Receipts / Proof Bundles
Every run should prove what happened.
OGN Receipts capture run identity, inputs, outputs, artifacts, hashes, and execution metadata. When emitted, Proof Bundles package the receipt, provenance, logs, result files, and manifest into a portable verification artifact.
This is what you get
Bundle contents
- receipt.json: Run identity, execution metadata, artifact paths, and SHA-256 hashes.
- provenance.json: Execution details that remain separate from the verifier-facing receipt.
- logs.jsonl: Line-oriented run logs for inspection and replay context.
- out.vcf.gz: Representative result artifact produced by mock or engine-backed runs.
- manifest.json: Proof-bundle file list and hashes for portable verification.
- proof_bundle.tar.gz: Optional archive when requested and registered by the worker.
Summary
- Minimum trust artifact
- OGN Receipt v1
- Optional package
- Proof bundle
- Verifier
- ogn-verify-receipt
- Gateway behavior
- 404-safe optional bundle
`receipt` is the minimum trust artifact. `proof_bundle` is optional and may return 404 from gateway endpoints until a worker registers it.
Verification surface
Representative slices from the proof bundle. The pilot deliverable includes the underlying files and local verifier path, not just screenshots.
Local verifier
Receipts verify after download and after extraction.
`ogn-verify-receipt` resolves relative paths against the receipt parent by default. Use `--base-dir` when verifying a receipt extracted from a proof bundle.
Want this on engine-backed runs?
Start with the public Core Kit smoke test, then request private OGN pilot access for engine/container evaluation and hosted gateway workflows.