When one agent pays another for computation, there's no proof of what happened. VCR is a cryptographic receipt that records what model ran, what went in, what came out, and who signed it. Receipts are appended to transparency logs that anyone can audit. Three independent servers cross-verify each other. Double-spending is impossible.
Same architecture as Certificate Transparency (RFC 6962). No blockchain. No token. No consensus.
Submit a receipt to the live network. This generates an Ed25519 keypair, creates a receipt, submits it, and returns a Merkle inclusion proof.
pip install requests cryptography
python3 -c "$(curl -fsSL https://raw.githubusercontent.com/Henry-Shelton/tesseravcr/main/tessera-network/join_network.py)"View source — 120 lines.
# Server health
curl https://log1.tesseravcr.org/v1/health
# Latest signed checkpoint (Merkle root)
curl https://log1.tesseravcr.org/v1/checkpoint
# Get a receipt
curl https://log1.tesseravcr.org/v1/entry/28
# Get its inclusion proof
curl https://log1.tesseravcr.org/v1/proof/28docker pull ghcr.io/henry-shelton/tessera-log-server:latest
docker run -d -p 7800:7800 -v tessera-data:/data \
ghcr.io/henry-shelton/tessera-log-server:latestYour node witnesses peers automatically. Full deployment guide.
Receipts. A receipt is 21 fields — model ID, input hash, output hash, proof, provider signature, timestamp, provenance links. All fields are canonically serialized (deterministic binary encoding). The receipt ID is SHA-256 of those bytes. Change any field and the ID breaks.
Transparency logs. Transfers are appended to Merkle trees maintained by independent servers. Leaf hashing uses a 0x00 domain prefix; internal nodes use 0x01. Any entry can be proven to exist with an inclusion proof — a path of sibling hashes that reconstructs the root. Removing an entry changes the root, which breaks every witness signature.
Cross-verification. Three log servers (Nuremberg, Helsinki, Helsinki) countersign each other's checkpoints. A checkpoint is 69 bytes: version string, tree size, root hash, timestamp. Each peer validates the signature and checks for rollback (tree size must never decrease). 2-of-3 threshold.
Double-spend prevention. Each log tracks ownership per receipt ID. A transfer is only accepted if from_key matches the current owner. Attempt to transfer a receipt you don't own → 409 Conflict.
Provenance. Receipts reference parents by hash. Agent B uses Agent A's output → B's receipt includes A's receipt_id with a relationship type (input, reference, aggregation). Tamper with any ancestor and every descendant's hash breaks.
Live: Canonical serialization, Ed25519 signing, SHA-256 Merkle trees, inclusion proofs, double-spend detection, witnessed checkpoints, provenance DAGs, HTTP API. Rust implementation byte-identical to Python reference. 52 tests.
Not yet: Trust quotient enforcement, royalty cascade settlement, ZK/TEE proof verification, SDK wrappers.