receipts-guard

RECEIPTS Guard v0.7.1 - The Three Rails

"The rails for the machine economy."

ERC-8004 identity + x402 payments + arbitration protocol. The infrastructure for agent commerce.

The Three Rails:

Rail	Standard	Purpose
Identity	ERC-8004	On-chain agent identity anchoring
Trust	ERC-8004 Reputation	Arbitration outcomes build reputation
Payment	x402	Paid arbitration, automated settlements

Local-first. Chain-anchored. Cloud-deployable. Security-hardened.

What's New in v0.7.1 (Security Hardening)

• 🔐 HTTP Authentication - API Key and DID Request Signing
• 🛡️ Authorization Checks - Counterparty verification for /accept
• 🌐 CORS Hardening - Configurable origin whitelist (blocked by default)
• ⚡ Rate Limiting - 100 requests/minute per IP
• ✅ Input Validation - Payment address, cost, deadline validation

What's New in v0.7.0

• ⛓️ ERC-8004 Integration - Anchor identity to Ethereum/Base registries
• 💰 x402 Payments - Paid arbitration with USDC/ETH
• ☁️ Cloud Deployment - Dockerfile + Fly.io Sprites support
• 🌐 HTTP Server Mode - REST API for cloud agents

From v0.6.0:

• 🪪 Self-Sovereign Identity - DID-based identity with Ed25519 signatures
• 🔑 Key Rotation - Old key signs new key, creating unbroken proof chain
• 👤 Human Controller - Twitter-based recovery backstop

From v0.5.0:

• ⚖️ Full Arbitration Protocol - propose → accept → fulfill → arbitrate → ruling
• 📜 PAO (Programmable Agreement Object) - Canonical termsHash, mutual signatures
• 📊 LPR (Legal Provenance Review) - Timeline visualization for arbiters

Quick Start

# === ARBITRATION FLOW ===

# 1. Create proposal
node capture.js propose "I will deliver API docs by Friday" "AgentX" \
  --arbiter="arbiter-prime" --deadline="2026-02-14"

# 2. Accept proposal (as counterparty)
node capture.js accept --proposalId=prop_abc123

# 3. Fulfill agreement
node capture.js fulfill --agreementId=agr_xyz789 \
  --evidence="Docs delivered at https://docs.example.com"

# --- OR if there's a dispute ---

# 4. Open arbitration
node capture.js arbitrate --agreementId=agr_xyz789 \
  --reason="non_delivery" --evidence="No docs received by deadline"

# 5. Submit evidence (both parties)
node capture.js submit --arbitrationId=arb_def456 \
  --evidence="Screenshot of empty inbox" --type=screenshot

# 6. Issue ruling (as arbiter)
node capture.js ruling --arbitrationId=arb_def456 \
  --decision=claimant --reasoning="Evidence shows non-delivery past deadline"

# 7. View timeline
node capture.js timeline --agreementId=agr_xyz789

Commands

Identity (v0.6.0)

identity init - Create Identity

node capture.js identity init --namespace=remaster_io --name=receipts-guard \
  --controller-twitter=@Remaster_io

Creates:

• Ed25519 keypair
• DID document: did:agent:<namespace>:<name>
• Human controller configuration

identity show - Display Identity

node capture.js identity show [--full]

Shows identity summary or full DID document with --full.

identity rotate - Rotate Keys

node capture.js identity rotate [--reason=scheduled|compromise|device_change]

• Old key signs new key (proof chain)
• Old key archived for historical signature verification
• Unbroken chain = same identity

identity verify - Verify Identity or Signature

# Verify DID key chain
node capture.js identity verify --did=did:agent:acme:trade-bot

# Verify signature
node capture.js identity verify \
  --signature="ed25519:xxx:timestamp" \
  --termsHash="sha256:abc123..."

identity set-controller - Set Human Controller

node capture.js identity set-controller --twitter=@handle

Links a human controller for emergency recovery.

identity recover - Emergency Recovery

node capture.js identity recover --controller-proof=<TWITTER_URL> --confirm

Human controller posts recovery authorization, all old keys revoked.

identity publish - Publish DID Document

node capture.js identity publish [--platform=moltbook|ipfs|local]

identity anchor - Anchor to ERC-8004 (v0.7.0)

node capture.js identity anchor --chain=ethereum|base|sepolia

Registers identity on-chain to ERC-8004 Identity Registry:

• Requires RECEIPTS_WALLET_PRIVATE_KEY environment variable
• Stores transaction hash in DID document
• Mainnet: credibility anchor
• Base: x402-native, lower fees

Deployed Registries:

Chain	Identity Registry	Status
Ethereum	0x8004A169FB4a3325136EB29fA0ceB6D2e539a432	Live
Sepolia	0x8004A818BFB912233c491871b3d84c89A494BD9e	Testnet
Base	Coming soon	TBD

identity resolve - Resolve DID (v0.7.0)

node capture.js identity resolve --did=did:agent:namespace:name [--chain=CHAIN]

Resolves DID from local storage or on-chain registry.

---

ERC-8004 Integration (v0.7.0)

The ERC-8004 standard provides three registries for agent trust:

1. Identity Registry - NFT-based agent identifiers
2. Reputation Registry - On-chain feedback and scores
3. Validation Registry - Work verification by validators

RECEIPTS integrates with existing registries while providing superior off-chain agreement lifecycle management.

Chain Configuration:

# Environment variables
export ETHEREUM_RPC=https://eth.llamarpc.com
export BASE_RPC=https://mainnet.base.org
export RECEIPTS_WALLET_PRIVATE_KEY=0x... # Never commit this!

---

x402 Payment Integration (v0.7.0)

x402 enables paid arbitration - arbiters get compensated for their work.

Proposal with Payment Terms

node capture.js propose "Service agreement" "counterparty" \
  --arbiter="arbiter-prime" \
  --arbitration-cost="10" \
  --payment-token="USDC" \
  --payment-chain="base" \
  --payment-address="0x..." # Arbiter's address

Arbitration with Payment Proof

# Without payment proof (fails if x402 required)
node capture.js arbitrate --agreementId=agr_xxx --reason="non_delivery"
# Error: Payment required: 10 USDC

# With payment proof
node capture.js arbitrate --agreementId=agr_xxx --reason="non_delivery" \
  --evidence="..." --payment-proof="0x123..."

x402 Schema:

{
  "x402": {
    "arbitrationCost": "10",
    "arbitrationToken": "USDC",
    "arbitrationChain": 8453,
    "paymentAddress": "0x...",
    "paymentProtocol": "x402",
    "version": "1.0"
  }
}

---

Cloud Deployment (v0.7.0)

Run RECEIPTS Guard as a persistent cloud agent.

HTTP Server Mode

node capture.js serve [--port=3000]

Public Endpoints (no auth):

• GET / - Service info
• GET /health - Health check
• GET /identity - DID document
• GET /identity/chains - Chain status

Protected Endpoints (auth required):

• GET /list - List all records
• GET /proposals - List proposals
• GET /agreements - List agreements
• POST /propose - Create proposal
• POST /accept - Accept proposal (counterparty only)

---

HTTP API Security (v0.7.1)

The HTTP server implements multiple security layers:

Authentication

Option 1: API Key

# Generate a secure API key
export RECEIPTS_API_KEY=$(openssl rand -hex 32)

# Use in requests
curl -H "X-API-Key: $RECEIPTS_API_KEY" https://your-agent.fly.dev/list

Option 2: DID Request Signing

# Sign each request with your Ed25519 key
# Headers required:
# - X-DID: your DID (e.g., did:agent:namespace:name)
# - X-DID-Timestamp: Unix timestamp in milliseconds
# - X-DID-Signature: ed25519:BASE64URL_SIGNATURE:TIMESTAMP

# Signed message format: METHOD:PATH:TIMESTAMP
# Example: POST:/propose:1707494400000

CORS Configuration

By default, cross-origin requests are blocked for security.

# Allow specific origins
export RECEIPTS_ALLOWED_ORIGINS=https://app.example.com,https://dashboard.example.com

# Allow all origins (not recommended for production)
export RECEIPTS_ALLOWED_ORIGINS=*

Rate Limiting

Default: 100 requests per minute per IP.

# Customize rate limit
export RECEIPTS_RATE_LIMIT=200

Response headers:

• X-RateLimit-Limit - Max requests per window
• X-RateLimit-Remaining - Remaining requests
• X-RateLimit-Reset - Window reset timestamp

Input Validation

All POST endpoints validate:

• Payment addresses - Must be valid Ethereum address format (0x + 40 hex chars)
• Arbitration costs - Must be non-negative, max 1,000,000
• Deadlines - Must be valid ISO date in the future
• Payment tokens - Must be USDC, ETH, USDT, or DAI
• Payment chains - Must be configured chain (ethereum, base, sepolia)

Authorization

• /accept endpoint verifies the requester is the designated counterparty (when using DID signing)
• API key authentication trusts the server owner

Environment Variables

# Security
RECEIPTS_API_KEY=              # API key for authentication (generate with: openssl rand -hex 32)
RECEIPTS_ALLOWED_ORIGINS=      # Comma-separated CORS origins (default: none/blocked)
RECEIPTS_RATE_LIMIT=           # Requests per minute (default: 100)

# Existing
RECEIPTS_WALLET_PRIVATE_KEY=   # For on-chain transactions
RECEIPTS_AGENT_ID=             # Agent identifier
ETHEREUM_RPC=                  # Ethereum RPC endpoint
BASE_RPC=                      # Base RPC endpoint

---

Fly.io Sprites Deployment

# Deploy
fly launch
fly deploy

# Configure secrets
fly secrets set RECEIPTS_WALLET_PRIVATE_KEY=...
fly secrets set ETHEREUM_RPC=...

# Create persistent volume
fly volumes create receipts_data --size 1

Docker

docker build -t receipts-guard .
docker run -p 3000:3000 -v receipts-data:/data receipts-guard

---

migrate - Migrate to DID

node capture.js migrate --to-did

Upgrades existing agreements to use DID references (preserves legacy data).

---

---

Content truncated.