Receipt conformance · three byte-equal implementations

The receipt is a spec.
Rust, Python, and Go each produce the same bytes.

The JouleClaw receipt — cascade-walk or policy-decision — is canonical det-CBOR (RFC 8949 §4.2.1) sealed in a COSE_Sign1 envelope (RFC 9052, EdDSA). Three reference implementations agree byte-for-byte on every vector below. That’s the contract that makes “receipt” a noun a third party can verify, not a format we promise to keep stable.

Rust producer
jouleclaw-policy-receipt
canonical_signed_core + cose_sign1_envelope; in-tree regression test asserts byte-equal against the vectors below.
Python verifier
verify.py
cbor2 + cryptography. Re-encodes the canonical core, signs a fresh envelope under the same seed, asserts byte-equal.
Go verifier
verify.go
Stdlib only, no go.mod required. From-scratch CBOR encoder + COSE reader + crypto/ed25519.

Two receipt families. One envelope.

The cascade receipt (schema "1") and the policy receipt (schema "policy/1") are siblings. Same canonical CBOR rules. Same COSE_Sign1 envelope. Same steward identity. The wire payload differs. Both write into the same JSONL “unified log”; readers dispatch on the jc_receipt tag.

Cascade receipt (§2)
jc_receipt: "1"

One per cascade walk. Carries input_hash, tier, joules_uj, tools_touched, claims, citations, model_id, intent. The thermodynamic record of one resolution.

Policy receipt (§10)
jc_receipt: "policy/1"

One per policy evaluation. Carries agent, action, decision, audit_sequence, policy_version. The auditable record of one deny-by-default check.

Policy-receipt vectors

Three canonical vectors across the policy-decision space — Allow with a named rule, Explicit deny with a named rule, and No-matching-allow (deny-by-default). Pick a tab; the receipt JSON, the canonical signed-core CBOR hex, and the COSE_Sign1 envelope hex below are the exact bytes all three implementations produce.

Description

Allow — filesystem read of a workspace file under the read-workspace rule.

Receipt JSON
{
  "action": {
    "kind": "filesystem",
    "mode": "read",
    "path": "/workspace/notes.md"
  },
  "agent": "did:key:zAlpha",
  "audit_sequence": 1,
  "closed_at": "2026-06-02T12:00:00Z",
  "decision": {
    "kind": "allow",
    "rule": "read-workspace"
  },
  "engine_id": "engine-A",
  "id": "polrcpt-0001",
  "jc_receipt": "policy/1",
  "policy_version": 1,
  "steward": "did:keri:EJ9testStewardAID000000000000000"
}
Canonical signed-core CBOR (hex)
aa6269646c706f6c726370742d30303031656167656e746e6469643a6b65793a7a416c70686166616374696f6ea3646b696e646a66696c6573797374656d646d6f646564726561646470617468732f776f726b73706163652f6e6f7465732e6d64677374657761726478296469643a6b6572693a454a397465737453746577617264414944303030303030303030303030303030686465636973696f6ea2646b696e6465616c6c6f776472756c656e726561642d776f726b737061636569636c6f7365645f617474323032362d30362d30325431323a30303a30305a69656e67696e655f696468656e67696e652d416a6a635f7265636569707468706f6c6963792f316e61756469745f73657175656e6365016e706f6c6963795f76657273696f6e01
COSE_Sign1 envelope (hex)
d284582fa201270458296469643a6b6572693a454a397465737453746577617264414944303030303030303030303030303030a0590123aa6269646c706f6c726370742d30303031656167656e746e6469643a6b65793a7a416c70686166616374696f6ea3646b696e646a66696c6573797374656d646d6f646564726561646470617468732f776f726b73706163652f6e6f7465732e6d64677374657761726478296469643a6b6572693a454a397465737453746577617264414944303030303030303030303030303030686465636973696f6ea2646b696e6465616c6c6f776472756c656e726561642d776f726b737061636569636c6f7365645f617474323032362d30362d30325431323a30303a30305a69656e67696e655f696468656e67696e652d416a6a635f7265636569707468706f6c6963792f316e61756469745f73657175656e6365016e706f6c6963795f76657273696f6e015840eceb966d0bc3b90faa8ea33442a846712c66c995450125e1d71b709f24dea47e9fcabb1ad9b7eb110572ecf24b745b15dc20fb1399643167ee4d96d13ea4dc06

Reproduce

Every vector is signed under one published Ed25519 test key. Same seed as the JCR-1 cascade-receipt vectors, so a third party can cross-validate both receipt families with one key.

Algorithm
EdDSA (-8)
Steward (kid)
did:keri:EJ9testStewardAID000000000000000
Ed25519 public key (hex)
03a107bff3ce10be1d70dd18e74bc09967e4d6309ba50d5f1ddc8664125531b8
Seed (hex) — TEST KEY ONLY
000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
verify.py
Python reference verifier →
python3 verify.py vectors-policy.json
verify.go
Go reference verifier →
go run verify.go vectors-policy.json
Normative spec

The wire shape and the COSE_Sign1 envelope rules are defined in SPEC.md §2 (cascade receipt), §7 (versioning), §8 (agent identity), §9 (policy engine), and §10 (policy receipt).