Core
receipt
The signed envelope an agent emits when it takes an action on a human's behalf — the occurrence artifact. Defined by the Agency Receipt Protocol (
sm-arp).Agency Receipt Protocol (ARP)
The portable, cryptographically signed receipt format AI agents emit when they act on behalf of humans. Runtime-agnostic, vendor-neutral, MIT-licensed.
issuer
The agent that signs and emits the receipt; identified by
issuer_did.principal
The human (or organisation's identity-of-record) on whose behalf the action was taken; identified by
principal_did.counterparty
The other party in the action — a merchant, a person, another agent.
human_summary
The receipt's one-sentence, plain-language description of the action (≤ 280 Unicode code points), naming the counterparty, the action, and where applicable the amount.
authority chain
The
authority_chain array linking an action receipt to the delegation grant(s) that authorized it. Descriptive (not evaluated) in v0.1.hash chain
The per-issuer linkage formed when
previous_receipt_hash equals the SHA-256 hash of the previous receipt including its signature, computed over JCS-canonical bytes. Deleting or reordering breaks the chain.JCS (JSON Canonicalization Scheme)
RFC 8785 — the deterministic serialization ARP signs over, so canonicalization is identical regardless of input ordering, whitespace, or encoding.
did:key
The W3C DID method ARP uses for
issuer_did and principal_did — a public key encoded directly into the identifier, so no registry lookup is needed to resolve it.Agency Log
The principal-controlled store of their own receipts — the canonical reference for "what my agent did on my behalf."
Issuer Log
The agent-controlled, hash-chained audit store — the canonical reference under audit, regulatory inquiry, or insurance dispute. Implemented as a SQLite store in
sm_arp.store.IssuerLog.conformance badge
A signed, offline-verifiable proof that a runtime's receipts pass the ARP conformance vectors. The envelope mechanism is owned by
sm-conformance; ARP is its first consumer.Companion — the authorization layer
Terms belonging to the separate authorization concern a receipt does not evaluate on its own.
DAT (Delegated Authority Token)
The draft companion spec defining the principal-signed grant an ARP
authority_chain references — scoped, bounded, revocable. Not normative in v0.1.Attested Action Envelope (AAE)
A complementary per-action substrate evidence primitive (
sm-aae): an eight-field, hash-chained record of a pre-action authorization verdict. ARP is the human-facing receipt; AAE is the substrate record. See agentenvelope.ai.