Verify official TOKEN addresses

This guide lets you confirm the canonical addresses using a public proof file and a DNS TXT record.

1) Fetch the proof file

Open token.com/proof.json and check that the addresses match what you expect.

# Pretty-print the proof
curl -sS https://token.com/proof.json | jq .

# Print the two addresses only
curl -sS https://token.com/proof.json | jq -r '
  "SOL mint: \(.addresses.solana_mint)\nBase contract: \(.addresses.base_contract)"
'

2) Compare against the DNS anchor

We publish a TXT record at ca.token.com that pins a hash of the .addresses object from the proof. Anyone can resolve it:

# Resolve TXT record
dig +short TXT ca.token.com

3) Recompute the hash locally

Compute a stable SHA-256 of the .addresses object (keys sorted). The result must match the sha256_addresses value in the DNS TXT.

# Canonicalize the addresses object and hash it
ADDR_CANON=$(curl -sS https://token.com/proof.json | jq -rcS '.addresses')

# macOS
printf "%s" "$ADDR_CANON" | shasum -a 256 | awk '{print $1}'

# Linux
printf "%s" "$ADDR_CANON" | sha256sum | awk '{print $1}'

4) Optional sanity checks

• Open the explorers: Solscan · Basescan.
• Confirm the same URLs are linked from token.com/ca and our socials.

Tip: if the proof file changes, the DNS hash changes too. Always check both.

About origin and bridge

Origin chain: Base. Bridge: Wormhole.

Last updated: 2025-09-10 UTC