40 lines
1.5 KiB
JSON
40 lines
1.5 KiB
JSON
{
|
|
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
"$id": "https://stella-ops.org/schemas/rekor-receipt.schema.json",
|
|
"title": "StellaOps Rekor Receipt Schema",
|
|
"description": "Schema for offline Rekor receipt payloads (rekor-receipt.json) used for air-gapped verification. See docs/modules/attestor/transparency.md and docs/product-advisories/14-Dec-2025 - Offline and Air-Gap Technical Reference.md (Section 1.4).",
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": ["uuid", "logIndex", "rootHash", "hashes", "checkpoint"],
|
|
"properties": {
|
|
"uuid": {
|
|
"type": "string",
|
|
"minLength": 1,
|
|
"description": "Rekor entry UUID."
|
|
},
|
|
"logIndex": {
|
|
"type": "integer",
|
|
"minimum": 0,
|
|
"description": "Rekor log index."
|
|
},
|
|
"rootHash": {
|
|
"type": "string",
|
|
"pattern": "^[a-f0-9]{64}$",
|
|
"description": "Expected Merkle tree root hash as lowercase hex (32 bytes)."
|
|
},
|
|
"hashes": {
|
|
"type": "array",
|
|
"description": "Merkle inclusion path hashes ordered as provided by Rekor (each is lowercase hex, 32 bytes).",
|
|
"items": {
|
|
"type": "string",
|
|
"pattern": "^[a-f0-9]{64}$"
|
|
}
|
|
},
|
|
"checkpoint": {
|
|
"type": "string",
|
|
"minLength": 1,
|
|
"description": "Signed checkpoint note (UTF-8) either inline (body lines: origin, tree size, base64 root, optional timestamp, and optional signature block(s)) or a path resolved relative to the receipt file (e.g., checkpoint.sig or tlog/checkpoint.sig)."
|
|
}
|
|
}
|
|
}
|