Atestaria é o protocolo de autenticidade que prova quem criou o quê e quando — de um jeito que ninguém consegue falsificar, nem com IA, nem com computadores quânticos do futuro.
Trust Center · Layout study

How we decided what "credible" looks like

The published rationale behind the Atestaria Trust Center layout — the research we drew from and the six principles we applied across every public page.

A short, opinionated synthesis of UX research on credibility, applied to the Veritas

public surface (Trust Center, Status, Bug Bounty, Governance pages, homepage).

This document is the rationale referenced from `/trust` and from the project task

that unified the layout.

Sources we drew from

  • Stanford Web Credibility Project — *Guidelines for Web Credibility* (B. J. Fogg et al.) — the

canonical study showing that visual design is the #1 driver of trust judgements

(46% of users cited "design look" as the top reason a site felt credible).

  • Nielsen Norman Group — *Trustworthiness in Web Design: 4 Credibility Factors*

(Loranger / Sherwin) and *Trust Patterns for Financial Sites*.

  • BJ Fogg — *Stanford Persuasive Technology Lab Captology* — "presumed credibility"

vs. "earned credibility" framework.

  • Google PAIR Guidebook — *Explainability and Trust* (for the AI-provenance pages).
  • WCAG 2.2 AA — credibility and accessibility are entangled: failed contrast and

motion abuse are read as "amateur" by users in eye-tracking studies.

  • Industry references: Stripe, Cloudflare, Vercel, Plaid, GOV.UK, Let's Encrypt,

Linear, Anthropic. Studied for hierarchy, density, and trust microcopy.

What the research consistently finds

1. **Visual coherence beats decoration.** A user who navigates from the homepage to

the Trust Center and lands on a page that looks like a different product loses

trust faster than they would have gained from any compliance badge. Same fonts,

same spacing, same chrome — *especially* on the page that tries to prove

trustworthiness.

2. **Respect for the eye.** Generous whitespace, a single dominant column for prose

(60–80 characters per line), and clear typographic hierarchy (one H1, restrained

H2s) score higher than dense corporate "wall of text" pages — even when the

content is identical.

3. **Show your work, don't claim it.** Live, dated, link-out-to-evidence numbers

("99.997% uptime, last 30 days, source: /v1/sla/status") consistently score

higher than static badges ("ENTERPRISE GRADE!"). Verifiability is the trust

substrate, not the marketing copy.

4. **Calm motion, not flashy motion.** Subtle, slow animations (a 60-second globe

rotation, a 2-second pulse) read as "alive and operating". Fast, attention-

grabbing motion reads as advertising and *reduces* credibility. Always honor

`prefers-reduced-motion`.

5. **Honest microcopy.** "In progress — Q1 2027 audit window active" beats

"COMPLIANT" in studies of perceived honesty. Users have learned to discount

superlatives; specific, falsifiable statements raise credibility.

6. **Contact is a trust signal.** A clear, real, monitored contact path

(`[email protected]`, `security.txt`) on every Trust Center page measurably

increases willingness to share data.

The 6 principles we applied

These are the design rules that drove the pass on `/trust`, `/trust/security`,

`/trust/governance/*`, `/status`, `/trust/bounty` and the homepage hero.

1. **One Veritas, one chrome.** Every public page renders through the same base

template (`get_base_page`) — same navbar, same footer, same dark Veritas

palette, same Inter typography. No more white-background islands.

2. **Quiet hierarchy.** One bold H1 per page. H2 acts as a section divider with

a thin border, never a heavy bar. Body text holds 60–80 characters per line.

3. **Cards over walls.** Long paragraphs get broken into small cards (the existing

`var(--bg-card)` surface). Each card has one idea and at most one link out.

4. **Live numbers, sourced.** Every metric on the Trust Center carries the

timeframe and the JSON endpoint that produced it, so a skeptical reader can

verify in a click. No unsourced superlatives.

5. **Calm motion, opt-out by default.** New motion (the homepage globe) rotates

slowly, has a static fallback for `prefers-reduced-motion` and for devices

without WebGL, and is lazy-loaded so it never blocks the LCP.

6. **Plain contact, every page.** Security / privacy / legal mailboxes are

reachable from the Trust Center footer block in one click on every Trust

Center page.

How we measure it (going forward)

  • Lighthouse: contrast and accessibility scores ≥ 95 on all Trust pages.
  • Manual: navigate / → /trust → /trust/security → /status and confirm

there is no visual "jump" between pages.

  • Anchor every published number to a JSON URL the reader can open.
  • Re-read this document when the next public surface is added; if it feels off,

the principle, not the page, is what should be challenged.

Back to the Trust Center
Autêntico. Auditável. À prova do tempo.
Atestaria é o protocolo de autenticidade que prova quem criou o quê e quando — de um jeito que ninguém consegue falsificar, nem com IA, nem com computadores quânticos do futuro.