Dekimu · anchored receipts docs
Receipt families
All 14 anchored receipt families — one for each class of privacy-relevant or legally-significant event. Each family has a canonical wire-format discriminator, a per-family renderer on this verifier, and a discovery document at /.well-known/.
Provenance
Receipts that prove the origin of an artifact — who produced it, with which model, and what was captured in the daily audit root.
Privacy lifecycle
Receipts tied to GDPR and similar privacy-law obligations — consent, retention, lineage, notice, breach, subject rights, and impact assessments.
Cryptographic proof of a consent decision — what was consented to, by whom, and against which policy.
ar.consent.v1ar.modification.v1ar.withdrawal.v1Cryptographic proof of a data-lifecycle event — erasure, expiry, hold, anonymisation, or archive.
ar.erasure.v1ar.expiry.v1ar.hold.v1ar.anonymization.v1ar.archive.v1ar.batch.v1Cryptographic proof of data lineage — derivation, fork, supersession, or disclosure of an artifact.
ar.lineage.v1Cryptographic proof of a transparency notice — what was disclosed to a data subject, under which profile, and when.
ar.notice.v1Cryptographic proof of a personal-data breach lifecycle event — detection, assessment, notification, containment, or closure.
ar.breach.v1Cryptographic proof of a data-subject rights request lifecycle — from receipt through fulfilment, refusal, or escalation.
ar.subject_rights.v1Cryptographic proof of a DPIA lifecycle event — threshold trigger, scope lock, DPO advice, completion, review, or prior consultation.
ar.impact.v1Data operations
Receipts that document data-processing operations — tokenization, purpose binding, cross-border transfers, AI Act evaluations, qualified attestations, and agent delegation.
Cryptographic proof of a data-tokenization lifecycle event — issuance, redemption, revocation, or rotation of a pseudonymous token.
ar.tokenization.v1Cryptographic proof of a purpose-binding event — what data was bound to which purpose, under which lawful basis, and when.
ar.purpose.v1Cryptographic proof of a cross-border data transfer — arrangement, per-transfer record, impact assessment, or suspension.
ar.transfer.v1Cryptographic proof of an AI Act evaluation event — conformity assessment or transparency disclosure.
ar.evaluation.v1Cryptographic proof of a qualified trust service event — eIDAS issuance or revocation of a qualified artefact.
ar.attestation.v1Cryptographic proof of a delegation lifecycle event — grant, revoke, narrow, renew, suspend, or resume of agent authority.
ar.delegation.v1Wire format
Every receipt carries a claim_type field following the canonical ar.<noun>.v<N> pattern. Families with multiple event types use a single claim_type and disambiguate via a body.event_type discriminator. Legacy member-prefixed kinds (e.g. apr.v1) remain accepted indefinitely.