Proof of Payment

Proof of Payment

PoP as a self-contained, independently verifiable legal artifact.

A Proof-of-Payment (PoP) is a signed, blockchain-derived JSON artifact that records that a specific payment event occurred between two parties. It is the central artifact Tekmerion produces, and it is designed to stand on its own: anyone holding a PoP can verify it without trusting Tekmerion and without calling a Tekmerion API.

A PoP is not a receipt and not a notification. A notification announces that something happened; a status describes where a payment sits in its expected lifecycle. Both are projections — derived, able to lag, never authoritative on their own. A PoP is the artifact you reconcile and retain. It points at on-chain facts that anyone can re-check against the chain directly.

The blockchain is the source of truth

Tekmerion is not the source of truth for whether a payment occurred — the blockchain is. A PoP does not assert an outcome on Tekmerion's authority. It records the on-chain facts of a settlement and carries a cryptographic signature binding those facts to the key that produced them. Verification reduces to two independent checks: the signature proves who issued the artifact, and the chain proves the facts. See Verifying a PoP.

The full chain of authority

A PoP is a complete legal artifact, not a single data point. It records the entire chain of authority behind a settlement:

  • authorised — the merchant authorisation under which execution was permitted;
  • evaluated — the compliance record: sanctions screening, geoblock result, and the merchant's transaction-level decision;
  • relayed — the relay that submitted the merchant-signed authorisation to the chain;
  • settled — the confirmed on-chain settlement facts the payment finalized to.

This is what makes a PoP self-contained. It does not merely state that a payment settled — it captures who permitted it, how it was screened, how it was executed, and what the chain ultimately recorded. The exact contents are enumerated in Artifact contents.

When a PoP exists

A PoP is generated exactly when value was delivered to the merchant — that is, for a paid outcome (and for a duplicate_payment, where a real on-chain payment settled to the merchant for an already-settled intent). A refund or a failure is a real outcome but produces no PoP, because no payment to the merchant completed. The rule and its rationale are in Generation scope.

How a PoP is trusted

A PoP carries a key identifier (kid) and a signature. Verifiers resolve the kid to a public key through a public discovery surface and check the signature themselves — no shared secret, no privileged access. Signing, key discovery, rotation, and revocation are specified in Signing and key discovery. The layout and meaning of a PoP's contents are pinned by a schema_version it carries; see Schema versioning.

Secret rotation

Rotate an endpoint's signing secret without dropping deliveries, and revoke on compromise.

Artifact contents

What a PoP records: on-chain facts, match result, authorisation, compliance, and relay metadata.

On this page

The blockchain is the source of truthThe full chain of authorityWhen a PoP existsHow a PoP is trusted