A structured evidence profile for AI agents, human review, vendor proof, incident evidence, public trust, and board-regulator packs.
The enterprise profile extends VRX-1 from public receipt language into enterprise control evidence.
Human, AI agent, vendor, institution, or system.
Policy, contract, law, role, delegation, ticket, or consent basis.
Required, pending, approved, rejected, escalated, reversed, or not required.
Risk level, risk domains, control mapping, and unresolved gaps.
Source systems, file hashes, retention period, redaction level, and legal hold context.
Manual, verification link, enterprise API, audit room, or public portal.
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://joinplena.com/vrx1-enterprise-evidence-profile.schema.json",
"title": "VRX-1 Enterprise Evidence Profile",
"type": "object",
"required": [
"protocol",
"profile",
"receipt_id",
"issuer",
"receipt_type",
"created_at",
"subject",
"summary",
"status",
"privacy_level",
"verification_url",
"actor",
"authority_basis",
"human_review",
"risk",
"evidence"
],
"properties": {
"protocol": {
"const": "VRX-1"
},
"profile": {
"const": "enterprise-evidence"
},
"receipt_id": {
"type": "string",
"minLength": 8
},
"issuer": {
"type": "object",
"required": [
"name",
"organization_id"
],
"properties": {
"name": {
"type": "string"
},
"organization_id": {
"type": "string"
},
"issuer_role": {
"type": "string"
}
}
},
"issuing_product": {
"type": "string"
},
"receipt_type": {
"enum": [
"ai_agent_action",
"human_review",
"refusal",
"vendor_proof",
"incident_evidence",
"board_regulator_pack",
"public_trust_disclosure",
"control_evidence"
]
},
"created_at": {
"type": "string",
"format": "date-time"
},
"subject": {
"type": "string"
},
"summary": {
"type": "string"
},
"status": {
"enum": [
"active",
"superseded",
"revoked",
"expired",
"draft"
]
},
"privacy_level": {
"enum": [
"private",
"shareable",
"public",
"privileged",
"restricted"
]
},
"sharing_mode": {
"enum": [
"manual",
"verification_link",
"enterprise_api",
"audit_room",
"public_portal"
]
},
"jurisdiction": {
"type": "string"
},
"actor": {
"type": "object",
"required": [
"actor_type",
"actor_name"
],
"properties": {
"actor_type": {
"enum": [
"human",
"ai_agent",
"vendor",
"institution",
"system"
]
},
"actor_name": {
"type": "string"
},
"actor_id": {
"type": "string"
},
"system_owner": {
"type": "string"
}
}
},
"authority_basis": {
"type": "object",
"required": [
"basis_type",
"basis_reference"
],
"properties": {
"basis_type": {
"enum": [
"policy",
"contract",
"law",
"delegation",
"role",
"ticket",
"board_resolution",
"customer_consent"
]
},
"basis_reference": {
"type": "string"
},
"scope_limit": {
"type": "string"
}
}
},
"human_review": {
"type": "object",
"required": [
"required",
"status"
],
"properties": {
"required": {
"type": "boolean"
},
"status": {
"enum": [
"not_required",
"pending",
"approved",
"rejected",
"escalated",
"reversed"
]
},
"reviewer_id": {
"type": "string"
},
"reviewed_at": {
"type": "string"
},
"notes_hash": {
"type": "string"
}
}
},
"risk": {
"type": "object",
"required": [
"risk_level"
],
"properties": {
"risk_level": {
"enum": [
"low",
"medium",
"high",
"critical"
]
},
"risk_domains": {
"type": "array",
"items": {
"type": "string"
}
},
"control_mapping": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"evidence": {
"type": "object",
"properties": {
"evidence_hashes": {
"type": "array",
"items": {
"type": "object",
"required": [
"label",
"hash_alg",
"hash"
],
"properties": {
"label": {
"type": "string"
},
"hash_alg": {
"enum": [
"SHA-256",
"SHA-512"
]
},
"hash": {
"type": "string"
}
}
}
},
"source_systems": {
"type": "array",
"items": {
"type": "string"
}
},
"retention_period": {
"type": "string"
},
"redaction_level": {
"enum": [
"none",
"public_safe",
"private",
"privileged",
"restricted"
]
}
}
},
"verification_url": {
"type": "string"
},
"related_receipts": {
"type": "array",
"items": {
"type": "string"
}
},
"appeal_or_correction_path": {
"type": "string"
}
}
}