{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://receiz.com/standards/receiz.schema.v1.json", "title": "Receiz Proof Bundle v1", "description": "Canonical schema for receiz.proof_bundle payloads embedded in PNG/PDF/trailer artifacts and Receiz bundle envelopes. Backward-compatible for historical bundles. Trusted verification uses signatureV4 under receiz.trusted-profile.v1.json.", "type": "object", "additionalProperties": false, "required": [ "kind", "payloadVersion", "createdAtMs", "ts", "code", "slug", "verifyPath", "verifyUrl", "kaiPulseEternal", "kaiKlok", "receizClaimId", "sigilClaimSeed" ], "properties": { "kind": { "const": "receiz.proof_bundle" }, "payloadVersion": { "enum": ["v1", "v2"] }, "createdAtMs": { "type": "integer", "minimum": 0 }, "ts": { "type": "string", "description": "Canonical timestamp as YYYY-MM-DD HH:MM." }, "tsDisplay": { "type": "string" }, "tzMinutesEast": { "type": "integer" }, "code": { "type": "string", "pattern": "^[A-Z0-9]{8}$" }, "slug": { "type": "string", "pattern": "^[0-9]{8}_[0-9]{4}$" }, "verifyPath": { "type": "string", "pattern": "^/v/[0-9]{8}_[0-9]{4}/[A-Z0-9]{8}(/[0-9]+)?(\\?.*)?$" }, "verifyUrl": { "type": "string" }, "kaiPulseEternal": { "type": "string", "pattern": "^[0-9]+$" }, "kaiKlok": { "type": "string" }, "signerKeyId": { "type": "string", "pattern": "^[0-9a-fA-F]{12}$" }, "anchorId": { "type": "string", "pattern": "^[0-9a-fA-F]{8}$" }, "receizClaimId": { "type": "string", "pattern": "^[0-9a-f]{32}$" }, "sigilClaimSeed": { "type": "string", "pattern": "^[0-9a-f]{64}$" }, "zkPoseidonHash": { "type": "string", "pattern": "^[0-9a-fA-F]{64}$" }, "groth16Proof": { "description": "Either a g16: envelope string (preferred) or a legacy proof form for historical compatibility. Trusted verification profile requires g16 format.", "oneOf": [ { "type": "string", "pattern": "^g16:[A-Za-z0-9_-]+$", "description": "Decode the payload and validate against /standards/receiz.groth16.real.schema.v1.json." }, { "type": "string", "pattern": "^[A-Za-z0-9_-]+$", "description": "Legacy deterministic proof string format." }, { "type": "object", "description": "Legacy deterministic proof object format.", "additionalProperties": true } ] }, "groth16ProofDigest": { "type": "string", "pattern": "^[0-9a-fA-F]{64}$" }, "artifactSha256Basis": { "type": "string", "pattern": "^[0-9a-fA-F]{64}$" }, "signatureV3": { "description": "Legacy optional field retained only for historical bundle parsing. Trusted verification does not use signatureV3 and requires signatureV4 under the trusted profile.", "type": "object", "additionalProperties": false, "required": ["version", "alg", "kid", "sig", "payloadHashSha256", "signedAtMs"], "properties": { "version": { "const": 1 }, "alg": { "const": "Ed25519" }, "kid": { "type": "string", "pattern": "^[a-zA-Z0-9._:-]{3,64}$" }, "sig": { "type": "string", "pattern": "^[A-Za-z0-9_-]+$" }, "payloadHashSha256": { "type": "string", "pattern": "^[0-9a-fA-F]{64}$" }, "signedAtMs": { "type": "integer", "minimum": 0 } } }, "signatureV4": { "description": "Optional in base schema for accountless trusted device enrollment compatibility.", "type": "object", "additionalProperties": false, "required": ["version", "alg", "cert", "sig", "payloadHashSha256", "signedAtMs"], "properties": { "version": { "const": 1 }, "alg": { "const": "Ed25519" }, "cert": { "type": "object", "additionalProperties": false, "required": [ "version", "certType", "certId", "issuerKid", "alg", "subjectPublicKeyRawB64u", "issuedAtMs", "expiresAtMs", "sig" ], "properties": { "version": { "const": 1 }, "certType": { "const": "receiz.device.v1" }, "certId": { "type": "string", "pattern": "^[0-9a-fA-F]{32}$" }, "issuerKid": { "type": "string", "pattern": "^[a-zA-Z0-9._:-]{3,64}$" }, "alg": { "const": "Ed25519" }, "subjectPublicKeyRawB64u": { "type": "string", "pattern": "^[A-Za-z0-9_-]+$" }, "issuedAtMs": { "type": "integer", "minimum": 0 }, "expiresAtMs": { "type": "integer", "minimum": 1 }, "sig": { "type": "string", "pattern": "^[A-Za-z0-9_-]+$" } } }, "sig": { "type": "string", "pattern": "^[A-Za-z0-9_-]+$" }, "payloadHashSha256": { "type": "string", "pattern": "^[0-9a-fA-F]{64}$" }, "signedAtMs": { "type": "integer", "minimum": 0 } } }, "wireproof": { "type": "object", "additionalProperties": false, "required": ["schema", "anchorId", "claimHashSha256", "verifierPath"], "properties": { "schema": { "const": "wireproof.v1" }, "anchorId": { "type": "string", "pattern": "^[0-9a-f]{8}$" }, "claimHashSha256": { "type": "string", "pattern": "^[0-9a-f]{64}$" }, "verifierPath": { "type": "string" } } } } }