TLS
System Active
A proprietary three-way reconciliation and adversarial fraud defense engine, purpose-built for logistics operators moving capital at scale. Match every invoice, purchase order, and goods receipt — automatically — before a dollar leaves the ledger.
Cryptographic matching across purchase orders, goods receipts, and supplier invoices. Discrepancies are quarantined in real-time before payment authorization.
Build a JSON object with PO, goods-receipt, and invoice triplets. SKU IDs must match across all three.
// payload.json { "po_id": "PO-44219", "gr_id": "GR-44219-A", "invoice": { "vendor": "ACME-LOG", "sku": "SKU-7781", "qty": 120, "total": 8499.00 } }
POST the payload to the reconcile endpoint with your API bearer token.
curl -X POST https://tls.api/v1/reconcile \ -H "Authorization: Bearer $TLS_KEY" \ -H "Content-Type: application/json" \ -d @payload.json
A match: true response means the invoice is cleared to pay. Anything else is auto-quarantined.
// response · 218ms { "match": true, "variance": 0.00, "audit_hash": "sha256:a31f…", "status": "APPROVED" }
Schedule deterministic, regulator-ready exports of every reconciliation event. Cryptographically signed, timestamped, shipped to your auditor's vault on cadence.
Choose the date range and which ledgers to include. Leave ledger blank to export every active ledger.
// export_config.json { "from": "2026-05-01", "to": "2026-05-31", "ledger": "all", "sign": true }
POST to the export endpoint. The engine compiles a cryptographically signed CSV in seconds.
curl -X POST https://tls.api/v1/export \ -H "Authorization: Bearer $TLS_KEY" \ -H "Content-Type: application/json" \ -d @export_config.json
Use the returned download_url (valid 24h) or pull directly via the audit endpoint.
// response { "file": "audit_2026-05.csv", "download_url": "https://tls.api/…", "sha256": "b8f1…", "rows": 12847 }
Our proprietary behavioral filter. Surfaces phantom vendors, duplicate-invoice loops, and tail-end siphoning patterns before they hit your AP queue.
Activate the scanner. Once running, every inbound invoice is silently scored against the fraud model.
curl -X POST https://tls.api/v1/ghost-hunter/scan \ -H "Authorization: Bearer $TLS_KEY" \ -d '{"mode":"continuous"}'
Query the quarantine endpoint to see every flagged line, with risk score and the signals that triggered it.
curl https://tls.api/v1/ghost-hunter/quarantine \
-H "Authorization: Bearer $TLS_KEY"
Each entry includes a human-readable reason. Approve or reject from your dashboard — decisions are written to the audit trail.
// quarantine response [ { "invoice": "INV-9921", "vendor": "GH0ST-LOG", "risk": 0.94, "reason": "phantom_vendor", "action": "HELD" } ]
Every module — Three-Way Ledger Validation, Automated CSV Audit, and Ghost Hunter Fraud Filter — in a single discounted bundle. One key, one contract, full capital defense coverage.
Every transaction enters the engine through a typed FastAPI ingress, fans out to parallel validators, and exits with either a signed approval or a quarantine flag. The architecture is deterministic, observable, and built to survive audit.
// Transaction lifecycle [ingress] → POST /api/v1/transactions │ ├─→ [3WM] validate(po, gr, inv) │ └─ variance ≤ tolerance ✓ │ ├─→ [GhostHunter] score(vendor, pattern) │ └─ risk_score < threshold ✓ │ └─→ [Audit] emit(event, sha256) └─ ledger.append + s3.put ✓ → result: APPROVED · 218ms · signed
This visual control plane is wired directly into the production engine. All metrics, ledger events, and risk signals stream from /api/v1.