What is a Receipt?
A TrigGuard receipt is an issuer-signed JSON document containing the authorization decision. The signed payload is canonicalized (sorted keys, deterministic bytes) and signed with Ed25519. Receipts are self-contained and immutable, verify them offline without contacting TrigGuard.
{
"receipt_id": "tg_rcpt_a0b1c2d3e4f50607",
"decision": "PERMIT",
"execution_surface": "deploy.release",
"action": "promote-to-production",
"timestamp": "2026-03-13T14:22:00.000Z",
"expires_at": "2026-03-13T14:32:00.000Z",
"context_hash": "sha256:abc123...",
"payload_hash": "sha256:9f86d0...hex",
"key_id": "tgk_example_key_id",
"signature": "rsa-sha256:jK8sPq2R..."
}Receipt Properties
Verification
Verify receipts using public keys published at /.well-known/trigguard-keys.json. Cache keys locally for air-gapped verification.
# Offline verify with the TrigGuard CLI (canonical)
trigguard verify-receipt ./receipt.json --public-key-file ./authority.pub.pem
# Or open the browser inspector (same crypto, no receipt POST)
open https://www.trigguardai.com/verify
# Fetch published keys (cacheable)
curl -s https://trigguardai.com/.well-known/trigguard-keys.jsonCompliance Use Cases
Change Management
Prove who authorized changes to production systems and when.
Access Control
Document authorization for secrets access and sensitive operations.
Incident Response
Reconstruct timeline of authorized actions during incidents.
Audit Trail
Export receipts for SOC 2, ISO 27001, FedRAMP, or internal audits.
Storage Best Practices
Store receipts as immutable artifacts alongside your deployment records.
Recommended Storage
S3 with object lock, GCS with retention policy, or append-only logging systems. Keep receipts for as long as you keep deployment records, typically 7+ years for compliance.
Try Receipt Verification
Paste a receipt and verify it in your browser. No data sent to TrigGuard.