decision_receipt
Gets a signed cryptographic receipt proving the decision state. This receipt can be used for regulatory compliance or to prove decisions to external parties.
Overview
The decision_receipt method generates a cryptographically signed receipt that proves the state of a decision at a specific point in time. This receipt can be verified independently and is useful for compliance, auditing, and proving decisions to external parties.
Request
Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
decision_id | string | Yes | The decision ID to get a receipt for |
Example Request
{
"jsonrpc": "2.0",
"id": 1,
"method": "tools/call",
"params": {
"name": "decision_receipt",
"arguments": {
"decision_id": "TMEM_abc123..."
}
}
}
Response
Success Response
{
"jsonrpc": "2.0",
"id": 1,
"result": {
"content": [
{
"type": "text",
"text": "{\"decision_id\": \"TMEM_abc123...\", \"status\": \"committed\", \"signature\": \"sig_...\", \"signed_at\": \"2026-01-07T12:05:00Z\", \"receipt_data\": {...}}"
}
]
}
}
Response Fields
| Field | Type | Description |
|---|---|---|
decision_id | string | The decision envelope identifier |
status | string | The status of the decision at the time of signing |
signature | string | Cryptographic signature proving the receipt |
signed_at | string | ISO 8601 timestamp when the receipt was signed |
receipt_data | object | The data that was signed (decision metadata, status, etc.) |
Example Receipt Structure
{
"decision_id": "TMEM_abc123...",
"status": "committed",
"signature": "sig_abc123def456...",
"signed_at": "2026-01-07T12:05:00Z",
"receipt_data": {
"decision_id": "TMEM_abc123...",
"intent": "customer.order.create",
"status": "committed",
"created_at": "2026-01-07T12:00:00Z",
"closed_at": "2026-01-07T12:05:00Z",
"agent_id": "agent_xyz..."
}
}
Error Cases
Missing Decision ID
Error Code: -32600 (Invalid Request)
{
"jsonrpc": "2.0",
"id": 1,
"error": {
"code": -32600,
"message": "Invalid Request",
"data": "decision_id is required"
}
}
Decision Not Found
Error Code: -32603 (Internal error)
{
"jsonrpc": "2.0",
"id": 1,
"error": {
"code": -32603,
"message": "Internal error",
"data": "Decision not found"
}
}
Permission Denied (Self-Access Only)
HTTP Status: 403 Forbidden
{
"jsonrpc": "2.0",
"id": 1,
"error": {
"code": -32603,
"message": "Internal error",
"data": "Access denied: can only retrieve receipts for own decisions"
}
}
Note: You can only retrieve receipts for decisions created by your own agent.
Authentication Errors
HTTP Status: 401 Unauthorized
Occurs when:
- API key is missing
- API key is invalid
- API key has been revoked
Usage Examples
Generate Receipt for Compliance
import requests
import json
def get_decision_receipt(decision_id, api_key):
response = requests.post('https://mcp.tracemem.com',
headers={'Authorization': f'Agent {api_key}'},
json={
"jsonrpc": "2.0",
"id": 1,
"method": "tools/call",
"params": {
"name": "decision_receipt",
"arguments": {
"decision_id": decision_id
}
}
})
result = response.json()
receipt_data = json.loads(result["result"]["content"][0]["text"])
return receipt_data
# Get receipt after committing decision
receipt = get_decision_receipt("TMEM_abc123...", api_key)
# Store receipt for compliance records
with open(f"receipts/{receipt['decision_id']}.json", "w") as f:
json.dump(receipt, f, indent=2)
print(f"Receipt generated: {receipt['signature']}")
print(f"Signed at: {receipt['signed_at']}")
Verify Receipt (Example)
def verify_receipt(receipt):
"""Example of how receipt verification might work"""
# In a real implementation, you would:
# 1. Retrieve TraceMem's public key
# 2. Verify the signature against receipt_data
# 3. Check that receipt_data matches the decision state
print(f"Decision ID: {receipt['receipt_data']['decision_id']}")
print(f"Status: {receipt['receipt_data']['status']}")
print(f"Signature: {receipt['signature']}")
print(f"Signed at: {receipt['signed_at']}")
# Receipt can be verified independently using TraceMem's public key
return True
receipt = get_decision_receipt(decision_id, api_key)
if verify_receipt(receipt):
print("Receipt is valid")
Best Practices
-
Generate after commit: Get receipts after decisions are committed to ensure the receipt reflects the final state
-
Store securely: Save receipts in a secure location for compliance and audit purposes
-
Use for external proof: Share receipts with external parties (regulators, auditors, partners) to prove decision state
-
Regular verification: Periodically verify stored receipts to ensure they remain valid
-
Include in reports: Include receipts in compliance reports and audit documentation
Important Notes
- Self-access only: You can only retrieve receipts for decisions created by your own agent credentials
- Cryptographic proof: Receipts are cryptographically signed and can be independently verified
- Immutable: Once generated, receipts cannot be modified
- Status snapshot: The receipt reflects the decision status at the time it was generated
- Regulatory compliance: Receipts can be used to demonstrate compliance with regulations requiring proof of decisions
Use Cases
-
Regulatory Compliance: Generate receipts to prove decisions comply with regulations (GDPR, SOX, etc.)
-
Audit Trails: Include receipts in audit documentation to prove decision state
-
External Verification: Share receipts with external parties who need to verify decision outcomes
-
Legal Proof: Use receipts as evidence in legal proceedings or disputes
-
Compliance Reporting: Include receipts in compliance reports to demonstrate proper decision-making processes
Related Methods
decision_create- Create a decisiondecision_close- Close decision (commit or abort)decision_trace- Get complete decision trace