Mindburn Labs
Founding Cohort

領収書と検証

HELM 受信チェーンを検証し、EvidencePacks をエクスポートし、検証を CI に統合します。

RESPONSEGovernance headersreceipt idoutput hashLamport clockdecision idSTANDALONEProxy audit endpointsGET /helm/receiptsJSONL receipt logGET /helm/proofgraphKERNEL APISession endpointsGET /api/v1/proofgraph/sessionsGET .../{session_id}/receiptsGET .../receipts/{receipt_hash}EXPORTEvidencePackdeterministic tar bundlehash-linked receipt chainoffline verification inputVERIFYOffline checkshash integrityPrevHash chainingLamport monotonicitysignature verification
領収書と検証: このページの技術リファレンスです。

領収書と検証

TL;DR: Every HELM decision produces a cryptographic receipt. Receipts form a hash-linked chain you can verify offline with helm verify --bundle evidence.tar.

Receipt structure

Each receipt contains everything needed to independently verify a decision:

Field Value
receipt_hash SHA-256 of the canonical receipt
prev_hash Hash chain link to previous receipt
lamport_clock Causal ordering (monotonic)
principal Who initiated the tool call
tool_name What was invoked
args_hash SHA-256 of JCS-canonicalized input
output_hash SHA-256 of tool output
reason_code Why: ALLOW or DENY
timestamp ISO 8601
signature Ed25519

Verification checks

The verifier performs three checks on the receipt chain:

Check Rule Catches
Hash integrity receipt_hash == SHA-256(receipt) Modified receipts
PrevHash chaining prev_hash == previous.receipt_hash Deleted receipts
Clock monotonicity lamport_clock > previous.lamport_clock Reordered receipts

JCS canonicalization (RFC 8785) ensures deterministic serialization for consistent hashes.

Verify an EvidencePack

helm export --evidence ./data/evidence --out evidence.tar
helm verify --bundle evidence.tar

Expected: verification: PASS

The EvidencePack is a deterministic tar archive — sorted file paths, epoch mtime, root uid/gid. Same content always produces the same SHA-256.

Fetch receipts from the standalone proxy

When you run helm proxy, receipts are exposed as newline-delimited JSON:

curl http://localhost:9090/helm/receipts

The standalone proxy also exposes an in-memory ProofGraph summary:

curl http://localhost:9090/helm/proofgraph | jq .

Fetch receipts from the kernel API

For the full kernel/API surface, list sessions first:

curl http://localhost:8080/api/v1/proofgraph/sessions?limit=10 | jq .

Then fetch receipts for one session:

curl http://localhost:8080/api/v1/proofgraph/sessions/<session_id>/receipts | jq .

You can also fetch one receipt directly by hash:

curl http://localhost:8080/api/v1/proofgraph/receipts/<receipt_hash> | jq .

CI & release verification

For CI integration (GitHub Actions, GitLab CI), exit codes, and release verification, see Verify & Export.

Next steps

Goal Guide
Full verification guide Verify & Export
Proxy configuration Proxy API
Understand the pipeline How HELM Works
Run the full demo Run the Demo