{
"id": "com.publicdomainrelay.temp.market.receipts.x402",
"defs": {
"main": {
"key": "tid",
"type": "record",
"record": {
"type": "object",
"required": [
"accept",
"cid",
"signatures"
],
"properties": {
"cid": {
"type": "string",
"format": "cid",
"description": "badge.blue attestation CID over the referenced accepts.x402 record, making this receipt a remote attestation proof: computed from the accepts.x402 record (signatures stripped), this receipt's metadata (cid/signatures stripped, repository = requester's repo DID added) as $sig, via DAG-CBOR + SHA-256 + CIDv1. Re-binding the proof-of-payment to a copy of the accepts.x402 in another repository fails verification — badge.blue's replay-attack prevention applied to payment receipts."
},
"accept": {
"ref": "com.atproto.repo.strongRef",
"type": "ref",
"description": "Strong reference to the com.publicdomainrelay.temp.market.accepts.x402 record that this payment settles."
},
"signatures": {
"ref": "network.attested.signature#signatures",
"type": "ref",
"description": "badge.blue attestations over this receipt. Must include the bidder's inline signature, attached at creation, so the proof-of-payment is non-repudiable."
}
}
},
"description": "Proof-of-payment receipt minted by the bidder in response to a successful x402-gated GET against the bids.x402 url. Returned (by AT-URI + CID) to the requester, which uses it as the payload of the higher-level com.publicdomainrelay.temp.market.accept so the bidder can verify payment before provisioning."
}
},
"$type": "com.atproto.lexicon.schema",
"lexicon": 1
}