Every answer
has a receipt.
Every output Conduit produces is labeled and sealed at the source. No model can hide where its answer came from — the receipt travels with the response, independently verifiable, without trusting the model or the provider.
The labels are not a suggestion. Every emission is classified at the context layer before it reaches the user. A response with no label is a bug — the proof system fails closed.
The receipt is produced alongside every answer. Verification does not require access to the model, the vendor, or the corpus — only the receipt itself and the public verifier.
What the proof covers.
Source integrity. The corpus entries cited actually exist and actually say what the response attributes to them.
Reduction integrity. The reduction step is auditable end-to-end. What went in produces what came out, no side channels, no silent edits.
Classification integrity. The source label is produced by the context layer, not the model. The model cannot reclassify its own output.
Tamper evidence. Any modification to the receipt or the corresponding response breaks the seal.
The proof format and verifier are published. You can verify a receipt without us. The underlying sealing mechanism (hardware entropy + temporal anchoring + hash chain) is documented at the interface level; specific implementation details remain sealed as trade secret.
Public algorithm. Sealed primitive. Both positions are deliberate.