DCS / Standards / R+3 Audit Export
spec live · first bundle May 31, 2026

R+3 Audit Export — tamper-evident audit trail.

The companion standard to R+2. While R+2 defines the per-event signed receipt, R+3 defines the aggregate audit bundle: how to package a time-range of receipts into a Filecoin-pinned, hash-chained, regulator-mappable export. First production bundle ships May 31, 2026.

GitHub repo → R+2 spec
SIGNED RECEIPTS · 1,420 bafy…0a1b14:01 bafy…2c3d14:02 bafy…4e5f14:08 bafy…6g7h14:11 bafy…8i9j14:24 bafy…aklm14:30 bafy…cnop14:42 bafy…qrst14:58 + 1,412 more EXPORT CSV receipts.csv 1,420 rows · 184 KB JSON receipts.json signed bundle · 412 KB PDF audit-report.pdf notarisable · 28 pp R+3 AUDIT EXPORT — bundle and deliver to your auditor
What R+3 specifies

Audit bundles, not just receipts.

📦

Bundle envelope

Time-range of receipts + Merkle root + signed manifest + Filecoin CID + regulator metadata.

🌳

Merkle aggregation

Receipts in the bundle Merkle-tree into a single root. Tampering any receipt invalidates the root.

📌

Filecoin pinning

Bundle CID pinned via Lighthouse. Pin proof itself referenced in the bundle envelope. Self-attesting permanence.

⚖️

Regulator metadata

Optional fields for jurisdiction, regime, evidence-grade, retention class. Auto-filled per use case.

📤

Export formats

JSON-LD (canonical) + CSV (operator-friendly) + PDF (printable). All three deterministic + signed.

🔍

Verification protocol

Anyone can re-walk the Merkle tree from a single bundle CID and prove integrity. No DCS server required.

Use cases

Where R+3 bundles show up.

🏛️

Regulator request

"Show me every AI decision your bank made on credit applications in Q1." → one bundle CID, every event verifiable.

📜

RTI right-to-receipt

Citizen requests their agent-interaction history. R+3 bundles their per-user receipts, signed + verifiable.

⚖️

Litigation discovery

Bundle scopes specific agent or specific period. Opposing counsel can verify independently — no "trust me bro."

🔬

Internal audit

Audit firm pulls weekly bundle. Re-walks the Merkle tree. Spots discontinuity = control deficiency.

📊

Quarterly compliance report

EU AI Act Article 12 + ISO 42001 evidence — bundles attached to compliance dashboards, with regulator metadata pre-filled.

🔐

Right-to-erasure proof

"I deleted Customer X's data on date Y." Bundle includes the erasure receipt + Merkle proof.

Status

Spec live. First production bundle ships May 31.

LIVE
Spec v0.1 published
May 17, 2026
LIVE
Reference implementation
github.com/DCS-Platform/r3-standard
PENDING
First production bundle
May 31, 2026 — Q1 2026 receipts
SUBMITTED
Standards review
MeitY · ISRO · Anthropic Standards Program
FAQ

Common questions.

How is this different from a regular S3 log dump?
S3 log dump = "trust us we didn't modify anything." R+3 bundle = Merkle root + ed25519 signature + Filecoin pin → any modification is detectable by anyone, no DCS infrastructure required.
Bundle size?
Average bundle: ~5 MB for 100K receipts (Merkle tree + manifest). Bundles are the manifest only — receipts stay individually accessible by CID.
How often are bundles generated?
Configurable. Common patterns: daily (high-volume), weekly (most regulators), monthly (lighter compliance), on-demand (one-off requests).
What if Filecoin goes down?
Bundle is also stored in your own retention (Sovereign) or on DCS-hosted storage. Filecoin pin is for permanence + tamper evidence — not the primary store.
Right-to-erasure conflict with chain integrity?
Erasure operates at receipt content level (PII removed, hash-stub kept). Chain stays intact — the slot is preserved with an erasure-receipt marker. Spec § 5.4 covers the edge cases.

Audit trails that survive your servers.

Bundle once. Verify forever. Independent of DCS.

GitHub repo →See R+4 next