Receipts
developerpaper modePaper receipts: deterministic fingerprints for every manifest, validation, score, and Wars entry.
What a paper receipt is
A receipt is a deterministic, content-addressed fingerprint of a Hiss artifact: what was generated, from what inputs, under which registry and oracle policy, with what validation result. Same manifest in, same receipt out — anyone can recompute it and catch a silent edit.
Receipt kinds
manifest— fingerprint of a coiled basket: name, slug, weights checksum, validation status.validation— the rule check itself: status plus everyerrorCodes/warningCodesentry.score— a HISS Score snapshot: total, per-component numbers, and ascoreChecksumover them. Always carries the warning that scores measure transparency and structure, never future returns.wars-entry— a Basket Wars entry: season, categories, and clearly-labeled simulated paper metrics.
Every field, explained
| Field | Type | Required | Description |
|---|---|---|---|
| receiptId | string | yes | hrcpt_ + first 20 hex chars of hash({kind, manifestHash, at}). Unique per artifact + timestamp. |
| kind | enum | yes | manifest | validation | score | wars-entry. |
| anchoring | "paper" | yes | Always paper. A receipt claiming anything else is invalid by definition. |
| manifestHash | sha256 hex | yes | Canonical-JSON hash of the manifest's identity content. Timestamps and performance excluded. |
| parentManifestHash | sha256 hex | no | The forked-from manifest's hash. Present only on forks; the lineage anchor. |
| generatedAt | ISO 8601 | yes | When the receipt was written. Injected, never sampled — builders are deterministic. |
| source | enum | yes | human | hiss-strategist | bankr-agent | mcp-agent | imported. |
| provider | enum | yes | mock | bankr | none — which brain produced the artifact. |
| mode | enum | yes | paper | onchain-registry | brokerage-mcp-plan. Paper today. |
| registryVersion | string | yes | Canonical asset registry version the artifact was checked against — currently robinhood-canonical-2026-07-06 (re-verified 27/27). |
| oraclePolicyVersion | string | yes | Oracle health rule set in force — currently oracle-policy-1.2.0 (staleness 90,000s, grace 3600s). |
| canonicalAssetCount | number | yes | Registry size at generation time (27 today) — a quick registry-drift tell. |
| valuation.displayMode | "token-value" | yes | How values are computed: feed price × raw token amount. The only valuation mode. |
| valuation.multiplierPolicy | "display-only" | yes | uiMultiplier() is used for share-equivalent display only — never in valuation. |
| valuation.feedPriceIncludesMultiplier | true | yes | Records the total-return rule: the feed price already includes the multiplier, so applying it again is the double-multiplier bug. |
| dataSources | string[] | yes | Named inputs: hiss-canonical-registry, hiss-mock-oracle, hiss-paper-simulation. |
| shareUrl | url | no | Public basket page this receipt belongs to, when a base URL was configured. |
| Field | Type | Required | Description |
|---|---|---|---|
| weightsChecksum | sha256 hex | no | manifest + validation: hash over ordered (lowercased address, weightBps) pairs. Any reweight changes it. |
| validationStatus | enum | no | manifest + validation: valid | valid-with-warnings | invalid. |
| errorCodes / warningCodes | string[] | no | validation: machine-readable rule codes (e.g. WEIGHTS_SUM, TICKER_ADDRESS_MISMATCH). |
| scoreTotal / components | number / record | no | score: the 0–100 total and each numeric component. |
| scoreChecksum | sha256 hex | no | score: hash of the numeric components — detects rescoring. |
| season / categories | string / string[] | no | wars-entry: which season and leagues the Hiss entered. |
| simulatedPnlPct / simulatedMaxDrawdownPct | number | no | wars-entry: simulated paper metrics, named so they can't be mistaken for real ones. |
{
"receiptId": "hrcpt_5f2a90c1de7b3a4410ef",
"kind": "manifest",
"anchoring": "paper",
"manifestHash": "9b1c…e441",
"parentManifestHash": "1a7f…03bc",
"generatedAt": "2026-07-06T12:00:00.000Z",
"source": "hiss-strategist",
"provider": "mock",
"mode": "paper",
"registryVersion": "robinhood-canonical-2026-07-06",
"oraclePolicyVersion": "oracle-policy-1.2.0",
"canonicalAssetCount": 27,
"valuation": {
"displayMode": "token-value",
"multiplierPolicy": "display-only",
"feedPriceIncludesMultiplier": true
},
"dataSources": ["hiss-canonical-registry", "hiss-mock-oracle", "hiss-paper-simulation"],
"shareUrl": "https://www.hiss.finance/app/baskets/ai-infrastructure-coil",
"basketSlug": "ai-infrastructure-coil",
"basketName": "AI Infrastructure Coil",
"weightsChecksum": "c4d2…88a0",
"validationStatus": "valid",
"warnings": []
}Canonical-JSON hashing
Hashes only work as fingerprints if everyone serializes identically. HISS canonicalizes before hashing: object keys recursively sorted, undefined values dropped, arrays kept in their given order, no whitespace — then SHA-256. Crucially, the manifest hash excludes createdAt, updatedAt, and performance, so the fingerprint identifies the thesis content, not the moment it was saved.
// Canonicalization: recursively sorted keys, undefined dropped,
// arrays kept in order, no whitespace. Then SHA-256.
canonicalJson({ b: 1, a: { d: 2, c: 3 } })
// → '{"a":{"c":3,"d":2},"b":1}'
// The manifest hash excludes createdAt, updatedAt, and performance —
// the SAME thesis content always yields the SAME hash:
const { createdAt, updatedAt, performance, ...content } = manifest;
manifestHash === sha256Hex(canonicalJson(content));Fork lineage semantics
Forks form a chain. Each manifest may set forkOf (the parent’s slug); each receipt on a fork records parentManifestHash. Provenance walks the chain root-first, is cycle-safe, and reports forkDepth (0 for an original). If a parent manifest is missing, the chain keeps the slug and simply omits its hash — lineage is preserved even when history is partial. Etiquette and expectations are in the agent kit.
Verify a receipt yourself
Don’t trust — recompute. Everything needed ships in @hiss/core:
import {
buildManifestReceipt,
manifestHashOf,
weightsChecksumOf,
} from "@hiss/core";
// 1. You hold a manifest and a receipt someone published.
// 2. Recompute the fingerprints from the manifest content alone:
const expectedManifestHash = manifestHashOf(manifest);
const expectedWeightsChecksum = weightsChecksumOf(manifest);
// 3. Compare. Any mismatch means the manifest changed after the
// receipt was written (or the receipt is for a different Hiss).
console.log(receipt.manifestHash === expectedManifestHash); // true
console.log(receipt.weightsChecksum === expectedWeightsChecksum); // true
// 4. Or rebuild the whole receipt at the recorded time and diff it:
const rebuilt = buildManifestReceipt(manifest, { nowIso: receipt.generatedAt });
console.log(rebuilt.receiptId === receipt.receiptId); // trueWhere receipts show up
- Provenance — the full picture: receipts + trace timeline + lineage.
- Agent kit — how agents read and cite receipt fields.
- Agent passports count
verifiedReceiptstoward reputation — see /app/agents.