Developers

Receipts are structured evidence objects for AI workflows.

Everything the SDK writes, everything a bundle consumes. Fields are stable across SDK versions; new fields are additive.

Fields
FieldTypePurpose
receipt_idstringContent-addressed hash of the signed payload.
actionstringThe consequential action: loan.approved, claim.denied, refund.issued.
modelobjectid, version, config — identifies the acting system.
input_hashstringHash of the bound input. Does not leak content.
output_hashstringHash of the emitted output.
policy_refstringIdentifier of the binding policy at action time.
controlsarrayList of control checks and whether each fired.
human_reviewobjectrequired, status, reviewer — the oversight record.
signerstringKey that signed this receipt.
signed_atiso8601Timestamp of signature.
prev_hashstringPrior receipt hash. Preserves chronology.
verdictstringThe action's outcome.
Verification

Verify locally. No BLKBXS call required.

  1. 01Fetch the receipt by ID.
  2. 02Recompute the payload hash.
  3. 03Verify the signature against the signer key.
  4. 04Walk prev_hash back through the chain.
  5. 05Emit VALID or INVALID.
import { verify } from "@blkbxs/sdk";

const result = await verify(receipt);
if (result.status !== "VALID") {
  throw new Error("Receipt tampered");
}