TreeChain Plugin Developer Kit

Quick Start

Get TreeChain encryption running in your WordPress site in under five minutes. You need a TreeChain API key (free at your portal) and WordPress 6.0 or later.

1. Install the Core Plugin

Download TreeChain Core from the Plugin Marketplace, or install via WP-CLI:

bashwp plugin install treechain-core --activate

Or install manually by uploading the ZIP file through Plugins → Add New → Upload Plugin in your WordPress admin.

2. Configure Your API Key

Add your API key to wp-config.php. This key authenticates every encryption and decryption request.

php// wp-config.php
define( 'TREECHAIN_API_KEY', 'tc_live_your_api_key_here' );
define( 'TREECHAIN_ENDPOINT', 'https://api.treechain.ai/v2' ); // optional, defaults to production

Alternatively, go to Settings → TreeChain in your WordPress admin and paste your API key there.

3. Your First Encryption Call

Once the plugin is active and configured, you can encrypt any string from PHP:

php<?php
// Encrypt a string
$plaintext  = 'Sensitive patient data that needs protection';
$encrypted  = treechain_encrypt( $plaintext );

// $encrypted now contains steganographic poetry text
// e.g. "The morning dew glistens upon the ancient willow..."

// Decrypt it back
$decrypted  = treechain_decrypt( $encrypted );
// $decrypted === $plaintext

That is it. The plugin handles authentication, key rotation, and encoding format under the hood. Every call is a round-trip to your TreeChain node (or the shared network for free-tier keys).

API Reference

All endpoints accept JSON payloads and return JSON responses. Authenticate via the X-TreeChain-Key header or the WordPress plugin's built-in auth layer.

Encrypt

POST /v2/encrypt

Encrypt Plaintext

Transforms plaintext into steganographic ciphertext. Supports text up to 50 KB per request.

request{
  "plaintext": "string — required, the content to encrypt",
  "language": "string — optional, output language (en, ja, ar, zh, es). Default: en",
  "format":   "string — optional, poetry | prose | haiku. Default: poetry",
  "key_id":   "string — optional, specific encryption key. Default: active key"
}

response 200{
  "ciphertext": "The morning dew glistens upon the ancient willow...",
  "key_id":     "k_abc123",
  "format":     "poetry",
  "language":   "en",
  "byte_count": 284,
  "ts":         "2026-03-13T12:00:00Z"
}

Decrypt

POST /v2/decrypt

Decrypt Ciphertext

Reverses steganographic encoding to recover the original plaintext.

request{
  "ciphertext": "string — required, the steganographic text",
  "key_id":     "string — optional, decryption key. Default: auto-detect"
}

response 200{
  "plaintext":  "Sensitive patient data that needs protection",
  "key_id":     "k_abc123",
  "byte_count": 46,
  "ts":         "2026-03-13T12:00:00Z"
}

Key Management

POST /v2/keys

Create Encryption Key

Generate a new post-quantum encryption key pair. Previous keys remain active for decryption.

request{
  "label":   "string — optional, human-readable label",
  "algo":    "string — optional, kyber1024 | kyber768. Default: kyber1024"
}

response 201{
  "key_id":     "k_def456",
  "label":      "production-2026-q1",
  "algo":       "kyber1024",
  "created_at": "2026-03-13T12:00:00Z",
  "active":     true
}

GET /v2/keys

List Keys

Returns all encryption keys for your account, including rotation history.

response 200{
  "keys": [
    { "key_id": "k_def456", "label": "production-2026-q1", "algo": "kyber1024", "active": true,  "created_at": "..." },
    { "key_id": "k_abc123", "label": "production-2025-q4", "algo": "kyber1024", "active": false, "created_at": "..." }
  ]
}

DELETE /v2/keys/{key_id}

Revoke Key

Permanently revokes an encryption key. Data encrypted with this key will become unrecoverable. This action cannot be undone.

response 200{
  "key_id":     "k_abc123",
  "revoked":    true,
  "revoked_at": "2026-03-13T12:00:00Z"
}

Live Cipher Output — See What Polyglottal Encryption Produces

Type any plaintext below and hit Run Encryption to see real glyph output from the TreeChain API. This calls the public challenge endpoint — no API key required.

Glyph Output

Glyphs will appear here after encryption

Each encryption produces completely different glyphs — try running it twice with the same input. The output is non-deterministic polyglottal Unicode, meaning identical plaintext never produces the same ciphertext.

WordPress Hooks & Filters

TreeChain Core exposes WordPress-native hooks and filters so you can integrate encryption into any workflow without modifying plugin source code.

treechain_before_encrypt

Action. Fires before plaintext is sent to the API. Receives $plaintext and $context array.

treechain_after_encrypt

Action. Fires after successful encryption. Receives $ciphertext, $key_id, and $context.

treechain_before_decrypt

Action. Fires before ciphertext is sent for decryption. Receives $ciphertext and $context.

treechain_after_decrypt

Action. Fires after successful decryption. Receives $plaintext, $key_id, and $context.

treechain_encrypt_format

Filter. Modify the output format before encryption. Return poetry, prose, or haiku.

treechain_encrypt_language

Filter. Override the output language. Return a language code (en, ja, ar, etc.).

treechain_api_headers

Filter. Modify HTTP headers sent to the TreeChain API. Useful for adding custom tracking headers.

treechain_should_encrypt

Filter. Return false to skip encryption for specific content. Receives $should_encrypt, $plaintext, and $context.

PHP Examples

Encrypt a Custom Post Meta Field

php<?php
/**
 * Automatically encrypt the 'ssn' meta field on save.
 */
add_action( 'save_post', function( $post_id ) {
    if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) return;

    $ssn = get_post_meta( $post_id, 'ssn_raw', true );
    if ( empty( $ssn ) ) return;

    $encrypted = treechain_encrypt( $ssn );
    update_post_meta( $post_id, 'ssn_encrypted', $encrypted );
    delete_post_meta( $post_id, 'ssn_raw' );
});

Decrypt on Display with Access Control

php<?php
/**
 * Show decrypted SSN only to users with 'manage_options' capability.
 */
function display_ssn( $post_id ) {
    $encrypted = get_post_meta( $post_id, 'ssn_encrypted', true );
    if ( empty( $encrypted ) ) return '—';

    if ( current_user_can( 'manage_options' ) ) {
        return treechain_decrypt( $encrypted );
    }

    return '***-**-' . substr( treechain_decrypt( $encrypted ), -4 );
}

Bulk Encrypt WooCommerce Order Notes

php<?php
/**
 * Encrypt customer-facing order notes at creation time.
 */
add_action( 'woocommerce_new_customer_note', function( $data ) {
    $note_id   = $data['order_note_id'];
    $note_text = $data['customer_note'];

    if ( ! empty( $note_text ) ) {
        global $wpdb;
        $encrypted = treechain_encrypt( $note_text );
        $wpdb->update(
            $wpdb->prefix . 'comments',
            [ 'comment_content' => $encrypted ],
            [ 'comment_ID' => $note_id ]
        );
    }
});

Conditional Encryption via Filter

php<?php
/**
 * Skip encryption for content shorter than 10 characters.
 */
add_filter( 'treechain_should_encrypt', function( $should, $plaintext, $context ) {
    if ( strlen( $plaintext ) < 10 ) {
        return false;
    }
    return $should;
}, 10, 3 );

Custom Language per Post Type

php<?php
/**
 * Output Japanese poetry for posts in the 'haiku_journal' post type.
 */
add_filter( 'treechain_encrypt_language', function( $lang ) {
    if ( get_post_type() === 'haiku_journal' ) {
        return 'ja';
    }
    return $lang;
});

Rate Limits

Rate limits are applied per API key. Exceeding your tier limit returns 429 Too Many Requests with a Retry-After header.

Tier	Requests / Minute	Max Payload	Keys	Price
Free	30	10 KB	1	$0
Pro	300	50 KB	10	$29/mo
Business	3,000	50 KB	100	$149/mo
Enterprise	Unlimited	Custom	Unlimited	Custom

Need higher limits? Contact us about a dedicated TreeChain node with no rate limits.

Support

Need Help?

For integration questions, bug reports, or security disclosures, reach the TreeChain engineering team directly.

security@treechain.ai

TreeChain Developer Kit