Helix StudioGenome IDE
← Docs
Helix CLI docs
Browse Helix CLI docs

RFC 0005 — Approval receipt v1

Purpose

Immutable record of approval with separation of duties.

Fields (approval_receipt_v1)

schema: "helix.receipt.approval.v1"
canonicalization_id: "json.c14n.v1"

approval_id: string
workspace_id: string
project_id: string
run_id: string

bundle_core_digest: "sha256:…"
policy_digest: "sha256:…"
approval_surface_digest: "sha256:…"

decision_grade: true
approved_at_utc: RFC3339

approver:
  subject: string
  email: string
  display_name: string
  role: string

attestation:
  statement: string

signature:
  alg: "ed25519"
  key_id: string
  sig_b64: string

Signing models

  • Model A (v0): Hub signs after verifying reviewer identity via IdP (simplest).
  • Model B (future): reviewers sign locally with their keys (stronger, more complex).

Implement Model A first; keep Model B as a forward‑compatible extension.

Reference schema

  • schemas/hub/approval_receipt_v1.schema.json
  • src/helix/schema/hub/approval_receipt_v1.schema.json