Dekimu · anchored receipts docs

ATokR — Anchored Tokenization Receipts

Cryptographic proof of a data-tokenization lifecycle event — issuance, redemption, revocation, or rotation of a pseudonymous token.

← All families

Purpose

An ATokR anchors the lifecycle of a pseudonymous token: when it was created, when it was exchanged for original data, when it was invalidated, and when it was replaced by a new value. This provides a verifiable audit trail for pseudonymisation operations without exposing the underlying data.

Rotated tokens chain via the receipt's prev envelope field, allowing verifiers to reconstruct the full rotation history of a token without access to the vault.

Event types

KindLabelDescription
token.issuedIssuedNew pseudonymous token created.
token.redeemedRedeemedToken exchanged for original data.
token.revokedRevokedToken permanently invalidated.
token.rotatedRotatedToken replaced with new value.

Key fields

token_format — encoding and structure of the token (e.g. UUID v4, opaque hex, structured format). Does not include the token value itself.

pseudonymization_method — the cryptographic or algorithmic method used to derive the token from the original data (e.g. HMAC-SHA256, AES-SIV, format-preserving encryption).

rotation_policy — policy governing when tokens are rotated: time-based, event-triggered, or on-demand. Present on issuance receipts and updated on rotation.

Regulatory context

Pseudonymisation is defined in GDPR Art. 4(5) as the processing of personal data in such a manner that it can no longer be attributed to a specific individual without additional information held separately. GDPR Recital 26 clarifies that pseudonymous data that can be attributed back to a natural person remains personal data and subject to GDPR obligations. ATokR receipts document the safeguards in place — the existence of the token vault, the method used, and the access policy — without exposing the vault contents.

Anchored Receipts are cryptographic provenance and privacy-lifecycle protocols; verify.dekimu.com is a reference implementation, not a qualified trust service under Regulation (EU) No 910/2014 (eIDAS) or successor.