Proof & Receipts

Every answer that passes through VaultCrux can produce a cryptographic receipt - a self-contained proof that the answer existed, was evaluated, and met quality thresholds at a specific point in time. Receipts use the COSE_Sign1 standard, signed via HashiCorp Vault Transit with Ed25519 keys. Any party can verify a receipt without accessing the underlying documents, the query, or the tenant's data.

Proof jobs evaluate answer quality across three modes. Light mode performs a fast spot-check - it verifies that the answer cites at least one retrieved chunk and that the cited chunks exist in the corpus. This is the minimum viable proof for development workflows. Verified mode runs a full chunk evaluation with document coverage analysis - it checks that every citation in the answer maps to a real retrieved chunk, that the chunks collectively cover the semantic scope of the answer, and that no critical source documents were omitted. Audit mode is the most comprehensive: it adds citation verification (do the cited passages actually support the claims made?), cross-reference checking (do different parts of the answer contradict each other?), and produces a detailed evaluation transcript that becomes part of the receipt payload.

The receipt itself is a structured COSE_Sign1 envelope. The protected header contains the signing algorithm (Ed25519), the key ID (pointing to the Vault Transit key), and the content type. The payload contains: the answer hash (BLAKE3), the query hash, the retrieval metadata summary (how many candidates were considered, scores, and source provenance), the evaluation mode and result, a timestamp, and the tenant ID. The signature covers all of this - tampering with any field invalidates the receipt.

Receipts are designed for three audiences. For the tenant, they provide an audit trail of what was answered and when. For external parties (auditors, compliance teams, counterparties), they provide independently verifiable proof without data disclosure. For agents, they provide a trust signal - an agent can check whether a previous answer has a valid receipt before building on it, rather than re-evaluating from scratch.

The proof infrastructure integrates with Watch monitoring. When a source document changes under a receipted answer, Watch can flag that the receipt's evidence basis has drifted. The receipt remains valid (it attests to what was true at signing time), but the staleness signal lets consumers know that re-evaluation may be warranted. This is the foundation for continuous assurance rather than point-in-time certification.