All recipes

Domain Verification

How keytrace verifies Domain identity claims

Claim URI Format

dns:example.com

Pattern: ^dns:([a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?)+)$

Create Your Proof

  1. 1Open your domain's DNS settings (usually in your registrar or hosting provider)
  2. 2Add a new TXT record at the root domain (or at _keytrace.yourdomain.com)
  3. 3Set the record value to the verification content below
  4. 4Save and wait for DNS propagation (may take a few minutes to an hour)
  5. 5Enter your domain below and verify

Proof Text

You need to include this text in your Domain proof location:

keytrace-verification=did:plc:example123456789012345678

Where to put it: Add a TXT record at the root of example.com (or at _keytrace.example.com)

Verification Steps

  1. 1

    Fetch proof data

    Using the dns fetcher

    example.com
  2. 2

    Search for DID in response

    The runner checks the following locations for your DID:

    • records.txtcontains

      Check if records → txt contains the DID

  3. 3

    Attestation

    If the DID is found, keytrace signs an attestation linking your identity to your ATProto DID and stores it in your repo.

Try Verification

Test verification with your own claim URI and DID: