dev.cocore.compute.job
Schema Diff
+9 -1
Compatibility Analysis
Backward Compatible
Backward compatible. 2 non-breaking changes.
Non-Breaking Changes (2)
- AddedVertex AddedVertex { vertex_id: "dev.cocore.compute.job:body.inputFormat" }
- AddedEdge AddedEdge { src: "dev.cocore.compute.job:body", tgt: "dev.cocore.compute.job:body.inputFormat", kind: "prop", name: Some("inputFormat") }
Migration Guidance
Added Elements
AddedVertex { vertex_id: "dev.cocore.compute.job:body.inputFormat" }
Additional Notes
- Non-breaking: AddedEdge { src: "dev.cocore.compute.job:body", tgt: "dev.cocore.compute.job:body.inputFormat", kind: "prop", name: Some("inputFormat") }
1
1
{
2
2
"id": "dev.cocore.compute.job",
3
3
"defs": {
4
4
"main": {
5
5
"key": "tid",
6
6
"type": "record",
7
7
"record": {
8
8
"type": "object",
9
9
"required": [
10
10
"model",
11
11
"inputCommitment",
12
12
"maxTokensOut",
13
13
"priceCeiling",
14
14
"acceptedTrustLevel",
15
15
"paymentAuthorization",
16
16
"nonce",
17
17
"expiresAt",
18
18
"createdAt"
19
19
],
20
20
"properties": {
21
21
"model": {
22
22
"type": "string",
23
23
"maxLength": 256,
24
24
"description": "Opaque model identifier the requester wants the provider to honor."
25
25
},
26
26
"nonce": {
27
27
"type": "string",
28
28
"maxLength": 32,
29
29
"minLength": 32,
30
30
"description": "16 random bytes, hex-encoded. Replay protection."
31
31
},
32
32
"createdAt": {
33
33
"type": "string",
34
34
"format": "datetime"
35
35
},
36
36
"expiresAt": {
37
37
"type": "string",
38
38
"format": "datetime",
39
39
"description": "Provider must complete by this time. Receipts whose completedAt > expiresAt are invalid."
40
40
},
41
+
"inputFormat": {
42
+
"type": "string",
43
+
"description": "How to interpret the sealed input bytes that `inputCommitment` covers. Absent (legacy) or `text`: the bytes are the raw prompt string. `messages-v1`: the bytes are the UTF-8 of a canonical-JSON multimodal envelope { v: 1, messages: [ { role, content } ] }, where `content` is either a string or an array of parts — { type: \"text\", text } and { type: \"image\", mime, data } with `data` base64-encoded image bytes inline. A verifier reconstructs the same canonical bytes to recompute `inputCommitment`. Additive: providers that don't understand a format reject the job rather than mis-serving it.",
44
+
"knownValues": [
45
+
"text",
46
+
"messages-v1"
47
+
]
48
+
},
41
49
"maxTokensOut": {
42
50
"type": "integer",
43
51
"maximum": 2000000,
44
52
"minimum": 1
45
53
},
46
54
"priceCeiling": {
47
55
"ref": "dev.cocore.compute.defs#money",
48
56
"type": "ref",
49
57
"description": "Maximum price the requester will accept for this job. The provider's receipt MUST list a price <= this ceiling, else the receipt is invalid."
50
58
},
51
59
"inputCipherURL": {
52
60
"type": "string",
53
61
"format": "uri",
54
62
"description": "Optional URL where the encrypted prompt blob can be fetched. May be a PDS blob (at://...) or any other content-addressed URL. The commitment is what matters; this is a convenience pointer."
55
63
},
56
64
"inputCommitment": {
57
65
"type": "string",
58
66
"maxLength": 64,
59
67
"minLength": 64,
60
-
"description": "SHA-256 hex of the encrypted prompt bytes the provider will decrypt. The plaintext prompt is never on-chain."
68
+
"description": "SHA-256 hex over the SEALED input plaintext bytes the provider decrypts — i.e. the exact bytes both the requester (before sealing) and the provider (after opening) hash, so it is self-consistent without either side parsing the payload. The plaintext is never on-chain. The byte layout is described by `inputFormat`: absent/`text` means the bytes are the raw prompt string; `messages-v1` means they are the UTF-8 of the canonical multimodal envelope (see `inputFormat`)."
61
69
},
62
70
"acceptedExchanges": {
63
71
"type": "array",
64
72
"items": {
65
73
"type": "string",
66
74
"format": "did"
67
75
},
68
76
"maxLength": 16,
69
77
"description": "Exchange DIDs allowed to settle this job. MUST be non-empty in practice; the named paymentAuthorization MUST cover one of these."
70
78
},
71
79
"acceptedProviders": {
72
80
"type": "array",
73
81
"items": {
74
82
"type": "string",
75
83
"format": "did"
76
84
},
77
85
"maxLength": 64,
78
86
"description": "Specific provider DIDs allowed to serve this job. Empty/absent means any provider that meets acceptedTrustLevel."
79
87
},
80
88
"acceptedTrustLevel": {
81
89
"ref": "dev.cocore.compute.defs#trustLevel",
82
90
"type": "ref",
83
91
"description": "Minimum trust level the requester will accept from a provider serving this job."
84
92
},
85
93
"paymentAuthorization": {
86
94
"ref": "com.atproto.repo.strongRef",
87
95
"type": "ref",
88
96
"description": "Strong-ref to a dev.cocore.compute.paymentAuthorization record in the same repo, naming an exchange and a ceiling >= this job's priceCeiling."
89
97
}
90
98
}
91
99
}
92
100
}
93
101
},
94
102
"$type": "com.atproto.lexicon.schema",
95
103
"lexicon": 1,
96
104
"description": "A request for computational work. Published by the requester in their own repo before the work runs, so the provider has something to commit a receipt against."
97
105
}