Anchored Receipt Engine

Recording in. Tamper-evident receipt out.

A standalone engine that turns an audio or video recording into a tamper-evident receipt bundle: structured transcript, structured Q&A and decisions, dual-witness anchoring, and an FRE 902(13)/(14)-styled PDF certification template (operator-fill) — bundle integrity verifiable by anyone holding the bundle bytes, with no runtime dependency on the issuer.

• Whisper STT
• Sonnet structured extraction
• Knox event-chain witness
• OpenTimestamps Bitcoin witness
• FRE 902 certification template
• Standalone verifier CLI

API surface

• GET / public This page.
• GET /up public Liveness probe — JSON { ok: true, service, version }.
• GET /v1/health bearer Service identity ping — same JSON shape as /up, behind auth.
• POST /v1/receipts bearer Multipart upload of a recording file (recording field). Returns a bundle with three artifacts (recording, transcript, extraction), each Knox + OpenTimestamps anchored. Optional ?includePdf=true attaches a base64 PDF.
• POST /v1/verify bearer JSON body { bundle }. Recomputes manifest hash + per-artifact hashes. Optional { bitcoinWalk: true } upgrades each .ots proof to a Bitcoin block header (1–6 hr after emit).
• POST /v1/coaching bearer JSON body { bundle }. Returns a Greenroom coaching bundle (filler counts, pacing, weak-phrase rewrites, cue cards) — itself Knox + OpenTimestamps anchored.

Try it

curl -X POST https://YOUR-HOST/v1/receipts \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -F "recording=@meeting.mp4"

The bundle JSON returned by /v1/receipts verifies independently — every artifact hash, every anchor, and every .ots proof can be re-derived from the bundle bytes alone. Hand it to any party and they can check it without contacting this server.

What this is not

This is infrastructure: an HTTP wrapper around a deterministic primitive. No persistence, no analytics, no telemetry — every request is stateless and the engine never sees user identity beyond the bearer token used to authenticate. Embedders are expected to front this service with their own identity layer (SSO / IAP / VPC ingress).