Trust Center · TrustReceipt

TrustReceipt: signed evidence for every agent transaction

TrustReceipt provides cryptographically verifiable, tamper-evident and exportable evidence for auditing agentic-commerce operations, designed to support eIDAS-aligned, ESIGN/UETA and UK retained trust services law flows.

A TrustReceipt is not a legal qualified signature by itself. It is structured evidence that a regulator, auditor or court can examine offline, paired with the legal framework that applies in your jurisdiction.

Create free account Read compliance information

What is a TrustReceipt

One signature per agent action

Every time an AI agent reads catalog data, modifies a cart or completes a checkout in a Trusteed-connected store, the platform emits a detached JWS receipt signed by the merchant's Ed25519 key. The receipt records who did what, on which bucket (discovery, customer or checkout), against which input and output hashes, and at what time. It can be exported, re-verified offline, and produced as evidence years later.

Why it matters to merchants

Settle agent disputes with cryptographic evidence, not customer-service screenshots
Demonstrate due diligence under GDPR Art. 5(2) accountability and AI Act transparency obligations
Export full audit bundles per jurisdiction (EU 6y / US 7y / BR 5y / Other 10y) at one click
Detect tampering: any modification of the underlying record breaks the signature

Why it matters to developers

Detached JWS (Ed25519) — pure-crypto, no vendor SDK required to verify
Canonical hashing via RFC 8785 JCS — deterministic across languages
JWKS snapshot URL embedded in every receipt for offline trust-anchor resolution
Receipt envelope ≤ 4096 B signing input — fits AWS KMS native Ed25519 cap
TypeScript, Python, Java and Go verifiers planned; reference verifier shipped in `@trusteed/receipt-verifier`

Legal frameworks and current status

Linkage to eIDAS/EUDI, ESIGN/UETA and UK retained law

Trusteed maps every TrustReceipt to a `legal_posture` enum so consumers know exactly what legal weight to assign. AdES-candidate claims are only emitted when an RFC 3161 qualified timestamp is present.

eIDAS / eIDAS 2.0 (EU)

AdES-candidate (timestamped)

Parameters we accept

Signature: Ed25519 detached JWS, key in AWS KMS (us-east-1 primary, eu-west-1 replica)
Timestamp: RFC 3161 TimeStampToken (freeTSA Phase 1, fail-open with per-merchant opt-in to fail-closed)
Long-term: JWKS history snapshot + revocation evidence per receipt
Retention: 6 years (EU baseline, mapped to ENISA guidance)
Subject context: buyer_agent or merchant_admin authorization context

Without a qualified TSP we emit `ades_candidate_timestamped` (with TSA) or `ades_candidate_no_tsa` (without). QTSP integration (InfoCert) deferred to spec 050.

EUDI Wallet (eIDAS 2.0 Article 6a)

Roadmap — pilot

Parameters we accept

Buyer-agent assertion via SD-JWT-VC verifiable presentation
Selective disclosure of buyer attributes (age, residency) without over-collection
Wallet Relying Party registration check (LOTL XML parsing implemented)
Issuer trust resolution against EU List of Trusted Lists

EUDI dependency on Wallet Relying Party (WRP/RPRC) auto-registration is unproven cross-border. Pilot pending member-state rollout.

ESIGN Act + UETA (United States)

Live

Parameters we accept

Intent to sign captured via buyer_agent consent_context (signed at session start)
Consumer disclosure version + withdrawal URI hash recorded in receipt
Attribution: agent identity verified via RFC 9421 HTTP Message Signatures (spec 045)
Record retention: 7 years (US baseline, configurable per merchant)
Tamper evidence: Ed25519 detached JWS over RFC 8785 canonical payload

ESIGN §101(c) consumer-disclosure requirements implemented as signed evidence records. Counsel approval pending for production posture; current canary is observe-only.

UK Electronic Communications Act 2000 + retained eIDAS

Live (parity with EU baseline)

Parameters we accept

Retained UK eIDAS Regulation (post-Brexit) → AdES-equivalent posture
Schedule 1 admissibility: signed JWS + RFC 3161 TST satisfies 'in such form as the court may admit'
ICO accountability principle: audit-log hash chain (per-merchant RFC 8785) preserved
Trust services: tsl-ssl.bsi.bund.de + UK Trust List (UKAS-accredited) parsed
Retention: 6 years (parity with EU baseline)

Post-Brexit divergence tracked. UK Trust List integration ships behind feature flag pending ICO guidance on cross-border AI evidence.

Anatomy of a TrustReceipt

What a single receipt looks like

A TrustReceipt is a detached JWS (compact form) plus a small set of unsigned envelope fields. The signed payload is canonicalized with RFC 8785 before hashing. Raw input/output bodies never leave the merchant's encrypted vault.

{
  "id": "trcpt_01HXY...",
  "callId": "call_01HXY...",
  "agentId": "agt_acme_browser",
  "merchantId": "mch_paco_sandias",
  "bucket": "checkout",
  "tool": "complete_checkout",
  "inputHash":  "8f4a...c2",
  "outputHash": "a1d9...77",
  "signingKeyKid": "mch_paco_sandias-2026Q2",
  "jws": "eyJhbGciOiJFZERTQSIsImtpZCI6...",
  "jwksSnapshotUrl": "https://trusteed.xyz/.well-known/jwks/snapshot/2026-05.json",
  "legal_posture": "ades_candidate_timestamped",
  "createdAt": "2026-05-12T10:14:33Z"
}

How verification works

Four steps to validate a receipt offline

1. Resolve the JWKS snapshot

Fetch the snapshot URL embedded in the receipt. The snapshot is itself signed and tied to a key history with validity windows.

2. Verify the signature

Use the `kid` in the JWS header to pick the correct Ed25519 public key. Verify with any standards-compliant JOSE library — no Trusteed code required.

3. Recompute the canonical hashes

Reconstruct inputHash and outputHash from raw bodies (if disclosed). Compare against the signed values. Any mismatch = tampered.

4. Check the timestamp evidence

If a TimeStampResp is attached, verify its full chain (TSA cert, OCSP/CRL, EKU, tolerance window). This anchors the receipt in real-world time.

For AI agents

For AI agents: how to consume and verify TrustReceipts

AI agents reading or writing against a Trusteed-connected store can request and verify TrustReceipts as first-class evidence. This enables agent-to-agent auditing, multi-hop attribution chains, and dispute resolution without human escalation.

Fetch receipts via `GET /api/v1/trust/receipts` (list) or `GET /api/v1/trust/receipts/by-order/:orderId`
Each receipt contains `agentId`, `bucket`, `tool`, `inputHash`, `outputHash`, `signingKeyKid`, `jwksSnapshotUrl`
Use the `@trusteed/receipt-verifier` JS package or any RFC 7515 JWS library — Ed25519 + EdDSA
RFC 9421 agent identity assertions (spec 045) are embedded as `trust_provider_assertions[]` for chain-of-custody
The `legal_posture` field tells your agent whether the receipt can be claimed as AdES-candidate evidence or not

Minimum agent-side verification flow (Node.js, no Trusteed SDK required):

import { compactVerify, createLocalJWKSet } from "jose";

// 1. Get a receipt from the merchant API
const r = await fetch(`https://trusteed.xyz/api/v1/trust/receipts/by-order/${orderId}`)
  .then((r) => r.json());

// 2. Resolve the JWKS snapshot referenced in the receipt
const jwks = await fetch(r.jwksSnapshotUrl).then((r) => r.json());

// 3. Verify the JWS signature (Ed25519, EdDSA)
const { payload, protectedHeader } = await compactVerify(
  r.jws,
  createLocalJWKSet(jwks),
);

// 4. Decide on legal posture before claiming AdES
if (r.legal_posture !== "ades_candidate_timestamped") {
  console.warn("Receipt valid but no qualified timestamp present");
}

Agent metadata

{
  "documentType": "trust-receipt",
  "signatureAlgorithm": "Ed25519",
  "canonicalForm": "RFC 8785 JCS",
  "timestampStandard": "RFC 3161",
  "transportFormat": "compact JWS (RFC 7515)",
  "verifierLibrary": "@trusteed/receipt-verifier",
  "discovery": "https://trusteed.xyz/.well-known/mcp.json",
  "policy": "https://trusteed.xyz/.well-known/agent-policy.json"
}

What a TrustReceipt is not

A TrustReceipt is not a Qualified Electronic Signature (QES) — that requires a QTSP, not on our roadmap until spec 050
It does not by itself prove buyer intent — that is captured in `consent_context`, which is signed separately
It cannot reverse a fraudulent charge — it provides evidence; legal remedies belong to the merchant and the issuer
It is not a replacement for SOC 2, ISO 27001 or PCI DSS audits

Frequently asked questions

Is a TrustReceipt admissible in court?

Under ESIGN/UETA (US), UK ECA 2000, and eIDAS Art. 25 (EU), electronic evidence cannot be denied admissibility solely because it is electronic. A TrustReceipt provides the tamper-evidence and non-repudiation primitives a court typically asks for. Final admissibility always depends on the forum and the underlying transaction.

Do I need a QTSP to use TrustReceipts?

No. For Advanced Electronic Signature (AdES) posture, we use a standards-compliant RFC 3161 TSA. Qualified Electronic Signature (QES) requires a QTSP and is on the roadmap (spec 050).

Where are the receipts stored?

Signed JWS are persisted in the merchant's audit log with a hash chain (RFC 8785). Raw input/output remain in an encrypted vault (AES-256-GCM). The JWKS history is published at a stable URL for offline verification.

What happens if the signing key is rotated or revoked?

Old receipts remain verifiable against the JWKS history snapshot referenced at issuance time. Revocation evidence is published as a signed JWS extension; verifiers MUST check it before claiming AdES posture.

Trust as infrastructure

Every agentic-commerce operation leaves a signed receipt. Start free or read the developer documentation.

Create free account Developer docs