· authenticity & anti-counterfeit · canonical reference · version 1.0

authenticity
& provenance.

Every SQUIZITO garment is paired one-to-one with a soulbound on-chain certificate on the Base network. This page is the canonical reference for the only on-chain identifiers SQUIZITO recognises as genuine. If anyone offers you a SQUIZITO piece that verifies against a different contract, a different ticker, or a different atelier vault address, it is not a SQUIZITO piece. These authenticity claims are independently verifiable on BaseScan at contract 0xd08eb1f150e3ed59A6FD14BfA3e76A8466e867Bd · ticker SQZT · Base chain ID 8453.

Recital · this page is the brand's public anti-counterfeit anchor. The values below are the definitive identifiers of the SQUIZITO on-chain registry. They override any other claim made on social media, in marketplaces, or by resellers.

· 01 · official on-chain identifiers

the only identifiers we recognise.

SQUIZITO's on-chain authenticity framework applies to every SQUIZITO release · current and future. Some identifiers below are brand-wide and never change. The contract address changes every time a new series opens · the currently-active series' contract is listed here and updated on this page at every launch.

Memorise these. Photograph them. Print them. If a piece you are about to buy does not match every one of them, walk away.

· brand-wide identifiers · the same for every SQUIZITO piece, every series, forever

· official ticker (ERC-721 symbol()) SQZT

· official chain Base (Ethereum L2 · mainnet chain ID 8453)

· official atelier vault (token owner of every authentic piece, every series) 0xD9834120665Bb1d8222Ec15e5aa8308621EdDaAE (dedicated cold-storage hardware wallet · holds DEFAULT_ADMIN_ROLE + ATELIER_ROLE across every series contract)

· token standards ERC-721 (provenance) + ERC-5192 (soulbound · non-transferable) + ERC-4906 (metadata-update events for revocation)

· legal entity behind the brand Vora S.r.l. · Milan, Italy · brand operator of SQUIZITO Atelier

· current series · these values rotate when a new series opens · this page is republished at every launch

· current series STRATA · Series I · 14 drops total · then this series locks forever and Series II opens with its own contract

· current series contract name (ERC-721 name()) Squizito · Strata · Series I

· current series mainnet contract 0xd08eb1f150e3ed59A6FD14BfA3e76A8466e867Bd · view on BaseScan ↗

· current series serial format SQZ-DDD-PPP (drop number 001..014 within this series · piece number 001..999 zero-padded)

Any contract on Base or any other chain with a different address, a different ticker, or a different atelier vault is not SQUIZITO, no matter how convincing the storefront, the brand name, or the Instagram handle around it. When a new series opens, the new contract address will appear on this page · the brand-wide ticker, vault, and chain remain unchanged.

· 02 · the four-anchor authenticity check

four checks · every load.

When you visit squizito.me/verify/SQZ-DDD-PPP the page does not "look up" your serial in a database we control. It performs four independent on-chain checks against the current series' contract address baked into this site. A serial is rendered authentic only when all four pass.

Ticker anchor. The page calls symbol() on the configured contract and compares the result to the official ticker SQZT. If a counterfeit contract returns anything else, the page refuses to render an authentic certificate and surfaces contract ticker mismatch.
Vault anchor. The page calls ownerOf(tokenId) on the contract and compares the returned address to the official atelier vault baked into the page config. If the token is held by anyone else, the page surfaces owner mismatch · this token is not held by the official SQUIZITO atelier vault.
Existence anchor. The page calls tokenURI(tokenId) and parses the returned JSON. If the token does not exist on this contract, the chain reverts and the page surfaces token does not exist on chain.
Card anchor (the load-bearing one). The page asks you to type the 16-character code from the sealed authenticity card inside your package. The contract stored keccak256(code) at mint time. The page ABI-encodes your code and calls verifySecret(tokenId, bytes) · the chain itself reports match or mismatch. A counterfeiter who copies the serial onto a fake t-shirt does not have the card; their fake cannot pass this check.

Only after all four anchors succeed does the page render the on-chain certificate as authentic. Any failure marks it counterfeit, card mismatch, or unreachable. The first three are sanity checks; the fourth is the cryptographic guarantee.

There is one further state: revoked. The atelier can flag a stolen or known-fake serial with an on-chain call · the certificate then renders with a red diagonal overlay and a "REVOKED" stamp, and the verify page surfaces the revocation reason. Revocation is not reversible without a deliberate reinstate call by the atelier.

· 03 · the authenticity card

the card is the proof.

Every SQUIZITO package contains a small black envelope, sealed with a single drop of acid-yellow wax stamped with the brand pictogram. The wax is the tamper-evidence: if the seal is intact when you receive the package, no one has read the contents. If the seal is broken on arrival, contact hello@squizito.me before scratching anything · the atelier can confirm and re-issue.

Inside the envelope is the authenticity card. It carries your serial on the front and the 16-character authenticity code on the back, printed in typewriter type · the same code the contract stored at mint time as a one-way hash. Type the code at squizito.me/verify and the chain confirms.

The card is the cryptographic proof of authenticity for this specific piece. Treat it the way you would treat the key to a safe-deposit box:

Keep it forever. A piece without its card cannot be re-verified.
If you resell, hand it to the next owner with the garment. Resale without the card forecloses the buyer's ability to check authenticity.
Don't photograph the code and don't share it. Anyone who has the code can pass the verify page's card check for that one piece. The wax-sealed envelope existed to protect this exact secret.
Lost or damaged? Email hello@squizito.me with your serial and proof of purchase · the atelier can re-derive the code from the per-drop master and re-issue a fresh card, up to three times per piece. Beyond three, the atelier revokes the token and re-mints a replacement at a new serial.

The atelier holds the master secret for each drop on an engraved stainless-steel plate stored offline, in the same safe-deposit box as the recovery phrase for the contract's signing wallet. The master is never digitised after mint and is never transmitted over a network. There is no plaintext copy of any card's code on any SQUIZITO server.

· 04 · verify a piece yourself

don't trust this page. verify independently.

The verify page is convenient · the chain is the source of truth. If you want to bypass squizito.me entirely and read the chain directly, the steps are public:

Open basescan.org.
Paste the current series contract address from section 01 into the search bar. Confirm the contract page shows Symbol = SQZT (the brand-wide ticker, identical for every SQUIZITO series) and the Token Name matching the value in section 01 for the current series.
Compute the token ID from your serial: drop number × 1000 + piece number. Example: serial SQZ-001-007 → tokenId 1007. Serial SQZ-014-100 → tokenId 14100.
In the BaseScan "Contract" tab → "Read Contract" → call ownerOf(tokenId). Confirm the returned address matches the official atelier vault in section 01.
Call tokens(tokenId) to see the structured token data: drop number, piece number, archive flag, revocation status, mint timestamp.
Call tokenURI(tokenId) to get the full on-chain metadata + SVG (it's a data: URL · paste it into the browser bar to render the certificate).

If every step matches the values in section 01, the piece is genuine. If even one diverges, it isn't.

· 05 · how counterfeiters might try to deceive

the four known plays.

Counterfeiters do not need to crack cryptography to fool a casual buyer. They need to make a shirt that looks right and a QR code that resolves to something that looks like an authenticity page. Here is what they try, and how the four-anchor check defeats each play.

Fake QR pointing at a fake verify site. A counterfeit shirt could carry a QR code that loads squizit0.me/verify/ or squizito-official.com/verify/ instead of the real domain. Defence: the only authoritative domain is squizito.me (and it shows the contract address in plain text on every verify page · cross-check it against this page).
Fake contract that impersonates ours. Anyone can deploy a contract on Base and name it "SQUIZITO" or "SQZTO" or "Squizito Atelier". They could even copy our SVG. Defence: the current series' contract address listed in section 01 is the only address the verify page queries, and it's immutable for the lifetime of that series. A fake contract has a different address · the BaseScan link will not match. The atelier vault address is brand-wide and identical for every series, so even a counterfeiter who deploys a "SQZT"-ticker contract cannot fake the vault check.
Fake contract that copies our ticker. A counterfeiter could set symbol() = "SQZT" on their own contract to pass the ticker anchor. Defence: the address still differs. Even if the ticker matches, the vault anchor (ownerOf(tokenId) must equal the official atelier vault) fails · the counterfeiter would have to compromise our cold wallet, which is held offline on a hardware key.
Fake screenshot of a verification page. A reseller could send you a JPEG of a green "authentic" banner instead of the live page. Defence: always open the verify link yourself, on your own device, after typing squizito.me/verify/<your serial> manually if you have any doubt. Never accept a screenshot as proof.

In every case the answer is the same: the address printed in section 01 is the only address that can produce a genuine SQUIZITO certificate. If your verification points at any other address · or no address at all · it is not us.

· 06 · the foundation archive piece

piece 003 never ships.

One piece of every drop is retained by the atelier and never sold: piece number 003, serial SQZ-DDD-003. It is the Foundation Series archive entry · hand-finished, double-signed by the winning artist and the atelier, paired with its soulbound on-chain twin, and sealed in the permanent archive. See the archive page for the 14-slot Foundation Series.

Authenticity implication: nobody can legitimately offer you piece 003 of any drop. If someone claims to be selling SQZ-001-003 or any SQZ-DDD-003, the offer is either a counterfeit, a scam, or a misdescription of a different piece. The verify page will still render SQZ-DDD-003 as authentic on-chain (the NFT exists), but it will also display the line "retained by atelier · not for sale" so the framing is unambiguous.

· 07 · when a piece is revoked

a revoked piece is not authentic.

If a piece is reported stolen, used to settle a counterfeit complaint, or otherwise compromised, the atelier can call revoke(tokenId, reason) on the contract. The token is not destroyed · it stays on-chain · but its metadata flips to Status: Revoked, the SVG renders with a red diagonal overlay and a "REVOKED" stamp, and the verify page surfaces the revocation reason.

Revocation is recorded forever in the contract's event log (ERC-4906 MetadataUpdate event). It can be reversed only by a deliberate reinstate call by the atelier, which is also recorded on-chain. Both actions are gated by the atelier's hardware-wallet-only ATELIER_ROLE.

Practical consequence: if your serial verifies as revoked, the piece is no longer recognised as authentic, regardless of how it physically appears. Contact the atelier (section 07) if you believe the revocation is in error.

· 08 · report a counterfeit

help us keep the registry clean.

If you encounter a SQUIZITO piece that fails any of the four anchors, or a marketplace listing that claims to be SQUIZITO without pointing at the official contract, send the details to hello@squizito.me. Include:

The serial printed on the care label (or photo of it).
The URL of the verify page you reached, if any.
The contract address the QR or listing resolves to, if you can read it.
The marketplace, seller, or social-media account where you found the piece.

We follow up on every report. Confirmed counterfeits are added to a public revocation list and the corresponding serials are revoked on-chain · any future verification on those serials will show revoked.

This page is updated on every change to the official identifiers (new mainnet deploy, new atelier vault rotation, new series). The "version" line at the top of the hero is the current canonical version. If the values you see here ever change without a published changelog at hello@squizito.me backing the change, something is wrong · do not act on it until you have written confirmation from the brand.