{ "$schema": "http://json-schema.org/draft-07/schema#", "$id": "https://plenaverify.com/vrx1-private-draft-receipt.schema.json", "title": "PLENA VRX-1 Private Draft Receipt v1", "description": "Additive VRX-1 receipt type for the Private AI Use position (Task 17). Privacy-safe authorship proof: proof that a user's draft existed at a specific timestamp, with non-content metadata about authorship process, WITHOUT ever exposing the draft content to PLENA or any third party. The user's drafting tool computes a content hash on the user's device at intervals the user controls; the hash plus metadata is signed and stored, while the content stays on the user's device. PLENA can later confirm that 'a draft matching this hash existed at this timestamp, with these revision characteristics' without ever having access to the draft itself. This receipt backs the False Accusation Defense Packet without violating PLENA's own privacy principles. The receipt does NOT contain: the draft content, the prompts given to any AI tool, the AI tool outputs, or any text from the document at any version. Process indicators support review but do not by themselves prove or disprove AI use. Self-attested, tamper-evident via SHA-256 over canonical JSON. Voice on the verify page: 'A draft matching this signature existed at [timestamp], with [N] prior revisions across [M] hours of active editing. The content of the draft is not disclosed in this receipt; only proof that it existed and how it evolved over time. Process indicators support review but do not by themselves prove or disprove AI use.'", "type": "object", "additionalProperties": false, "required": [ "vrx1_version", "schema_version", "receipt_id", "receipt_type", "created_at", "content_hash", "draft_timestamp", "revision_sequence", "authorship_metadata", "privacy_level", "verification_url", "integrity_note", "hash" ], "$comment": "Privacy-safe architecture (NON-NEGOTIABLE): MUST NOT contain draft content, prompts, AI outputs, or any document text at any version. Only the content hash, timestamps, counts, and non-content process metadata are permitted. additionalProperties is false at every level to prevent content leakage.", "properties": { "vrx1_version": { "type": "string", "const": "1.0-d19-private-ai-use-private-draft-receipt-reference", "description": "VRX-1 reference-implementation version string." }, "schema_version": { "type": "string", "const": "vrx1.private-draft-receipt.v1", "description": "Stable schema identifier." }, "receipt_id": { "type": "string", "pattern": "^PLENA-PDR-[0-9]{8}-[A-F0-9]{4}$", "description": "Unique id. Format: PLENA-PDR--<4 uppercase hex>." }, "receipt_type": { "type": "string", "const": "PRIVATE_DRAFT_RECEIPT", "description": "Receipt type discriminator." }, "created_at": { "type": "string", "format": "date-time", "description": "ISO-8601 date-time from the device that built the receipt." }, "issuer": { "type": "string", "description": "Optional. Signature-ready issuer identifier when signed via the Issuer Portal." }, "source_product": { "type": "string", "description": "Optional. Product/surface that generated the receipt." }, "signed_at": { "type": "string", "format": "date-time", "description": "Optional. Time of issuer signature, if signed." }, "content_hash": { "type": "string", "pattern": "^sha256:[0-9a-f]{64}$", "description": "SHA-256 of the draft at the signing moment, computed on the user's device. The hash, never the content." }, "draft_timestamp": { "type": "string", "format": "date-time", "description": "When this snapshot was taken." }, "revision_sequence": { "type": "integer", "minimum": 1, "description": "Which snapshot in the series this is (e.g., 7 means the 7th snapshot)." }, "authorship_metadata": { "type": "object", "additionalProperties": false, "required": ["revision_count"], "properties": { "total_active_time_seconds": { "type": "integer", "minimum": 0, "description": "Cumulative time the user was actively editing. A duration, not content." }, "revision_count": { "type": "integer", "minimum": 1, "description": "How many distinct snapshots exist in this draft chain." }, "cadence_signature": { "type": "string", "description": "Process-continuity indicator string (e.g., a coarse description of revision spacing / editing rhythm). Supports review; does not by itself prove or disprove AI use. Must not encode document content." }, "tool_environment_attestation": { "type": "string", "description": "Browser, editor, or application that generated the snapshot." } }, "description": "Non-content process indicators that may support a human-process explanation. None of these reveal document text." }, "prior_snapshot_hash": { "type": "string", "pattern": "^sha256:[0-9a-f]{64}$", "description": "Optional. Hash of the previous snapshot, creating a tamper-evident chronological chain. A hash, never content." }, "human_responsibility_link": { "type": "string", "pattern": "^PLENA-HUR-[0-9]{8}-[A-F0-9]{4}$", "description": "Optional. receipt_id of a related Human Responsibility Receipt for this work." }, "privacy_level": { "type": "string", "enum": ["restricted", "private", "public"], "description": "Privacy classification of the receipt." }, "verification_url": { "type": "string", "minLength": 1, "description": "URL where the receipt can be opened in the Public Verify panel." }, "integrity_note": { "type": "string", "minLength": 1, "description": "Plain-language truth boundary. Should state that the draft content is not disclosed and that process indicators do not by themselves prove or disprove AI use." }, "hash": { "type": "string", "pattern": "^sha256:[0-9a-f]{64}$", "description": "SHA-256 hex digest over canonical JSON without the 'hash' field." } } }