Skip to main content
DOCUMENTATION

PEAC-Receipt

PEAC-Receipt is an open standard for cryptographically signed receipts that prove agent access to resources with verifiable compliance.

What is PEAC-Receipt?

PEAC-Receipt is a standardized HTTP header containing a cryptographically signed JSON Web Token (JWT) that serves as proof of authorized access. Every response from an Originary-protected resource includes this receipt.

The receipt contains: resource accessed, timestamp, payment evidence, policy snapshot, and is signed using Ed25519 for fast verification at edge locations.

Header Format

PEAC-Receipt: eyJhbGciOiJFZERTQSIsImtpZCI6IjIwMjUtMDkta2V5MSIsInR5cCI6IkpXVCJ9.
eyJpc3MiOiJvcmlnaW5hcnkueHl6IiwiaWF0IjoxNzM3NTYyODAwLCJyZXNvdXJjZSI6Ii9hcGkvY29udGVudCIsInBheW1lbnQiOnsic3RhdHVzIjoidmVyaWZpZWQiLCJhbW91bnQiOjEuMDAsImN1cnJlbmN5IjoiVVNEIn19.
r5k2nF8xT3mQwK9LpXvYzJ7dR2sE4gH6tB1cA8oU0fPqN3vM5wJ9eX7lK2yT6uG8hZ4nV1xS3dW0jR6pL5

Receipt Claims

  • iss: Issuer (domain that signed the receipt)
  • iat: Issued at (Unix timestamp)
  • resource: Path or identifier of accessed resource
  • payment: Payment evidence (status, amount, currency, transaction ID)
  • kid: Key identifier for signature verification

Verification

Verify receipts using our API or verify endpoint:

curl -X POST https://www.originary.xyz/api/verify \
  -H "Content-Type: application/json" \
  -d '{"receipt": "eyJhbGci..."}'

Or use our web interface: originary.xyz/verify

Ready to implement?

Start generating receipts with Originary in under 5 minutes.

Get Started for $1