{"description":"Outbound webhook payload schema for receipt.created events","headers":{"Content-Type":"application/json","X-DecRec-Event":"receipt.created","X-DecRec-Signature":"sha256=HMAC_HEX (computed from body using your webhook secret)","User-Agent":"DecRec-Webhook/0.1.0"},"payload":{"event":"receipt.created","timestamp":"ISO 8601","data":{"ts":"ISO 8601 — when receipt was issued","receipt_id":"rcpt_... — unique receipt identifier","claim_id":"string — claim that was evaluated","verdict":"ALLOWED | BLOCKED | ESCALATED","admissibility":"ACCEPTED | REJECTED | NON_DETERMINISTIC | POLICY_FAILURE | EVIDENCE_INCOMPLETE","agent":"string | null — agent that performed the action","repository":"string | null — target repository","pull_request":"number | null — PR number if applicable","replay_deterministic":"boolean — whether replay matched","chain_sequence":"number — position in the receipt chain","signature":"string — first 32 chars of Ed25519 signature"}},"verification":{"algorithm":"HMAC-SHA256","example":"const expected = crypto.createHmac('sha256', YOUR_SECRET).update(body).digest('hex'); if (header !== 'sha256=' + expected) reject();"},"events":["receipt.created"],"retry_policy":"3 attempts with exponential backoff (30s, 2min, 8min)"}