Merge pull request #256 from commandlayer/codex/build-protocol-level-reference-pages

Rebuild runtime-core and canonical-receipts protocol reference pages

Author: GsCommand

public/canonical-receipts.html

@@ -1 +1,53 @@
-<!doctype html><html lang="en"><head><meta charset="utf-8" /><meta name="viewport" content="width=device-width,initial-scale=1" /><title>Canonical Receipts | CommandLayer</title><link rel="icon" href="/icon2.png" /><link rel="stylesheet" href="/css/site.css" /><style>.brand img{height:68px}.brand span{display:none}.nav-links{display:flex;gap:2px;list-style:none}.nav-links a{color:var(--muted);padding:7px 12px;border-radius:8px;text-decoration:none}.nav-drop{position:relative}.nav-drop-menu{display:none;position:absolute;left:0;top:100%;background:#fff;border:1px solid var(--border);border-radius:12px;padding:8px;min-width:260px}.nav-drop:hover .nav-drop-menu{display:grid}.doc-shell{padding:64px 0}.doc-card{background:#fff;border:1px solid var(--border);border-radius:18px;padding:24px;margin-bottom:18px}footer{border-top:1px solid var(--border);background:#fff}.footer-grid{display:grid;grid-template-columns:repeat(3,minmax(0,1fr));gap:24px;padding:36px 0}.footer-grid a{display:block;margin:8px 0}</style></head><body><nav><div class="container nav-inner"><a href="/" class="brand"><img src="/commandlayer-logo.png" alt="CommandLayer" /><span>CommandLayer</span></a><ul class="nav-links"><li><a href="/">Home</a></li><li><a href="/protocol.html">Protocol</a></li><li><a href="/capabilities.html">Capabilities</a></li><li><a href="/verify.html">Verifier</a></li><li><a href="/sdk-records.html">SDK</a></li><li class="nav-drop"><a href="/docs.html" class="active">Docs ▾</a><div class="nav-drop-menu"><a href="/docs.html">Docs Home</a><a href="/docs/wrap-your-agent.html">Wrap Your Agent</a><a href="/stack-proof-demo.html">Production Proof</a><a href="/runtime.html">Runtime</a><a href="/mcp.html">MCP Bridge</a><a href="/schemas.html">Schemas</a><a href="/api.html">API Reference</a><a href="/trust-verification.html">Trust Verification</a><a href="/claim.html">Claim / Namespace Activation</a></div></li><li><a href="/claim.html">Claim</a></li><li><a href="https://github.com/commandlayer" target="_blank" rel="noopener">GitHub</a></li></ul></div></nav><section class="hero"><div class="container"><div class="hero-badge"><span class="badge-dot"></span>Canonical Receipts</div><h1 class="hero-h1">Canonical receipts anchor trust verification.</h1></div></section><main class="container doc-shell"><section class="doc-card"><h2>Receipt model</h2><p>A CommandLayer receipt is a structured action result with a canonical <code>metadata.proof</code> envelope for deterministic verification.</p><ul><li>canonicalization: <code>json.sorted_keys.v1</code></li><li>hash algorithm: <code>SHA-256</code></li><li>signature algorithm: <code>Ed25519</code></li><li>signature key id: <code>vC4WbcNoq2znSCiQ</code></li><li>signer id: <code>runtime.commandlayer.eth</code></li></ul></section><section class="doc-card"><h2>Verification semantics</h2><p>Tampering invalidates proof because both hash and signature checks fail.</p><p>Schema-valid alone is not verified.</p></section></main><footer><div class="container footer-grid"><div><h4>Product</h4><a href="/protocol.html">Protocol</a><a href="/capabilities.html">Capabilities</a><a href="/verify.html">Verifier</a><a href="/runtime.html">Runtime</a><a href="/mcp.html">MCP</a><a href="/claim.html">Claim</a></div><div><h4>Developers</h4><a href="/docs.html">Docs</a><a href="/sdk-records.html">SDK</a><a href="/schemas.html">Schemas</a><a href="/api.html">API</a><a href="https://github.com/commandlayer" target="_blank" rel="noopener">GitHub</a></div><div><h4>Proof</h4><a href="/stack-proof-demo.html">Production Proof</a><a href="/verifyagent.html">VerifyAgent</a><a href="/trust-verification.html">Trust Verification</a><a href="/canonical-receipts.html">Canonical Receipts</a></div></div></footer></body></html>
+<!doctype html>
+<html lang="en">
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width,initial-scale=1" />
+  <title>Canonical Receipts | CommandLayer</title>
+  <meta name="description" content="Protocol reference for canonical CommandLayer receipts, metadata.proof fields, and verification lifecycle." />
+  <link rel="icon" href="/icon2.png" />
+  <link rel="preconnect" href="https://fonts.googleapis.com" />
+  <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />
+  <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800&display=swap" rel="stylesheet" />
+  <link rel="stylesheet" href="/css/site.css" />
+  <style>.brand{gap:0}.brand img{height:68px;width:auto;object-fit:contain}.brand span{display:none}.nav-links{display:flex;align-items:center;gap:2px;list-style:none;flex-wrap:wrap;margin:0;padding:0}.nav-links a{color:var(--muted);text-decoration:none;font-size:14px;font-weight:500;padding:7px 12px;border-radius:8px;background:none;border:none;font-family:inherit}.nav-links a:hover,.nav-drop:hover>a,.nav-drop:focus-within>a,.nav-drop>a.active{color:var(--text);background:var(--surface)}.nav-drop{position:relative}.nav-drop>a{display:inline-flex;align-items:center;gap:4px}.nav-drop-menu{position:absolute;top:calc(100% - 1px);left:0;background:#fff;border:1px solid var(--border);border-radius:12px;box-shadow:0 10px 34px rgba(15,23,42,.12);padding:8px;display:none;min-width:260px;z-index:200}.nav-drop-menu::before{content:"";position:absolute;left:0;right:0;top:-8px;height:8px}.nav-drop-menu a{display:block;white-space:nowrap}.nav-drop:hover .nav-drop-menu,.nav-drop:focus-within .nav-drop-menu{display:grid}.doc-shell{padding:64px 0 88px}.doc-card{background:#fff;border:1px solid var(--border);border-radius:18px;padding:24px;box-shadow:0 1px 2px rgba(15,23,42,.04),0 6px 20px rgba(99,91,255,.04);margin-bottom:18px}.doc-card h2{font-size:1.25rem;margin-bottom:12px;letter-spacing:-.02em}.doc-card p,.doc-card li{color:var(--text-2);line-height:1.7}.grid-3{display:grid;grid-template-columns:repeat(3,minmax(0,1fr));gap:14px}.grid-2{display:grid;grid-template-columns:repeat(2,minmax(0,1fr));gap:14px}.mini-card{background:#F8FAFC;border:1px solid var(--border);border-radius:14px;padding:14px}.mini-card h3{font-size:15px;margin:0 0 6px}.code-panel{background:#0E1322;color:#E2E8F0;border-radius:14px;border:1px solid rgba(30,41,59,.3);padding:18px;overflow:auto;font:13px/1.7 ui-monospace,SFMono-Regular,Menlo,Consolas,monospace}.flow-strip{background:#F8FAFC;border:1px solid var(--border);border-radius:14px;padding:14px;font-weight:600;line-height:1.8}.warning{border:1px solid #FECACA;background:#FEF2F2;border-radius:14px;padding:14px}footer{border-top:1px solid var(--border);background:#fff}.footer-grid{display:grid;grid-template-columns:repeat(3,minmax(0,1fr));gap:24px;padding:36px 0}.footer-grid h4{font-size:14px;margin-bottom:10px}.footer-grid a{display:block;color:var(--text-2);margin:8px 0;font-size:14px}@media(max-width:900px){.footer-grid{grid-template-columns:1fr}.doc-shell{padding:42px 0 64px}.nav-drop{width:100%}.nav-drop-menu{position:static;display:grid;margin-top:2px;min-width:0;box-shadow:none}.grid-2,.grid-3{grid-template-columns:1fr}}</style>
+</head>
+<body>
+<nav><div class="container nav-inner"><a href="/" class="brand"><img src="/commandlayer-logo.png" alt="CommandLayer" /><span>CommandLayer</span></a><ul class="nav-links"><li><a href="/">Home</a></li><li><a href="/protocol.html">Protocol</a></li><li><a href="/capabilities.html">Capabilities</a></li><li><a href="/verify.html">Verifier</a></li><li><a href="/sdk-records.html">SDK</a></li><li class="nav-drop"><a href="/docs.html" class="active" aria-haspopup="true">Docs ▾</a><div class="nav-drop-menu"><a href="/docs.html">Docs Home</a><a href="/docs/wrap-your-agent.html">Wrap Your Agent</a><a href="/stack-proof-demo.html">Production Proof</a><a href="/runtime.html">Runtime</a><a href="/mcp.html">MCP Bridge</a><a href="/schemas.html">Schemas</a><a href="/api.html">API Reference</a><a href="/trust-verification.html">Trust Verification</a><a href="/claim.html">Claim / Namespace Activation</a></div></li><li><a href="/claim.html">Claim</a></li><li><a href="https://github.com/commandlayer" target="_blank" rel="noopener">GitHub</a></li></ul></div></nav>
+<section class="hero"><div class="container"><div class="hero-badge"><span class="badge-dot"></span>Canonical Receipts</div><h1 class="hero-h1">The proof envelope for verifiable agent actions.</h1><p class="hero-sub">A CommandLayer receipt records what an action returned and attaches metadata.proof so the result can be independently verified.</p></div></section>
+<main class="container doc-shell">
+<section class="doc-card"><h2>What a receipt proves</h2><div class="grid-3"><div class="mini-card">Which verb ran.</div><div class="mini-card">Which class/family it belongs to.</div><div class="mini-card">What payload/result was returned.</div><div class="mini-card">Which signer produced the proof.</div><div class="mini-card">Which canonicalization/hash/signature algorithms were used.</div><div class="mini-card">Whether tampering breaks verification.</div></div></section>
+<section class="doc-card"><h2>Receipt shape</h2><pre class="code-panel"><code>{
+  "verb": "sign",
+  "class": "trust-verification",
+  "result": {
+    "payload": {
+      "message": "hello from CommandLayer"
+    }
+  },
+  "metadata": {
+    "proof": {
+      "canonicalization": "json.sorted_keys.v1",
+      "hash": {
+        "alg": "SHA-256",
+        "value": "..."
+      },
+      "signature": {
+        "alg": "Ed25519",
+        "kid": "vC4WbcNoq2znSCiQ",
+        "value": "..."
+      },
+      "signer_id": "runtime.commandlayer.eth"
+    }
+  }
+}</code></pre></section>
+<section class="doc-card"><h2>Required proof fields</h2><ul><li><code>metadata.proof.canonicalization</code></li><li><code>metadata.proof.hash.alg</code></li><li><code>metadata.proof.hash.value</code></li><li><code>metadata.proof.signature.alg</code></li><li><code>metadata.proof.signature.kid</code></li><li><code>metadata.proof.signature.value</code></li><li><code>metadata.proof.signer_id</code></li></ul></section>
+<section class="doc-card"><h2>Verification lifecycle</h2><div class="flow-strip">receipt received → structure checked → canonical payload rebuilt → SHA-256 hash recomputed → hash compared → Ed25519 signature verified → signer identity/kid checked → VALID or INVALID</div></section>
+<section class="doc-card"><h2>Valid vs tampered</h2><div class="grid-2"><div class="mini-card"><h3>Valid receipt</h3><p><code>verifier_status = VALID</code><br/><code>hash_matches = true</code><br/><code>signature_valid = true</code></p><p>Valid receipt accepted.</p></div><div class="mini-card"><h3>Tampered receipt</h3><p><code>verifier_status = INVALID</code><br/><code>hash_matches = false</code><br/><code>signature_valid = false</code></p><p>Tampered receipt rejected.</p></div></div></section>
+<section class="doc-card"><h2>Schema validation vs proof verification</h2><div class="warning"><strong>Schema validation checks shape. Proof verification checks truth.</strong><br/>A schema-valid receipt can still be invalid if the hash or signature fails.</div></section>
+<section class="doc-card"><h2>Where receipts are used</h2><div class="grid-3"><a class="mini-card" href="/verify.html">Manual verifier</a><a class="mini-card" href="/stack-proof-demo.html">Production proof</a><a class="mini-card" href="/webhook-auto-verify.html">Webhook auto-verify</a><a class="mini-card" href="/runtime.html">Runtime API</a><a class="mini-card" href="/mcp.html">MCP bridge</a><a class="mini-card" href="/sdk-records.html">SDK</a></div></section>
+<section class="doc-card"><h2>Trust boundaries</h2><ul><li>Runtime signs.</li><li>Verifier validates.</li><li>MCP bridges.</li><li>SDK wraps.</li><li>Schemas describe.</li><li>Private keys never go through MCP or public verifier endpoints.</li></ul><p>Production runtime endpoint: <code>https://runtime.commandlayer.org</code>.</p></section>
+<section class="doc-card"><h2>Take the next step</h2><div class="grid-2"><a class="mini-card" href="/verify.html">Open Verifier</a><a class="mini-card" href="/stack-proof-demo.html">View Production Proof</a><a class="mini-card" href="/webhook-auto-verify.html">Run Auto-Verify Demo</a><a class="mini-card" href="/runtime-core.html">Read runtime-core</a></div></section>
+</main>
+<footer><div class="container footer-grid"><div><h4>Product</h4><a href="/protocol.html">Protocol</a><a href="/capabilities.html">Capabilities</a><a href="/verify.html">Verifier</a><a href="/runtime.html">Runtime</a><a href="/mcp.html">MCP</a><a href="/claim.html">Claim</a></div><div><h4>Developers</h4><a href="/docs.html">Docs</a><a href="/sdk-records.html">SDK</a><a href="/schemas.html">Schemas</a><a href="/api.html">API</a><a href="https://github.com/commandlayer" target="_blank" rel="noopener">GitHub</a></div><div><h4>Proof</h4><a href="/stack-proof-demo.html">Production Proof</a><a href="/verifyagent.html">VerifyAgent</a><a href="/trust-verification.html">Trust Verification</a><a href="/canonical-receipts.html">Canonical Receipts</a></div></div></footer>
+</body></html>