Verification
Trust nothing. Verify everything. Cryptographic proof replaces human trust.
Input Binding
Canonical input → BLAKE3 digest
Seed Derivation
HKDF-SHA256 derives execution seed
Execution
Deterministic inference produces output
Receipt Generation
Input digest + Output digest + Routing log
Cryptographic Proof
Receipt signed and stored
The Receipt
An execution receipt is a structured proof artifact. It binds the input tokens, routing decisions, model version, and output tokens into a single, cryptographically signed document.
The Binding
BLAKE3 hashes the canonical input. HKDF-SHA256 derives the execution seed. The output is hashed. All three are combined into a receipt that can be independently verified by any party.
Hostile Verification
A receipt enables hostile verification—validation by parties who do not trust the original executor. Given the receipt, input, and model, any verifier can replay the inference and confirm the output matches.
The Audit Trail
Token-level audit trails extend receipts to capture every intermediate decision. Adapter routing, MoE gating, and quantization choices are recorded. The entire execution becomes replayable and inspectable.
The Mandate
In regulated environments, "trust me" is not defensible. Receipts provide the evidence required for procurement compliance, security clearances, and government-facing deployments.