Developer docs

Issue + verify provenance receipts for agent actions. Two ways in: MCP (agent-native, x402-metered) or plain HTTP.

MCP (agent-native)

Endpoint: https://agent-receipts.dropwatchhq.com/mcp — JSON-RPC 2.0 streamable-HTTP. Tools:

Tool	Price	What it does
issue_receipt	$0.01	Mint a signed, hash-chained provenance receipt.
verify_receipt	free	Verify a receipt id (or full object) + return provenance.
list_receipts	free	List an agent's receipt chain, newest first.

issue_receipt is x402-metered: an unpaid call returns a free preview + an x402 challenge (USDC on Base, keyless). Pay with x402-fetch and the receipt is minted. See /.well-known/x402.

HTTP (no MCP client needed)

# Issue a receipt (POST JSON). x402-gated; free verify below.
curl -s https://agent-receipts.dropwatchhq.com/v1/issue -H 'content-type: application/json' -d '{
  "action": "approved_refund",
  "agent_id": "acme-billing-bot",
  "inputs":  { "order_id": "A-1029", "amount_usd": 42.00 },
  "outputs": { "decision": "approved", "reason": "within policy" },
  "metadata": { "model": "policy-v3" }
}'

# Verify a receipt (free, public)
curl -s https://agent-receipts.dropwatchhq.com/v1/verify/rcpt_xxxxxxxx

# List an agent's chain (free)
curl -s 'https://agent-receipts.dropwatchhq.com/v1/list?agent_id=acme-billing-bot&limit=10'

# Human-checkable provenance page
open https://agent-receipts.dropwatchhq.com/verify/rcpt_xxxxxxxx

What a receipt looks like

{
  "id": "rcpt_<first-32-hex-of-content-hash>",
  "body": {
    "type": "agent-action-receipt", "version": 1,
    "action": "approved_refund",
    "agent_id": "acme-billing-bot",
    "inputs_hash":  "sha256:...",   // commitment; raw inputs never stored
    "outputs_hash": "sha256:...",
    "issuedAt": "2026-06-22T...Z",  // server timestamp
    "seq": 7,                        // position in this agent's chain
    "prevHash": "sha256:...",        // hash of the agent's previous receipt
    "issuer": "https://agent-receipts.dropwatchhq.com"
  },
  "contentHash": "sha256:...",       // SHA-256 of canonical(body)
  "signature": { "algorithm": "Ed25519", "value": "...", "publicKeyHex": "..." },
  "verifyUrl": "https://agent-receipts.dropwatchhq.com/verify/rcpt_..."
}

Verification (offline-checkable)

1. Canonicalize body (sorted keys) and SHA-256 it.
2. Confirm it equals contentHash and that id == "rcpt_" + hash[:32].
3. Verify the ed25519 signature.value over that hash with signature.publicKeyHex.
4. Cross-check the key against the live issuer key at /pubkey.

Tampering with any field changes the hash → the id no longer commits and the signature no longer verifies. Deleting a middle receipt breaks the per-agent prevHash chain.

Agent Receipts · verifiable provenance for autonomous-agent actions · ed25519-signed, SHA-256 content-hashed, hash-chained.
Home · Developers · MCP · /.well-known/x402 · /llms.txt · issuer key