Skip to content

Open Receipt Specification (ORS) — a portable format for cryptographic agent policy acknowledgement receipts

License

Notifications You must be signed in to change notification settings

jstibal/ors-spec

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Open Receipt Specification (ORS)

A portable format for cryptographic agent policy acknowledgement receipts. A receipt is a signed record proving an AI agent acknowledged a specific policy before taking an action.

License

Specification

ORS-v0.1.md — The full specification. Covers receipt schema, canonicalization (RFC 8785), Ed25519 signing, JWKS key distribution, verification algorithm, HTTP header conventions, and extension namespaces.

Verify a receipt

# Against a live issuer
python verify.py examples/basic_api_call.json --jwks https://openterms.com/.well-known/jwks.json

# Against a local JWKS file
python verify.py receipt.json --jwks-file jwks.json

# Using issuer discovery (if the receipt includes an issuer field)
python verify.py receipt.json

Requires Python 3.10+ and the cryptography library (pip install cryptography).

Examples

The examples/ directory contains 9 annotated receipt files demonstrating different features:

File Demonstrates
basic_api_call.json Minimal receipt, required fields only
data_access_with_context.json action_context, provider binding, ors.commitments
purchase.json Purchase action type
custom_action.json Custom action, issuer field, ors_version, pre/post state hashes
chained_receipt.json Multi agent chain via ors.chain
minimal_fields.json Absolute minimum, no optional fields
large_context.json 40 key action_context, near size limits
request_bound_api_call.json Anti replay with provider nonce and request hash
refusal.json Declined decision, negative evidence for compliance

Example canonical hashes are computed from the actual payload fields. Signatures are illustrative since no private key is distributed.

Reference Implementation

Openterms MCP server — open source (Apache 2.0), implements ORS v0.1 receipt issuance and verification.

Feedback

Please use GitHub Issues for questions, suggestions, and spec feedback.

License

Apache 2.0. See LICENSE.

Copyright 2026 Staticlabs Inc.

About

Open Receipt Specification (ORS) — a portable format for cryptographic agent policy acknowledgement receipts

Resources

License

Stars

Watchers

Forks

Packages

 
 
 

Languages