The agent settles its own invoice.
For Developers
Every resource below is designed to be consumed by a build tool, an agent runtime, or a CI pipeline — not just a human reading a docs page.
MCP Quickstart
→Drop-in .mcp.json config for Claude Code and compatible agent runtimes.
llms.txt
→Machine-readable API summary for LLM ingestion and agent discovery.
OpenAPI 3.1 spec
→73 paths, strict schemas, fail-closed error contracts. Generate a client in any language.
Sandbox endpoint
→Signed demo responses with no API key required. Start testing in 10 seconds.
Receipt verifier
→Client-side Ed25519 verification — paste a receipt, confirm authenticity without trusting us.
x402 discovery
→Autonomous agent payment metadata — chain, asset, per-request price, settlement address.
Ready to build on verifiable market state?
Get a free API key in under 10 seconds. No credit card, no signup form.