Receipt Anatomy

Receipts are cryptographically signed, replayable summaries of how an answer or report was created. They allow anyone to verify the proof without trusting the UI.

Check in 30 Seconds (No Code)

  1. Open any answer and click View Receipt.
  2. Check the Signature indicator shows a green check the proof is authentic.
  3. In Citations, confirm there are sources from at least two different websites for important claims (in verified mode).
  4. Check timestamps for recency; the Why Trust panel shows freshness.
  5. Check licence badges (e.g., CC‑BY, public domain). Avoid incompatible licences for reuse.
  6. Read the Findings banner if present (PASS/WARN/FAIL). Yellow = proceed with care; red = don’t rely without review.
  7. To share, click Share Public Proof to generate a safe, read‑only page.

That’s enough for most uses.

What a Receipt Contains

  • IDs: answer_id, snapshot_id, receipt_id
  • Mode: light / verified / audit
  • Retrieval: query parameters, freshness/as_of controls
  • Citations: array of { domain, url/doc_id, quote, quote_hash, observed_at, licence }
  • QUORUM (MiSES) graph: claim coverage and counterfactuals (which artefacts support which claims)
  • Deterministic seed and model/runtime versions
  • Cost envelope (C³): budgets and usage counters
  • Signature (ed25519) and public key metadata (JWKS)

Read Each Part in Plain Language

  • Mode: how strict the run was. “Verified” enforces provenance and diversity; “Audit” adds deterministic replay and counterfactual checks.
  • Citations: exact quotes and links used, each with a fingerprint (hash) to detect later changes.
  • QUORUM (MiSES) graph: which sources support each claim (MiSES) and where credible disagreement (counterfactuals) appears.
  • Freshness: how recent the evidence is relative to your question.
  • Licence: what you’re allowed to do with the source (read, cite, reuse). The UI flags incompatible licences.
  • Signature: the cryptographic seal proving the receipt was issued by CueCrux and hasn’t been altered.

Verify Locally (Advanced)

Most people don’t need this section. Teams with technical staff can fetch a receipt and re‑check the signature and quote hashes using developer tooling.

Example (TypeScript):

import { createEngineClient } from '@cuecrux/engine-client';
import { verifyReceipt } from '@cuecrux/sdk';

const engine = createEngineClient(process.env.ENGINE_BASE_URL!, fetch);
const receipt = await engine.receipt('answer_123');

const ok = await verifyReceipt(receipt, {
  jwksUrl: `${process.env.WEB_BASE_URL}/.well-known/jwks.json`
});
if (!ok) throw new Error('Receipt signature invalid');

UI Mapping

  • Citation chips map to receipt citations (domain, licence, timestamp).
  • Why Trust panel summarises freshness, diversity, and counterfactuals.
  • Findings banner reflects WatchCrux PASS/WARN/FAIL relevant to the run.

Use the Public Proof Page when sharing receipts outside your organisation.

Troubleshooting

  • Signature invalid: do not use the result; contact support with the receipt ID.
  • Findings: WARN: minor drift/performance issues; consider re‑running later or using audit mode for critical work.
  • Findings: FAIL: do not rely on the answer; re‑run later or open a dispute.
  • Not enough independent sources: sometimes only one authoritative source exists; the UI will say so. For high‑stakes work, ask for audit mode.
  • Licence incompatible: you can read the source, but reuse may be restricted. Prefer alternative sources where possible.
Table of Contents