Every RailCall run mints an Ed25519-signed receipt. This page renders only receipts that a machine re-verified offline — integrity recomputed from the receipt body, signature checked against a reviewed key registry, and the honesty gate enforced (external_api_touched must match the run's true mode). If it's on this page, it verified. If it didn't verify, the build goes red instead.
external_api_touched: false). We publish those too, labeled, because that's the point: receipts that can't lie.| Connector | Mode | Verdict | Integrity | Signing key | Approved at |
|---|---|---|---|---|---|
| stripe | mock | VERIFIED · mock rail | sha256:fa137d42ff800e9558267a1… | 2cff316359e126cc | 2026-07-02T11:30:49Z |
integrity_hash + signature, keys sorted), then check the Ed25519 signature over that integrity string against the registry key. No RailCall software required to audit RailCall.Generated from receipts/verified_manifest.json · regenerate: python3 tools/verify_capoff_receipts.py