All DRS JWTs use the header {"alg":"EdDSA","typ":"JWT"} with keys sorted by Unicode code point (RFC 8785 JCS). The signature covers base64url(header).base64url(payload).
Field Type Required Constraints Description
issDID string Yes Valid did:key or did:web Issuer — the party granting delegation subDID string Yes Must match root DR's sub at every hop Subject — the original resource owner; never changes through chain hops audDID string Yes Valid DID Audience — the party receiving the delegation drs_vstring Yes Must be "4.0" DRS specification version drs_typestring Yes Must be "delegation-receipt" JWT type discriminator cmdstring Yes Non-empty MCP command path, e.g. /mcp/tools/call policyobject Yes See Policy Schema Capability constraints nbfinteger Yes Unix seconds; ≥ parent's nbf in sub-DRs Not-before — when the delegation becomes valid expinteger or null Yes Unix seconds; ≤ parent's exp in sub-DRs when both set Expiry — null for standing delegations iatinteger Yes Unix seconds Issued-at time jtistring Yes Format: dr: + UUID v4 Unique identifier for revocation lookup prev_dr_hashstring or null Yes Format: sha256:{64 hex chars} or null Hash of previous DR's JWT bytes; null at chain root drs_consentobject When drs_root_type is "human" See below Human consent evidence drs_root_typestring Yes on root DR "human" | "organisation" | "automated-system"Trust anchor type; absent on sub-DRs drs_regulatoryobject No See below Storage tier and retention requirements drs_status_list_indexinteger No Non-negative Position in Bitstring Status List; absent if revocation not used
Field Type Required Constraints Description
issDID string Yes Must match last DR's aud Issuer — the agent making the call subDID string Yes Must match root DR's sub Subject — the original human drs_vstring Yes Must be "4.0" DRS spec version drs_typestring Yes Must be "invocation-receipt" Type discriminator cmdstring Yes Must match all DR cmd fields MCP command path argsobject Yes Evaluated against all DR policies Actual invocation arguments dr_chainstring[] Yes Length = number of DRs; each sha256:{hex} Ordered hashes of every DR in the chain tool_serverDID string Yes Valid DID DID of the tool server iatinteger Yes Unix seconds Issued-at time jtistring Yes Format: inv: + UUID v4 Unique identifier
Field Type Required Description
methodstring Yes "explicit-ui-click" | "explicit-ui-checkbox" | "api-delegation" | "operator-policy"timestampISO 8601 string Yes When the user consented session_idstring Yes Session identifier, prefixed sess: policy_hashstring Yes sha256:{hex} of the human-readable policy text the user sawlocaleIETF language tag Yes Language of the consent UI (e.g. en-GB, fr-FR)
Field Type Description
frameworksstring[] Regulatory frameworks: "eu-ai-act-art13", "hipaa-164.312b", "sox", "finos-tier3" risk_levelstring "unacceptable" | "high" | "limited" | "minimal"retention_daysinteger Minimum retention in days (0 = forever)
{
"bundle_version": "4.0",
"invocation": "<invocation-receipt-jwt>",
"receipts": ["<root-dr-jwt>", "<sub-dr-jwt-1>"]
}
Transmitted as X-DRS-Bundle: base64url({bundle_json}) HTTP header.