dev.cocore.compute.receipt
Schema Diff
+27 -0
Compatibility Analysis
Breaking Changes Detected
6 breaking changes, 10 non-breaking changes.
Breaking Changes (6)
- ConstraintAdded ConstraintAdded { vertex_id: "dev.cocore.compute.receipt:body.reasoningCommitment", sort: "maxLength", value: "64" }
- ConstraintAdded ConstraintAdded { vertex_id: "dev.cocore.compute.receipt:body.reasoningCommitment", sort: "minLength", value: "64" }
- ConstraintAdded ConstraintAdded { vertex_id: "dev.cocore.compute.receipt:body.sessionKeyCommitment", sort: "maxLength", value: "64" }
- ConstraintAdded ConstraintAdded { vertex_id: "dev.cocore.compute.receipt:body.sessionKeyCommitment", sort: "minLength", value: "64" }
- ConstraintAdded ConstraintAdded { vertex_id: "dev.cocore.compute.receipt:body.sessionNonce", sort: "maxLength", value: "64" }
- ConstraintAdded ConstraintAdded { vertex_id: "dev.cocore.compute.receipt:body.sessionNonce", sort: "minLength", value: "32" }
Non-Breaking Changes (10)
- AddedVertex AddedVertex { vertex_id: "dev.cocore.compute.receipt:body.proBono" }
- AddedVertex AddedVertex { vertex_id: "dev.cocore.compute.receipt:body.reasoningCommitment" }
- AddedVertex AddedVertex { vertex_id: "dev.cocore.compute.receipt:body.sessionKeyCommitment" }
- AddedVertex AddedVertex { vertex_id: "dev.cocore.compute.receipt:body.sessionNonce" }
- AddedVertex AddedVertex { vertex_id: "dev.cocore.compute.receipt:body.tier" }
- AddedEdge AddedEdge { src: "dev.cocore.compute.receipt:body", tgt: "dev.cocore.compute.receipt:body.proBono", kind: "prop", name: Some("proBono") }
- AddedEdge AddedEdge { src: "dev.cocore.compute.receipt:body", tgt: "dev.cocore.compute.receipt:body.reasoningCommitment", kind: "prop", name: Some("reasoningCommitment") }
- AddedEdge AddedEdge { src: "dev.cocore.compute.receipt:body", tgt: "dev.cocore.compute.receipt:body.sessionKeyCommitment", kind: "prop", name: Some("sessionKeyCommitment") }
- AddedEdge AddedEdge { src: "dev.cocore.compute.receipt:body", tgt: "dev.cocore.compute.receipt:body.sessionNonce", kind: "prop", name: Some("sessionNonce") }
- AddedEdge AddedEdge { src: "dev.cocore.compute.receipt:body", tgt: "dev.cocore.compute.receipt:body.tier", kind: "prop", name: Some("tier") }
Migration Guidance
Added Elements
AddedVertex { vertex_id: "dev.cocore.compute.receipt:body.proBono" }AddedVertex { vertex_id: "dev.cocore.compute.receipt:body.reasoningCommitment" }AddedVertex { vertex_id: "dev.cocore.compute.receipt:body.sessionKeyCommitment" }AddedVertex { vertex_id: "dev.cocore.compute.receipt:body.sessionNonce" }AddedVertex { vertex_id: "dev.cocore.compute.receipt:body.tier" }
Constraint Changes
- ConstraintAdded ConstraintAdded { vertex_id: "dev.cocore.compute.receipt:body.sessionKeyCommitment", sort: "maxLength", value: "64" }
- ConstraintAdded ConstraintAdded { vertex_id: "dev.cocore.compute.receipt:body.sessionKeyCommitment", sort: "minLength", value: "64" }
- ConstraintAdded ConstraintAdded { vertex_id: "dev.cocore.compute.receipt:body.reasoningCommitment", sort: "minLength", value: "64" }
- ConstraintAdded ConstraintAdded { vertex_id: "dev.cocore.compute.receipt:body.reasoningCommitment", sort: "maxLength", value: "64" }
- ConstraintAdded ConstraintAdded { vertex_id: "dev.cocore.compute.receipt:body.sessionNonce", sort: "minLength", value: "32" }
- ConstraintAdded ConstraintAdded { vertex_id: "dev.cocore.compute.receipt:body.sessionNonce", sort: "maxLength", value: "64" }
Additional Notes
- Non-breaking: AddedEdge { src: "dev.cocore.compute.receipt:body", tgt: "dev.cocore.compute.receipt:body.proBono", kind: "prop", name: Some("proBono") }
- Non-breaking: AddedEdge { src: "dev.cocore.compute.receipt:body", tgt: "dev.cocore.compute.receipt:body.reasoningCommitment", kind: "prop", name: Some("reasoningCommitment") }
- Non-breaking: AddedEdge { src: "dev.cocore.compute.receipt:body", tgt: "dev.cocore.compute.receipt:body.sessionKeyCommitment", kind: "prop", name: Some("sessionKeyCommitment") }
- Non-breaking: AddedEdge { src: "dev.cocore.compute.receipt:body", tgt: "dev.cocore.compute.receipt:body.sessionNonce", kind: "prop", name: Some("sessionNonce") }
- Non-breaking: AddedEdge { src: "dev.cocore.compute.receipt:body", tgt: "dev.cocore.compute.receipt:body.tier", kind: "prop", name: Some("tier") }
1
1
{
2
2
"id": "dev.cocore.compute.receipt",
3
3
"defs": {
4
4
"main": {
5
5
"key": "tid",
6
6
"type": "record",
7
7
"record": {
8
8
"type": "object",
9
9
"required": [
10
10
"job",
11
11
"requester",
12
12
"model",
13
13
"inputCommitment",
14
14
"outputCommitment",
15
15
"tokens",
16
16
"startedAt",
17
17
"completedAt",
18
18
"price",
19
19
"attestation",
20
20
"enclaveSignature"
21
21
],
22
22
"properties": {
23
23
"job": {
24
24
"ref": "com.atproto.repo.strongRef",
25
25
"type": "ref",
26
26
"description": "Strong-ref to the requester's dev.cocore.compute.job record."
27
27
},
28
+
"tier": {
29
+
"ref": "dev.cocore.compute.defs#tier",
30
+
"type": "ref",
31
+
"description": "The confidentiality tier this job actually ran under. Set by the provider to `attested-confidential` only when the input was sealed to a verified, enclave-bound ephemeral session key AND served by a measured native engine under a hardware-attested posture; otherwise `best-effort`. A requester recomputes this from the receipt's attestation + sessionKeyCommitment rather than trusting the field. Optional / additive; absent equivalent to `best-effort`."
32
+
},
28
33
"model": {
29
34
"type": "string",
30
35
"maxLength": 256
31
36
},
32
37
"price": {
33
38
"ref": "dev.cocore.compute.defs#money",
34
39
"type": "ref",
35
40
"description": "MUST be <= job.priceCeiling. Currency MUST match job.priceCeiling.currency."
36
41
},
37
42
"params": {
38
43
"ref": "#generationParams",
39
44
"type": "ref",
40
45
"description": "Optional record of the sampling parameters the provider committed to for this job. Integer-only (canonical JSON forbids floats): temperature/top_p are carried as integer milliunits. Covered by enclaveSignature, so a requester can prove the provider claimed these settings."
41
46
},
42
47
"tokens": {
43
48
"ref": "dev.cocore.compute.defs#tokenCounts",
44
49
"type": "ref"
45
50
},
51
+
"proBono": {
52
+
"type": "boolean",
53
+
"description": "True when the provider served this job pro bono under its `dev.cocore.compute.provider.proBono` election — free, unmetered, no exchange cut. A pro-bono receipt MUST carry `price.amount: 0` and `tokens: { in: 0, out: 0 }`: the work is explicitly not counted, so neither figure is a billing claim. An exchange settling a `proBono: true` receipt takes no fee and moves no balance (`amountCharged`, `providerPayout`, and `exchangeFee` are all 0). Covered by `enclaveSignature` like every other field, so the carve-out is part of the signed, self-verifying record rather than an off-record side channel. Absent/false ≡ a normal metered, billable receipt. Optional / additive; pre-2026-06 readers ignore it and still see a well-formed zero-price receipt."
54
+
},
46
55
"requester": {
47
56
"type": "string",
48
57
"format": "did",
49
58
"description": "DID of the requester. Denormalized from the job record for indexer convenience; MUST equal the DID owning the job record."
50
59
},
51
60
"startedAt": {
52
61
"type": "string",
53
62
"format": "datetime"
54
63
},
55
64
"attestation": {
56
65
"ref": "com.atproto.repo.strongRef",
57
66
"type": "ref",
58
67
"description": "Strong-ref to a dev.cocore.compute.attestation record published by this provider. completedAt MUST fall within [attestedAt, expiresAt] of that attestation."
59
68
},
60
69
"completedAt": {
61
70
"type": "string",
62
71
"format": "datetime"
63
72
},
73
+
"sessionNonce": {
74
+
"type": "string",
75
+
"maxLength": 64,
76
+
"minLength": 32,
77
+
"description": "Optional lowercase hex of the fresh requester nonce that the ephemeral session key was bound to (the freshness challenge for this job). Pairs with sessionKeyCommitment. Covered by enclaveSignature."
78
+
},
64
79
"inputCommitment": {
65
80
"type": "string",
66
81
"maxLength": 64,
67
82
"minLength": 64,
68
83
"description": "MUST equal job.inputCommitment."
69
84
},
70
85
"outputCipherURL": {
71
86
"type": "string",
72
87
"format": "uri",
73
88
"description": "Optional URL where the encrypted output lives."
74
89
},
75
90
"enclaveSignature": {
76
91
"type": "bytes",
77
92
"maxLength": 256,
78
93
"description": "Secure Enclave P-256 signature (DER) over a sorted-key canonical JSON of every other field in this record. Verified against the publicKey of the strong-reffed attestation. This binding survives PDS migration: the repo-commit signature changes when keys rotate, but the enclaveSignature does not."
79
94
},
80
95
"outputCommitment": {
81
96
"type": "string",
82
97
"maxLength": 64,
83
98
"minLength": 64,
84
99
"description": "SHA-256 hex over the plaintext output bytes — the decrypted result the requester receives. (The earlier 'encrypted output' wording was a doc error; the provider has always committed to the plaintext, which is what a requester can verify after decrypting. Use outputCipherCommitment to commit to the encrypted bytes on the wire.)"
85
100
},
101
+
"reasoningCommitment": {
102
+
"type": "string",
103
+
"maxLength": 64,
104
+
"minLength": 64,
105
+
"description": "Optional SHA-256 hex over the plaintext reasoning ('thinking') output bytes the provider produced for this job, separate from outputCommitment which covers only the answer the requester acts on. Present only when the model emitted reasoning on a distinct channel (a sibling reasoning_content field, or inline <think>...</think> tags the provider split out). Lets a requester independently verify the reasoning trace without it perturbing the answer's commitment. Covered by enclaveSignature."
106
+
},
107
+
"sessionKeyCommitment": {
108
+
"type": "string",
109
+
"maxLength": 64,
110
+
"minLength": 64,
111
+
"description": "Optional SHA-256 hex over (ephemeralPubKey || sessionNonce) — the per-job ephemeral X25519 key the requester sealed the input to, bound to the request nonce. Present when the job ran under the forward-secret confidential handshake (the enclave minted a fresh ephemeral key, enclave-signed it against the requester's nonce, and the requester sealed to that key after verifying it). Lets a requester prove after the fact that its prompt was sealed to a key the measured enclave controlled for this job, not the long-lived encryptionPubKey. Covered by enclaveSignature."
112
+
},
86
113
"outputCipherCommitment": {
87
114
"type": "string",
88
115
"maxLength": 64,
89
116
"minLength": 64,
90
117
"description": "Optional SHA-256 hex over the EXACT encrypted bytes delivered to the requester (the sealed reply). Lets a requester confirm the ciphertext they received is the one the provider's enclaveSignature commits to — defends against an intermediary swapping the delivered bytes. Covered by enclaveSignature like every other field."
91
118
}
92
119
}
93
120
}
94
121
},
95
122
"generationParams": {
96
123
"type": "object",
97
124
"properties": {
98
125
"seed": {
99
126
"type": "integer",
100
127
"description": "RNG seed, when the provider ran with a fixed seed (enables reproducibility claims)."
101
128
},
102
129
"maxTokens": {
103
130
"type": "integer",
104
131
"minimum": 0,
105
132
"description": "Max output tokens requested for this job."
106
133
},
107
134
"topPMilli": {
108
135
"type": "integer",
109
136
"maximum": 1000,
110
137
"minimum": 0,
111
138
"description": "Nucleus sampling top_p × 1000 (e.g. 0.95 -> 950). Omitted when the provider used the model default."
112
139
},
113
140
"temperatureMilli": {
114
141
"type": "integer",
115
142
"minimum": 0,
116
143
"description": "Sampling temperature × 1000 (e.g. 0.7 -> 700). Omitted when the provider used the model default."
117
144
}
118
145
},
119
146
"description": "Sampling parameters committed to in a receipt. Integer-only because the canonical signing form forbids floats — temperature and top_p are carried as milliunits (value × 1000, e.g. temperature 0.7 -> 700)."
120
147
}
121
148
},
122
149
"$type": "com.atproto.lexicon.schema",
123
150
"lexicon": 1,
124
151
"description": "A signed receipt of a single completed compute job. Published by the provider in its own repo. Strong-refs the requester's job and the active attestation. Carries an additional Secure-Enclave-bound signature so it remains verifiable across PDS migrations."
125
152
}