AgencyReceipts Working draft

Documentation

Glossary

The vocabulary of the receipt layer.

Core

receipt
The signed envelope an agent emits when it takes an action on a human's behalf — the occurrence artifact. Defined by the Agency Receipt Protocol (sm-arp).
Agency Receipt Protocol (ARP)
The portable, cryptographically signed receipt format AI agents emit when they act on behalf of humans. Runtime-agnostic, vendor-neutral, MIT-licensed.
issuer
The agent that signs and emits the receipt; identified by issuer_did.
principal
The human (or organisation's identity-of-record) on whose behalf the action was taken; identified by principal_did.
counterparty
The other party in the action — a merchant, a person, another agent.
human_summary
The receipt's one-sentence, plain-language description of the action (≤ 280 Unicode code points), naming the counterparty, the action, and where applicable the amount.
authority chain
The authority_chain array linking an action receipt to the delegation grant(s) that authorized it. Descriptive (not evaluated) in v0.1.
hash chain
The per-issuer linkage formed when previous_receipt_hash equals the SHA-256 hash of the previous receipt including its signature, computed over JCS-canonical bytes. Deleting or reordering breaks the chain.
JCS (JSON Canonicalization Scheme)
RFC 8785 — the deterministic serialization ARP signs over, so canonicalization is identical regardless of input ordering, whitespace, or encoding.
did:key
The W3C DID method ARP uses for issuer_did and principal_did — a public key encoded directly into the identifier, so no registry lookup is needed to resolve it.
Agency Log
The principal-controlled store of their own receipts — the canonical reference for "what my agent did on my behalf."
Issuer Log
The agent-controlled, hash-chained audit store — the canonical reference under audit, regulatory inquiry, or insurance dispute. Implemented as a SQLite store in sm_arp.store.IssuerLog.
conformance badge
A signed, offline-verifiable proof that a runtime's receipts pass the ARP conformance vectors. The envelope mechanism is owned by sm-conformance; ARP is its first consumer.

Companion — the authorization layer

Terms belonging to the separate authorization concern a receipt does not evaluate on its own.

DAT (Delegated Authority Token)
The draft companion spec defining the principal-signed grant an ARP authority_chain references — scoped, bounded, revocable. Not normative in v0.1.
Attested Action Envelope (AAE)
A complementary per-action substrate evidence primitive (sm-aae): an eight-field, hash-chained record of a pre-action authorization verdict. ARP is the human-facing receipt; AAE is the substrate record. See agentenvelope.ai.