> ## Documentation Index
> Fetch the complete documentation index at: https://docs.prometheusprotocol.org/llms.txt
> Use this file to discover all available pages before exploring further.

# Discovery

> How to use the Prometheus App Store to find trusted services and evaluate their on-chain certificate of quality.

The Prometheus App Store is your central hub for discovering services to integrate with your AI agent. But it's more than just a search engine; it's a transparent, on-chain registry that allows you to verify the security and quality of any service before you use it.

### From Discovery to Certificate

After browsing the **[App Store](https://prometheusprotocol.org/audit)** and clicking on a service, you'll land on its App Info page. The most important feature here is the **Prometheus Certificate**, which you can access by clicking the "view certificate" link under the verification badge.

This certificate is the immutable, on-chain proof of the service's quality and security.

### Anatomy of a Prometheus Certificate

The certificate page provides a detailed breakdown of the service's audit results. Let's break down what you're seeing.

<Frame>
  <img src="https://mintcdn.com/portallabsinfrastructure/WXKyDhZxMVqjoozN/images/prometheus-certificate-page.png?fit=max&auto=format&n=WXKyDhZxMVqjoozN&q=85&s=f9550a797b6f103c86b18f69c49119c7" width="2868" height="1620" data-path="images/prometheus-certificate-page.png" />

  <figcaption>
    An example of a "Gold Verified" Prometheus Certificate.
  </figcaption>
</Frame>

When evaluating a certificate, focus on these key areas:

1. **Verification Tier:**
   The badge at the top represents the service's overall level of trust, based on the audits it has passed.
   * **Gold:** The highest tier. The service has a reproducible build and has passed all declarative audits, including App Information, Tools & Dependencies, and Data Safety.
   * **Silver:** A high level of trust. The service has a reproducible build and has passed audits for App Information and Tools & Dependencies.
   * **Bronze:** The foundational tier of trust. The service has a reproducible build and has passed the App Information audit.
   * **Unranked:** The service has not yet passed the minimum audits required for a Bronze tier.

2. **Audit Checklist:**
   This section shows the status of individual, declarative audits. A service must pass a specific combination of these to achieve a verification tier.
   * **Build Reproducibility:** Verifies that the deployed canister was built from the claimed source code. This is the cornerstone of on-chain trust and is required for any tier.
   * **App Information:** Confirms the accuracy of the app's name, description, and publisher details.
   * **Tools & Dependencies:** Verifies the tools, libraries, and dependencies used in the application.
   * **Data Safety:** Assesses how the application collects, uses, and shares user data.

3. **Cryptographic Provenance:**
   This is the core of the on-chain trust. It provides a verifiable link between the source code, the compiled code, and the running service.
   * **Wasm Hash:** The unique cryptographic fingerprint of the compiled code that was audited and deployed.
   * **Git Commit:** The specific commit hash from the source code repository that corresponds to the deployed Wasm. You can click **"View Commit on GitHub"** to inspect the exact source code that was audited.
   * **Canister ID:** The on-chain address of the live, running service.

A strong Prometheus Certificate, with a high verification tier and complete provenance data, is your guarantee that the service you're about to use is exactly what it claims to be.

***

After you've discovered a service and verified its trustworthiness, the next step is to connect to it. If the service requires payment or authentication, you'll need to generate credentials to connect.
