RFC-0001 — Signed response receipt format
Status: Draft · ratify end Q3 2026 Owner: Verification Lead
What it defines
The canonical signed response receipt that an operator emits after each inference. Receipts are the unit of work measurement, dispute, and BME settlement.
Key fields
{
version: 1,
job_id, operator_id, model_id, model_weight_hash,
adapter_id?,
customer_nonce,
request_hash, response_hash, log_probs_sample,
kv_metadata, kernel_pack_hash,
gpu_model, driver_version, cuda_version,
attestation_report_hash,
batch_invariant_proof?,
timestamp_ms, gateway_id,
operator_signature
}Encodings
- On-chain: SCALE codec; only Merkle root stored.
- Off-chain blob: JSON, base64 for hashes/signatures, pinned in
chain-indexer+ IPFS. - Wire (customer SDK → gateway): JSON; SDK is liberal in field naming (
useful_receipt⇔receipt).
Fault codes triggered on validator mismatch
| Code | Severity |
|---|---|
| WrongModel | 10% |
| WrongResponse | 5% |
| LogProbDrift | 2% |
| CacheReplay | 5% |
| KernelPackMismatch | 0.5% |
See RFC-0005 for the slashing extrinsic ABI.