No description available.
tid
Timestamp-based ID
Properties
attestation
ref
com.atproto.repo.strongRef
Required
Strong-ref to a dev.cocore.compute.attestation record published by this provider. completedAt MUST fall within [attestedAt, expiresAt] of that attestation.
completedAt
string
datetime
Required
An RFC 3339 formatted timestamp.
enclaveSignature
bytes
Required
Secure Enclave P-256 signature (DER) over a sorted-key canonical JSON of every other field in this record. Verified against the publicKey of the strong-reffed attestation. This binding survives PDS migration: the repo-commit signature changes when keys rotate, but the enclaveSignature does not.
maxLength: 256inputCommitment
string
Required
MUST equal job.inputCommitment.
maxLength: 64 bytesminLength: 64 bytesjob
ref
com.atproto.repo.strongRef
Required
Strong-ref to the requester's dev.cocore.compute.job record.
model
string
Required
No description available.
maxLength: 256 bytesoutputCipherCommitment
string
Optional
Optional SHA-256 hex over the EXACT encrypted bytes delivered to the requester (the sealed reply). Lets a requester confirm the ciphertext they received is the one the provider's enclaveSignature commits to — defends against an intermediary swapping the delivered bytes. Covered by enclaveSignature like every other field.
maxLength: 64 bytesminLength: 64 bytesoutputCipherURL
string
uri
Optional
Optional URL where the encrypted output lives.
outputCommitment
string
Required
SHA-256 hex over the plaintext output bytes — the decrypted result the requester receives. (The earlier 'encrypted output' wording was a doc error; the provider has always committed to the plaintext, which is what a requester can verify after decrypting. Use outputCipherCommitment to commit to the encrypted bytes on the wire.)
maxLength: 64 bytesminLength: 64 bytesparams
ref
#generationParams
Optional
Optional record of the sampling parameters the provider committed to for this job. Integer-only (canonical JSON forbids floats): temperature/top_p are carried as integer milliunits. Covered by enclaveSignature, so a requester can prove the provider claimed these settings.
price
ref
dev.cocore.compute.defs#money
Required
MUST be <= job.priceCeiling. Currency MUST match job.priceCeiling.currency.
proBono
boolean
Optional
True when the provider served this job pro bono under its `dev.cocore.compute.provider.proBono` election — free, unmetered, no exchange cut. A pro-bono receipt MUST carry `price.amount: 0` and `tokens: { in: 0, out: 0 }`: the work is explicitly not counted, so neither figure is a billing claim. An exchange settling a `proBono: true` receipt takes no fee and moves no balance (`amountCharged`, `providerPayout`, and `exchangeFee` are all 0). Covered by `enclaveSignature` like every other field, so the carve-out is part of the signed, self-verifying record rather than an off-record side channel. Absent/false ≡ a normal metered, billable receipt. Optional / additive; pre-2026-06 readers ignore it and still see a well-formed zero-price receipt.
reasoningCommitment
string
Optional
Optional SHA-256 hex over the plaintext reasoning ('thinking') output bytes the provider produced for this job, separate from outputCommitment which covers only the answer the requester acts on. Present only when the model emitted reasoning on a distinct channel (a sibling reasoning_content field, or inline <think>...</think> tags the provider split out). Lets a requester independently verify the reasoning trace without it perturbing the answer's commitment. Covered by enclaveSignature.
maxLength: 64 bytesminLength: 64 bytesrequester
string
did
Required
DID of the requester. Denormalized from the job record for indexer convenience; MUST equal the DID owning the job record.
sessionKeyCommitment
string
Optional
Optional SHA-256 hex over (ephemeralPubKey || sessionNonce) — the per-job ephemeral X25519 key the requester sealed the input to, bound to the request nonce. Present when the job ran under the forward-secret confidential handshake (the enclave minted a fresh ephemeral key, enclave-signed it against the requester's nonce, and the requester sealed to that key after verifying it). Lets a requester prove after the fact that its prompt was sealed to a key the measured enclave controlled for this job, not the long-lived encryptionPubKey. Covered by enclaveSignature.
maxLength: 64 bytesminLength: 64 bytessessionNonce
string
Optional
Optional lowercase hex of the fresh requester nonce that the ephemeral session key was bound to (the freshness challenge for this job). Pairs with sessionKeyCommitment. Covered by enclaveSignature.
maxLength: 64 bytesminLength: 32 bytesstartedAt
string
datetime
Required
An RFC 3339 formatted timestamp.
tier
ref
dev.cocore.compute.defs#tier
Optional
The confidentiality tier this job actually ran under. Set by the provider to `attested-confidential` only when the input was sealed to a verified, enclave-bound ephemeral session key AND served by a measured native engine under a hardware-attested posture; otherwise `best-effort`. A requester recomputes this from the receipt's attestation + sessionKeyCommitment rather than trusting the field. Optional / additive; absent equivalent to `best-effort`.
tokens
ref
dev.cocore.compute.defs#tokenCounts
Required
No description available.
View raw schema
{
"key": "tid",
"type": "record",
"record": {
"type": "object",
"required": [
"job",
"requester",
"model",
"inputCommitment",
"outputCommitment",
"tokens",
"startedAt",
"completedAt",
"price",
"attestation",
"enclaveSignature"
],
"properties": {
"job": {
"ref": "com.atproto.repo.strongRef",
"type": "ref",
"description": "Strong-ref to the requester's dev.cocore.compute.job record."
},
"tier": {
"ref": "dev.cocore.compute.defs#tier",
"type": "ref",
"description": "The confidentiality tier this job actually ran under. Set by the provider to `attested-confidential` only when the input was sealed to a verified, enclave-bound ephemeral session key AND served by a measured native engine under a hardware-attested posture; otherwise `best-effort`. A requester recomputes this from the receipt's attestation + sessionKeyCommitment rather than trusting the field. Optional / additive; absent equivalent to `best-effort`."
},
"model": {
"type": "string",
"maxLength": 256
},
"price": {
"ref": "dev.cocore.compute.defs#money",
"type": "ref",
"description": "MUST be <= job.priceCeiling. Currency MUST match job.priceCeiling.currency."
},
"params": {
"ref": "#generationParams",
"type": "ref",
"description": "Optional record of the sampling parameters the provider committed to for this job. Integer-only (canonical JSON forbids floats): temperature/top_p are carried as integer milliunits. Covered by enclaveSignature, so a requester can prove the provider claimed these settings."
},
"tokens": {
"ref": "dev.cocore.compute.defs#tokenCounts",
"type": "ref"
},
"proBono": {
"type": "boolean",
"description": "True when the provider served this job pro bono under its `dev.cocore.compute.provider.proBono` election — free, unmetered, no exchange cut. A pro-bono receipt MUST carry `price.amount: 0` and `tokens: { in: 0, out: 0 }`: the work is explicitly not counted, so neither figure is a billing claim. An exchange settling a `proBono: true` receipt takes no fee and moves no balance (`amountCharged`, `providerPayout`, and `exchangeFee` are all 0). Covered by `enclaveSignature` like every other field, so the carve-out is part of the signed, self-verifying record rather than an off-record side channel. Absent/false ≡ a normal metered, billable receipt. Optional / additive; pre-2026-06 readers ignore it and still see a well-formed zero-price receipt."
},
"requester": {
"type": "string",
"format": "did",
"description": "DID of the requester. Denormalized from the job record for indexer convenience; MUST equal the DID owning the job record."
},
"startedAt": {
"type": "string",
"format": "datetime"
},
"attestation": {
"ref": "com.atproto.repo.strongRef",
"type": "ref",
"description": "Strong-ref to a dev.cocore.compute.attestation record published by this provider. completedAt MUST fall within [attestedAt, expiresAt] of that attestation."
},
"completedAt": {
"type": "string",
"format": "datetime"
},
"sessionNonce": {
"type": "string",
"maxLength": 64,
"minLength": 32,
"description": "Optional lowercase hex of the fresh requester nonce that the ephemeral session key was bound to (the freshness challenge for this job). Pairs with sessionKeyCommitment. Covered by enclaveSignature."
},
"inputCommitment": {
"type": "string",
"maxLength": 64,
"minLength": 64,
"description": "MUST equal job.inputCommitment."
},
"outputCipherURL": {
"type": "string",
"format": "uri",
"description": "Optional URL where the encrypted output lives."
},
"enclaveSignature": {
"type": "bytes",
"maxLength": 256,
"description": "Secure Enclave P-256 signature (DER) over a sorted-key canonical JSON of every other field in this record. Verified against the publicKey of the strong-reffed attestation. This binding survives PDS migration: the repo-commit signature changes when keys rotate, but the enclaveSignature does not."
},
"outputCommitment": {
"type": "string",
"maxLength": 64,
"minLength": 64,
"description": "SHA-256 hex over the plaintext output bytes — the decrypted result the requester receives. (The earlier 'encrypted output' wording was a doc error; the provider has always committed to the plaintext, which is what a requester can verify after decrypting. Use outputCipherCommitment to commit to the encrypted bytes on the wire.)"
},
"reasoningCommitment": {
"type": "string",
"maxLength": 64,
"minLength": 64,
"description": "Optional SHA-256 hex over the plaintext reasoning ('thinking') output bytes the provider produced for this job, separate from outputCommitment which covers only the answer the requester acts on. Present only when the model emitted reasoning on a distinct channel (a sibling reasoning_content field, or inline <think>...</think> tags the provider split out). Lets a requester independently verify the reasoning trace without it perturbing the answer's commitment. Covered by enclaveSignature."
},
"sessionKeyCommitment": {
"type": "string",
"maxLength": 64,
"minLength": 64,
"description": "Optional SHA-256 hex over (ephemeralPubKey || sessionNonce) — the per-job ephemeral X25519 key the requester sealed the input to, bound to the request nonce. Present when the job ran under the forward-secret confidential handshake (the enclave minted a fresh ephemeral key, enclave-signed it against the requester's nonce, and the requester sealed to that key after verifying it). Lets a requester prove after the fact that its prompt was sealed to a key the measured enclave controlled for this job, not the long-lived encryptionPubKey. Covered by enclaveSignature."
},
"outputCipherCommitment": {
"type": "string",
"maxLength": 64,
"minLength": 64,
"description": "Optional SHA-256 hex over the EXACT encrypted bytes delivered to the requester (the sealed reply). Lets a requester confirm the ciphertext they received is the one the provider's enclaveSignature commits to — defends against an intermediary swapping the delivered bytes. Covered by enclaveSignature like every other field."
}
}
}
}