Home
Reciprium Receipt Specification
Reciprium defines an open, versioned standard for cryptographically verifiable mutation records across infrastructure, data, access, configuration, and security workflows.
This site is the canonical guide for implementers, verifier authors, and auditors.
Why This Spec Exists
Most operational systems can tell you what happened, but not with a portable, cryptographically verifiable contract that survives tool boundaries.
Reciprium receipts provide:
- a stable envelope shared across languages and runtimes,
- explicit intent/subject/scope context,
- structured execution and verification evidence,
- signed integrity metadata for offline verification,
- optional chain-linking for tamper evidence over time.
Quick Start
- Read the model overview: Overview
- Understand the contract boundary: Envelope
- Implement signing correctly: Signatures
- Validate chain semantics: Hash Chain
- Integrate with your platform: Integration Guide
Documentation Map
- Overview
- Envelope
- Intent
- Execution
- Verification
- Signatures
- Hash Chain
- Extensions
- Versioning
- Integration Guide
- Schema and Artifact Reference
Core Artifacts
- JSON Schema root:
v1/schema/envelope.json - CDDL model:
v1/cddl/receipt.cddl - Protobuf schema:
v1/protobuf/receipt.proto - Interop vectors:
v1/test-vectors/signatures.json - Reference examples: Schema Reference -> Example receipts
See complete links and usage notes in Schema and Artifact Reference.
Minimal Validation Flow
# Validate CDDL source
cddl compile-cddl --cddl v1/cddl/receipt.cddl
# Validate all example receipts
for f in v1/examples/*.json; do
cddl validate --cddl v1/cddl/receipt.cddl --json "$f"
done
Interoperability Guarantees (v1)
signedContent.canonicalizationisjson-canonicalonly.- Canonicalization follows RFC 8785 JCS semantics.
signedContent.includesmapping and message construction are explicitly defined and deterministic.- Shared test vectors provide cross-language evidence for signature interoperability.
Governance
This is a standards repository, not an ad-hoc document dump. Normative changes follow the RFC flow in Contributing.