ADR 0005 · Receipts and handoffs as public contracts
What this ADR decides
That capability receipts and handoffs are public Craik contracts — schema-validated, redacted before persistence, linked to policy envelopes, and safe to cite from docs, operator views, work graphs, and recovery flows.
Status: Accepted.
Logs are not durable evidence. Every side-effect surface must emit or link a receipt.
Context
Craik's value depends on durable agent work: future agents and operators need to know what happened, why it was allowed, what evidence was used, and what remains unresolved. Receipts and handoffs therefore sit at the boundary between runtime execution, memory, docs, and operator workflows.
Decision
Capability receipts
Record capability decisions and outcomes · schema-validated · redacted before persistence · linked to policy envelopes where available.
Handoffs
Summarize run state · completed actions · validation · risks · context debt · next steps · self-audit. Incomplete or blocked runs still produce handoffs when enough context is available.
Evidence by reference, not copy.
Receipts and handoffs link evidence by id rather than copying private payloads — keeps them small and safe to cite without leaking content.
Consequences
The runtime can recover from interruptions and preserve accountability across agent boundaries. The cost is that every new side-effect surface must emit or link receipts instead of treating logs as sufficient evidence.
Alternatives considered
Retraction: none active.
Retract this ADR if Craik replaces receipts and handoffs with another versioned audit object and provides compatibility exports.