Documentation
Receipts mints a tamper-evident record of an AI agent's action — proof of what it did that anyone can verify and no one else can read.
1. What a receipt is
A glass receipt commits to an action through a one-way hash and signs it. Anyone holding the receipt can prove the action happened and was not altered — without seeing the action itself. The content is never inside the receipt and is never stored by us.
2. The schema
A receipt is a small, signed JSON object:
{
"v": "receipts-1",
"id": "e00ae2f6-8a8f-4fa5-a135-daf5d9e2f41a",
"ts": "2026-06-19T13:21:10.723Z",
"model": "deepseek/deepseek-chat",
"content_hash": "9813f...e6d4", // SHA-256 of { request, response }
"sig": "kXjQ...Az6A" // Ed25519 over the receipt
}| Field | Meaning |
|---|---|
| content_hash | SHA-256 commitment to the action. One-way — the content cannot be recovered from it. |
| sig | Ed25519 signature over the receipt, proving it is genuine and unaltered. |
| model | Which model produced the action. |
| ts / id | When the action happened, and a unique identifier. |
3. Verify a receipt
Send a receipt to the verifier. It confirms the signature without needing the content:
curl -s https://crestsystems.ai/api/receipts/verify \
-H 'content-type: application/json' \
-d '{ "receipt": { ...the receipt... } }'
# → { "valid": true, "reason": "genuine and untampered", "integrity": true }To also prove a receipt matches a specific piece of content, include it. If a single character differs, the check fails:
-d '{ "receipt": {...}, "content": { "request": "...", "response": "..." } }'
# → { "valid": false, "reason": "genuine receipt, but the content does not match it" }You can also verify entirely offline. Fetch the public key and check the signature yourself:
GET https://crestsystems.ai/api/pubkey
# → { "alg": "ed25519", "public_key": "-----BEGIN PUBLIC KEY-----..." }4. The model: out of path
Receipts runs beside your agent, never in front of it. Your agent calls your own models with your own keys, exactly as it does today. The integration hashes each action locally and sends us only the receipt — never the content, your code, or your credentials.
This is deliberate. It means we cannot leak what we never receive, there is no key for us to custody, and your inference path is untouched. Proof, without a middleman in your traffic.
5. Try it
The fastest way to understand it is to watch it work. The live demo runs a real agent action, mints a receipt over it, and lets you tamper with the result to see the proof catch it.
6. Pricing
Integration and verification are free to start. Paid tiers cover verification at scale, longer retention, and the audit export for compliance regimes such as the EU AI Act. You never pay to keep your own data private — that is the default.
Building on Receipts? Email andy@crestsystems.ai. Crest Deployment Systems LLC. · Privacy · Terms