Skip to main content
HUMΛN
HUMΛN
Community
Transparency
Transparency

Field notes: What a real decision receipt looks like

HUMΛN Team··6 min·Product + compliance

The wrong answer

Pasting the model’s natural-language answer into a ticket is not a receipt. It is not stable, not attributable, and not machine-verifiable.

The contract

The ActionReceipt type in @human/core (packages/core/src/receipts/receipt-contract.ts) is the cross-surface proof payload. Each receipt includes:

  • receiptId — UUID for the action
  • actorDid / actorName — who acted
  • policyApplied — which boundary contract governed the run
  • provenanceLink — URL into the provenance / workflow graph (see GET /v1/provenance/:workflowId)
  • boundaryEnforced — whether safe / constrained delegation applied
  • Resource summaries — accessed, created, sent (human-readable lines for UI)

Receipts are on by default at delegation boundaries; turning them off for “governed” agents is a canon mismatch.

Where it shows up

  • human.call synchronous responses now embed action_receipt after successful runs (apps/api/src/gateway/invocation-gateway.ts).
  • Async completion polling adds a receipt when status is completed.
  • Companion and Command Plane render ReceiptSnippet patterns (kb/153) from structured hints.

Minimal JSON shape (illustrative)

{
  "receiptId": "2d5f0e4a-7b2c-4b2a-9f6d-831f2a2a9c11",
  "action": "human.call invocation completed",
  "actorDid": "agent://example",
  "policyApplied": "human.call:safe",
  "provenanceLink": "https://api.example/v1/provenance/task_abc",
  "boundaryEnforced": true
}

If “who decided?” can’t be answered from structured fields like these, you don’t yet have operational AI — you have a transcript.