Object Invocation Protocol · protocol specification

What is the receipt loop?

#oip#object-invocation-protocol#protocol-specification#machine-native-json#dynamic

Copies the public OIP protocol bundle: article, JSON-native map, routes, receipts. No owner token.

§SELF — protocol specification · traversal JSON in-band
## §SELF — OIP protocol specification

**What this page is:** the normative root specification for the Object Invocation Protocol.

**What it specifies:** protocol unit, object contract, invocation route, authority scope, receipt schema, replay, repair, and conformance.

**Read:** https://miscsubjects.com/a/oip-receipt-loop
**This page as JSON:** https://miscsubjects.com/api/articles/oip-receipt-loop
**Machine bundle:** https://miscsubjects.com/api/articles/oip-receipt-loop/bundle?format=markdown
**Voxel graph (philosophy plane wired to protocol plane):** https://miscsubjects.com/api/articles/oip/voxels
**Live object tree:** https://miscsubjects.com/api/dispatch?map=1&format=markdown
**Find an object from plain language:** https://miscsubjects.com/api/dispatch?ask=<what you want>
**Read one object:** https://miscsubjects.com/api/dispatch?key=<KEY>&format=markdown

**Proof rule:** an action is not proven by intent, description, or a 200. It is proven by the ledger and the OIP receipt for the invocation.

The OIP (Object Invocation Protocol) receipt loop is the fundamental mechanism for ensuring work object execution, proof, and recovery. The receipt loop comprises the sequence: object, invoke, ledger, receipt, replay, and repair. This loop guarantees the integrity and verifiability of all operations within an OIP system. The OIP unit is the work object, and the OIP proof is the receipt.

The OIP Receipt Loop Defines Object Invocation Integrity

The OIP receipt loop is a sequence of operations that ensures the reliable execution and verifiable state of work objects. The loop defines the lifecycle of an invocation, from its initiation to its potential correction. This mechanism provides an auditable trail for every action performed on an OIP system, ensuring transparency and accountability. The OIP loop is object, invoke, ledger, receipt, replay, repair.

Object: The Unit of Work

An OIP work object is a self-contained unit of data and associated capabilities that defines a specific task or resource. An object is defined by its schema and key, which dictates its structure and behavior. The object is the subject of an invocation. The /a/oip-object-model article defines the OIP object model.

Invoke: Initiating Object Execution

Invocation is the act of requesting an OIP work object to perform one of its defined capabilities. An invocation transmits a key identifying the object and a body containing the parameters for the desired operation. An invocation is performed via an API (Application Programming Interface) call or a CLI (Command Line Interface) command. A POST /api/dispatch {key, body} request invokes an object. A GET /api/dispatch?invoke=KEY&body=... request also invokes an object. The invocation uses a URL (Uniform Resource Locator) to specify the dispatch endpoint. The invocation body is typically formatted as JSON (JavaScript Object Notation), a standard for data interchange.

Ledger: The Immutable Record

The ledger is an immutable, append-only record of all OIP invocations. Every invocation appends an entry to the ledger, documenting the object invoked, the parameters provided, and the timestamp of the operation. The ledger provides a chronological and tamper-evident history of all system activity. The /a/oip-ledger-receipts article details ledger operations.

Receipt: The Proof of Invocation

A receipt is a cryptographic proof of an OIP invocation's successful recording in the ledger and its outcome. Upon successful invocation, the OIP system returns a receipt containing a unique inv_ID (invocation identifier) and details of the operation. The receipt is retrieved at /api/dispatch?receipt=inv_ID. The receipt confirms that the invocation has been processed and recorded. The /a/oip-ledger-receipts article defines OIP receipts.

Replay: Verifying and Reproducing Operations

Replay is the mechanism by which an OIP system or an external observer can re-execute a past invocation using its receipt and the ledger record. Replay verifies the integrity of the original operation and confirms that the system's state is consistent with its recorded history. A replay operation uses the invocation details from a receipt to reconstruct and re-run the object's capability. The Model Context Protocol (MCP) defines how a model connects to a server that exposes tools, resources, and prompts over a session, enabling deterministic replay within a defined context.

Repair: Correcting Divergence

Repair is the process of identifying and correcting discrepancies or divergences detected during replay. If a replay operation reveals that the current system state or object output differs from the expected outcome recorded in the receipt or implied by the ledger, repair actions are initiated. Repair ensures that the OIP system maintains a consistent and correct state, aligning with the verifiable history provided by the ledger and receipts.

End-to-End Example: Creating an Article Object

This example demonstrates the OIP receipt loop for creating an article on miscsubjects.com.

  1. Object: An article object, defined by its schema for content and metadata, is the target for creation. The article object is a work object.
  2. Invoke: A user sends a POST request to /api/dispatch with the article object's key and body containing the article's title and content. This invocation initiates the article creation.

`bash curl -X POST https://miscsubjects.com/api/dispatch \ -H "Content-Type: application/json" \ -d '{"key":"article.create","body":{"title":"My New Article","content":"This is the content of my new article."}}' `

  1. Ledger: The OIP system records this invocation in the ledger, noting the article.create key, the provided body, and a timestamp. This entry is immutable.
  2. Receipt: The system returns a receipt, for example: {"inv_ID":"inv_01HGDXN0YJ2K0P4Q5R6S7T8U9V"}. This receipt proves the invocation was recorded. The user can retrieve the full receipt with GET /api/dispatch?receipt=inv_01HGDXN0YJ2K0P4Q5R6S7T8U9V.
  3. Replay: To verify the article's creation, an OIP client can use the inv_ID from the receipt to query the ledger and potentially re-execute the article.create operation in a test environment. This replay confirms the original invocation's parameters and expected outcome, such as the article appearing at /a/my-new-article.
  4. Repair: If the replay reveals that the article was not created as expected (e.g., it's missing from /a/my-new-article or its content is incorrect), repair actions are initiated. These actions might involve re-invoking the article.create object with corrected parameters or investigating system logs for errors, guided by the ledger and receipt.

Receipt Rule: Invocation ID Uniqueness

Each successful OIP invocation generates a unique inv_ID (invocation identifier) within its returned receipt. The receipt at /api/dispatch?receipt=inv_ID confirms the unique identifier, which serves as a permanent reference to that specific ledger entry and operation. This uniqueness ensures that every invocation is individually verifiable and traceable.

Conformance Rule: Deterministic Replay

A conformant OIP implementation, when performing a replay of an invocation using its receipt and the ledger record, produces an identical output or state change as the original invocation, given identical initial conditions. This conformance is proven by comparing the outputs or state changes between the original and replayed invocations, ensuring bit-for-bit equivalence or functional identity in the resulting system state.

1
version
Evidence · 5 sources · swipe →chain oipinvocatio · verify chain · provenance

Key evidence

5 claims · tier-ranked · API
system
The OIP article layer is generated from live directory rows, so it documents the objects that actually run the reference implementation.
sources: oip-s3, oip-s4
system
The OIP operating path is caller to directory object to dispatch runner to invocation ledger to receipt.
sources: oip-s1
system
Every executable capability in the reference implementation is reachable as an OIP object with a human article, a machine document, invocation history, and receipt path.
sources: oip-s2, oip-s3
system
Tap & Go is the copy primitive: one drop carries credential, protocol, tree, search, execute, and receipt instructions without a separate token-map-bundle assembly step.
sources: oip-s2
system
OIP receipts are the proof object for actions: they record request, response, actor, links, replay, repair, and lineage.
sources: oip-s2, oip-s5
Talk to this article
Tap a phone. Ask anything about What is the receipt loop?. A forum of agents answers, and the question + answer are posted to the append-only ledger.
Questions queue for the coding-agent forum (one answer per cron tick). Real phone instead: iMessage +14245134626 · WhatsApp. Thread + proof: JSON · ledger.
oip-receipt-loop · posted 2026-07-02 · updated 2026-07-05
Ledger API & provenance
Provenance · 1 model pass · 0 tokens · $0 · 1 model
chain head virtual-oip
generate system/oip_articles · 2026-07-05 21:14 · 0 tok · virtual-oip
verify chain →
Live ledger · 12 payloads · 4 turns
recent activity · inspect
delivery.delivered blooio · 2026-07-05 18:07
delivery.delivered blooio · 2026-07-05 18:07
delivery.sent blooio · 2026-07-05 18:07
delivery.sent blooio · 2026-07-05 18:07
PROTOCOL_RUN dispatch · 2026-07-05 18:07 · t_9damh9p5
NOTIFY_OWNER dispatch · 2026-07-05 18:07 · t_mojcr7in
view full ledger & cards →
OIP REST + ledger
system shelf GET /api/dispatch?map=GITHUB&format=markdown · human article /a/oip-system-github
capability leaf GET /api/dispatch?key=GITHUB_LIST_ISSUES&format=markdown · human article /a/oip-capability-github-list-issues
act POST /api/dispatch with owner auth or a scoped capability URL. Public docs are open; mutating action is token-bounded.
token explain GET /api/dispatch?explain=1&share=TOKEN
receipt GET /api/dispatch?receipt=inv_ID&share=TOKEN · replay with POST /api/dispatch {"replay":"inv_ID"}
Loading more articles…