{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "$id": "https://plenaverify.com/vrx1-human-responsibility-receipt.schema.json",
  "title": "PLENA VRX-1 Human Responsibility Receipt v1",
  "description": "Additive VRX-1 receipt type for the Private AI Use position (Task 17). The signer attests to taking responsibility for a finished work, WITHOUT disclosing the private process behind it. This is the central instrument of 'Private AI use. Public human responsibility.' The receipt signs proof structure only; it does not contain drafts, prompts, AI tool outputs, or any document text. Self-attested by its creator and tamper-evident via SHA-256 over canonical JSON; not signed by an issuer key by default, not externally anchored, and not certified by PLENA or any third party. Acceptance is decided by the receiving party. Voice on the verify page: 'The signer takes responsibility for this work. Private process records exist with the signer and are not disclosed in this receipt by default.'",
  "type": "object",
  "additionalProperties": false,
  "required": [
    "vrx1_version",
    "schema_version",
    "receipt_id",
    "receipt_type",
    "created_at",
    "work_identifier",
    "responsibility_statement",
    "signed_by",
    "disclosure_scope",
    "privacy_level",
    "verification_url",
    "integrity_note",
    "hash"
  ],
  "$comment": "Privacy-safe architecture: this receipt MUST NOT contain raw drafts, prompts, AI outputs, notes, or any document content. additionalProperties is false to prevent content fields from being added.",
  "properties": {
    "vrx1_version": { "type": "string", "const": "1.0-d19-private-ai-use-human-responsibility-receipt-reference", "description": "VRX-1 reference-implementation version string." },
    "schema_version": { "type": "string", "const": "vrx1.human-responsibility-receipt.v1", "description": "Stable schema identifier." },
    "receipt_id": { "type": "string", "pattern": "^PLENA-HUR-[0-9]{8}-[A-F0-9]{4}$", "description": "Unique id. Format: PLENA-HUR-<YYYYMMDD>-<4 uppercase hex>." },
    "receipt_type": { "type": "string", "const": "HUMAN_RESPONSIBILITY_RECEIPT", "description": "Receipt type discriminator." },
    "created_at": { "type": "string", "format": "date-time", "description": "ISO-8601 date-time from the device that built the receipt." },
    "issuer": { "type": "string", "description": "Optional. Signature-ready issuer identifier when the receipt is signed via the Issuer Portal. Omitted for self-attested receipts." },
    "source_product": { "type": "string", "description": "Optional. Product/surface that generated the receipt." },
    "signed_at": { "type": "string", "format": "date-time", "description": "Optional. Time of issuer signature, if signed." },
    "work_identifier": { "type": "string", "minLength": 1, "description": "What work is being attested: manuscript title, assignment ID, document hash, or project name. A title or hash, never the work's content." },
    "responsibility_statement": {
      "type": "string",
      "enum": [
        "I take responsibility for this final work. Any tools used were used as private assistance. The submitted work reflects my review, judgment, and final approval.",
        "I reviewed and approved this work. Drafting, editorial, or research tools do not replace my responsibility for the final text.",
        "I used allowed learning or drafting support consistent with applicable policy, reviewed the work myself, and take responsibility for the final submission."
      ],
      "description": "The user's attestation language, selected from preset options. The third option suits student contexts where AI use is permitted within stated limits."
    },
    "signed_by": {
      "type": "object",
      "additionalProperties": false,
      "required": ["name_or_role", "identity_tier"],
      "properties": {
        "name_or_role": { "type": "string", "minLength": 1, "description": "Signer identity or role label. No private content." },
        "identity_tier": { "type": "string", "enum": ["self_asserted", "verifiable_credential", "full_kyc"], "description": "Identity assurance tier per Phase 3 (Self-Asserted / Verifiable Credential / Full KYC)." }
      },
      "description": "Who is taking responsibility, at the user's chosen identity tier."
    },
    "disclosure_scope": {
      "type": "string",
      "enum": ["minimal_responsibility_only", "responsibility_plus_tools_named", "responsibility_plus_process_summary", "full_process_on_legitimate_request"],
      "description": "What the signer is willing to disclose to a requesting party. The proof itself never requires content disclosure; this records the signer's stated willingness."
    },
    "policy_acknowledgment": { "type": "string", "description": "Optional. Policy the signer is operating under (e.g., journal AI policy, university honor code, employer AI-use guidelines). A reference, not the policy text or any private content." },
    "privacy_level": { "type": "string", "enum": ["restricted", "private", "public"], "description": "Privacy classification of the receipt." },
    "verification_url": { "type": "string", "minLength": 1, "description": "URL where the receipt can be opened in the Public Verify panel." },
    "integrity_note": { "type": "string", "minLength": 1, "description": "Plain-language truth boundary. Should state that private process records are not disclosed by this receipt." },
    "hash": { "type": "string", "pattern": "^sha256:[0-9a-f]{64}$", "description": "SHA-256 hex digest over canonical JSON without the 'hash' field." }
  }
}