dev.cocore.compute.receipt

cocore.dev 

{
  "id": "dev.cocore.compute.receipt",
  "defs": {
    "main": {
      "key": "tid",
      "type": "record",
      "record": {
        "type": "object",
        "required": [
          "job",
          "requester",
          "model",
          "inputCommitment",
          "outputCommitment",
          "tokens",
          "startedAt",
          "completedAt",
          "price",
          "attestation",
          "enclaveSignature"
        ],
        "properties": {
          "job": {
            "ref": "com.atproto.repo.strongRef",
            "type": "ref",
            "description": "Strong-ref to the requester's dev.cocore.compute.job record."
          },
          "model": {
            "type": "string",
            "maxLength": 256
          },
          "price": {
            "ref": "dev.cocore.compute.defs#money",
            "type": "ref",
            "description": "MUST be <= job.priceCeiling. Currency MUST match job.priceCeiling.currency."
          },
          "params": {
            "ref": "#generationParams",
            "type": "ref",
            "description": "Optional record of the sampling parameters the provider committed to for this job. Integer-only (canonical JSON forbids floats): temperature/top_p are carried as integer milliunits. Covered by enclaveSignature, so a requester can prove the provider claimed these settings."
          },
          "tokens": {
            "ref": "dev.cocore.compute.defs#tokenCounts",
            "type": "ref"
          },
          "requester": {
            "type": "string",
            "format": "did",
            "description": "DID of the requester. Denormalized from the job record for indexer convenience; MUST equal the DID owning the job record."
          },
          "startedAt": {
            "type": "string",
            "format": "datetime"
          },
          "attestation": {
            "ref": "com.atproto.repo.strongRef",
            "type": "ref",
            "description": "Strong-ref to a dev.cocore.compute.attestation record published by this provider. completedAt MUST fall within [attestedAt, expiresAt] of that attestation."
          },
          "completedAt": {
            "type": "string",
            "format": "datetime"
          },
          "inputCommitment": {
            "type": "string",
            "maxLength": 64,
            "minLength": 64,
            "description": "MUST equal job.inputCommitment."
          },
          "outputCipherURL": {
            "type": "string",
            "format": "uri",
            "description": "Optional URL where the encrypted output lives."
          },
          "enclaveSignature": {
            "type": "bytes",
            "maxLength": 256,
            "description": "Secure Enclave P-256 signature (DER) over a sorted-key canonical JSON of every other field in this record. Verified against the publicKey of the strong-reffed attestation. This binding survives PDS migration: the repo-commit signature changes when keys rotate, but the enclaveSignature does not."
          },
          "outputCommitment": {
            "type": "string",
            "maxLength": 64,
            "minLength": 64,
            "description": "SHA-256 hex over the plaintext output bytes — the decrypted result the requester receives. (The earlier 'encrypted output' wording was a doc error; the provider has always committed to the plaintext, which is what a requester can verify after decrypting. Use outputCipherCommitment to commit to the encrypted bytes on the wire.)"
          },
          "outputCipherCommitment": {
            "type": "string",
            "maxLength": 64,
            "minLength": 64,
            "description": "Optional SHA-256 hex over the EXACT encrypted bytes delivered to the requester (the sealed reply). Lets a requester confirm the ciphertext they received is the one the provider's enclaveSignature commits to — defends against an intermediary swapping the delivered bytes. Covered by enclaveSignature like every other field."
          }
        }
      }
    },
    "generationParams": {
      "type": "object",
      "properties": {
        "seed": {
          "type": "integer",
          "description": "RNG seed, when the provider ran with a fixed seed (enables reproducibility claims)."
        },
        "maxTokens": {
          "type": "integer",
          "minimum": 0,
          "description": "Max output tokens requested for this job."
        },
        "topPMilli": {
          "type": "integer",
          "maximum": 1000,
          "minimum": 0,
          "description": "Nucleus sampling top_p × 1000 (e.g. 0.95 -> 950). Omitted when the provider used the model default."
        },
        "temperatureMilli": {
          "type": "integer",
          "minimum": 0,
          "description": "Sampling temperature × 1000 (e.g. 0.7 -> 700). Omitted when the provider used the model default."
        }
      },
      "description": "Sampling parameters committed to in a receipt. Integer-only because the canonical signing form forbids floats — temperature and top_p are carried as milliunits (value × 1000, e.g. temperature 0.7 -> 700)."
    }
  },
  "$type": "com.atproto.lexicon.schema",
  "lexicon": 1,
  "description": "A signed receipt of a single completed compute job. Published by the provider in its own repo. Strong-refs the requester's job and the active attestation. Carries an additional Secure-Enclave-bound signature so it remains verifiable across PDS migrations."
}

Validate Record

Validate a record against dev.cocore.compute.receipt

Validation Options
Automatically resolve and include external schemas for full validation
Treat any remaining unresolved references as valid

Metadata

DID
did:plc:5quuhkmwe2q4k3azfsgg7kdz
CID
bafyreifmosc6lhkprg4vj23rg3yskaepvbixmxp3fcskxpmo4rc2a4r7rq
Indexed At
2026-06-17 21:16 UTC
AT-URI
at://did:plc:5quuhkmwe2q4k3azfsgg7kdz/com.atproto.lexicon.schema/dev.cocore.compute.receipt

Referenced Schemas (2)

Lexicon Garden

@