Guide
Deploy & Usage Guide
Get Decision Receipt running in your pipeline in under 10 minutes.
1. Get an API key
Sign up to receive an API key instantly. Include it as an X-API-Key header on all requests.
2. Issue your first receipt
curl -X POST https://decrec.summitcognitive.ai/v1/evaluate \
-H "Content-Type: application/json" \
-H "X-API-Key: YOUR_KEY" \
-d '{
"claim_id": "pr-42-merge",
"entity": "your-org/your-repo",
"claim": "AI agent requests merge for PR #42",
"sources": [
{"id": "ci", "type": "ci", "uri": "https://ci/run/1",
"confidence": 0.9, "content": "All tests pass"},
{"id": "review", "type": "code_review", "uri": "https://pr/42",
"confidence": 0.85, "content": "Approved"}
]
}'
3. Action-oriented flow
For agent integrations, use the three-step action flow:
# Step 1: Register the action
curl -X POST https://decrec.summitcognitive.ai/v1/actions \
-H "Content-Type: application/json" \
-d '{"action_id": "pr-42", "actor": {"name": "devin"},
"target": {"system": "github", "repository": "org/repo"}}'
# Step 2: Attach evidence
curl -X POST https://decrec.summitcognitive.ai/v1/actions/pr-42/evidence \
-H "Content-Type: application/json" \
-d '{"evidence": [{"type": "ci", "confidence": 0.9, "content": "pass"}]}'
# Step 3: Evaluate — receive Decision Receipt
curl -X POST https://decrec.summitcognitive.ai/v1/actions/pr-42/evaluate
4. GitHub Action
Add to your workflow to enforce admissibility on every PR:
- uses: summitcognitive/decision-receipt/github-action@v1
with:
api-url: https://decrec.summitcognitive.ai
action-type: merge
fail-on-block: "true"
5. GitHub Webhook
Automatically evaluate every PR:
# Add webhook to your repo gh webhook create --repo your-org/your-repo \ --events pull_request \ --url https://decrec.summitcognitive.ai/v1/webhook/github
6. Verify a receipt
# Via API curl -X POST https://decrec.summitcognitive.ai/v1/verify \ -H "Content-Type: application/json" \ -d @receipt.json # Via CLI npx tsx apps/verify-cli/src/index.ts receipt.json
7. Self-hosted deployment
git clone https://github.com/BrianCLong/decision-receipt cd decision-receipt docker compose up -d
The API starts on port 8787. Configure a reverse proxy (Caddy, nginx) for TLS.
8. TypeScript SDK
Use the SDK for programmatic integration:
import { DecRec } from "@summit-dr/sdk";
const dr = new DecRec({ apiKey: "sk_decrec_..." });
// Quick PR evaluation
const result = await dr.evaluatePR({
repository: "your-org/your-repo",
pr: 42,
commit: "abc123",
branch: "feat/new-feature",
agent: "devin",
ciPassed: true,
reviewApproved: true,
});
console.log(result.receipt.admissibility.status);
// "ACCEPTED"
// Verify independently
const verified = await dr.verify(result.receipt);
console.log(verified.valid); // true
// Search receipts
const blocked = await dr.search({ verdict: "BLOCKED", limit: 10 });
// Repo analytics
const repos = await dr.repos();
9. Server public key
Download the server's Ed25519 public key for independent receipt verification:
curl https://decrec.summitcognitive.ai/v1/keys/server > server.pub.pem
10. Embed badges in your README
# Repo acceptance rate badge  # 14-day acceptance sparkline  # Embeddable dashboard widget <iframe src="https://decrec.summitcognitive.ai/embed/your-org/your-repo" width="400" height="300" frameborder="0"></iframe>