Verifiable interaction records for AI agents, APIs, and automated systems
Publish machine-readable terms, return signed receipts, verify outcomes offline.
Website · Spec Index · Discussions · Releases
Use PEAC when:
- you need proof of interactions across organizational boundaries
- you need machine-readable access, payment, or usage terms
- you need portable evidence for audits, disputes, or incident review
1. Service publishes policy --> /.well-known/peac.txt (machine-readable terms)
2. Agent makes request --> Service returns PEAC-Receipt: <jws> (signed proof)
3. Anyone verifies offline --> Check signature + claims using issuer's public keys
Setup (out of band): Service publishes policy at /.well-known/peac.txt and verification keys at /.well-known/peac-issuer.json.
/.well-known/peac.txt: machine-readable terms (YAML):
version: 'peac-policy/0.1'
usage: conditional
purposes: [crawl, index, inference]
receipts: required
attribution: required
rate_limit: '100/hour'PEAC-Receipt header: signed proof returned on governed responses:
PEAC-Receipt: eyJhbGciOiJFZERTQSIsInR5cCI6ImludGVyYWN0aW9uLXJlY29yZCtqd3QifQ...
The receipt is a standard JWS (Ed25519) that can be verified offline using the issuer's published keys. Full specification: Spec Index.
Requirements: Node 24 (tested); Node 22+ (compatible)
pnpm add @peac/protocol @peac/cryptoimport { generateKeypair } from '@peac/crypto';
import { issue, verifyLocal } from '@peac/protocol';
const { privateKey, publicKey } = await generateKeypair();
const { jws } = await issue({
iss: 'https://api.example.com',
kind: 'evidence',
type: 'org.peacprotocol/access-decision',
pillars: ['access'],
privateKey,
kid: 'key-2026-03',
});
const result = await verifyLocal(jws, publicKey);
console.log(result.valid, result.claims.type);
// true org.peacprotocol/access-decisionpeac verify 'eyJhbGciOiJFZERTQSIsInR5cCI6ImludGVyYWN0aW9uLXJlY29yZCtqd3QifQ...'Legacy: Wire 0.1 (
peac-receipt/0.1) is frozen. See examples/quickstart/ for Wire 0.1 code.
See examples/wire-02-minimal/ for a runnable example. For settlement, HTTP/REST, Express middleware, and Go SDK examples, see docs/README_LONG.md.
- Issue and verify receipts: Quick start above
- Add receipts to an HTTP API: HTTP integration
- Add middleware to Express: Express middleware
- Use x402 payments: x402 adapter and Stripe x402 profile
- Author policies: Policy Kit
- Verify or bundle evidence: Dispute Bundles
- Build in Go: Go SDK (Wire 0.1)
- Read the spec: Spec Index
PEAC is the evidence layer. It does not replace auth, payment rails, or observability. It complements them with portable, verifiable proof.
| Existing system | What PEAC adds |
|---|---|
| Internal logs | Portable proof that survives organizational boundaries |
| OpenTelemetry | Cryptographic evidence that correlates to traces |
| MCP / A2A | Verifiable records carried alongside tool calls and agent exchanges |
| AP2 / ACP / UCP | Proof of outcomes for commerce authorization and orchestration |
| Payment rails | Settlement references made verifiable offline |
Use cases: HTTP APIs (paid or permissioned), agent-to-API calls, dataset downloads, AI training access, cross-org audit evidence, safety and incident response workflows.
This repository contains the reference TypeScript implementation and a Go SDK (sdks/go/).
Install:
pnpm add @peac/clior run from this repo:pnpm --filter @peac/cli exec peac --help.
peac verify 'eyJhbGc...' # Verify a receipt
peac conformance run # Run conformance tests
peac reconcile a.bundle b.bundle # Merge and diff evidence bundles
peac policy init # Create peac-policy.yaml
peac policy validate policy.yaml # Validate policy syntax
peac policy generate policy.yaml # Compile to deployment artifactsSee packages/cli/README.md for the full command reference.
| Primitive | Description |
|---|---|
| Policy file | /.well-known/peac.txt machine-readable terms |
| Receipt | PEAC-Receipt: <jws> signed proof (Ed25519) |
| Issuer config | /.well-known/peac-issuer.json JWKS discovery |
| Dispute bundle | ZIP with receipts + policy + report for offline audit |
- Current stable: Interaction Record format (
interaction-record+jwt, v0.12.0+) - Legacy: Wire 0.1 (
peac-receipt/0.1) is frozen;verifyLocal()returnsE_UNSUPPORTED_WIRE_VERSION
See docs/specs/VERSIONING.md for the full versioning doctrine.
- JWS signature verification required before trusting any receipt claim
- Key discovery via
/.well-known/peac-issuer.jsonJWKS with SSRF guards - Kernel constraints enforced at issuance and verification (fail-closed)
- No silent network fallback for offline verification
- Errors mapped to RFC 9457 Problem Details
See SECURITY.md and docs/specs/PROTOCOL-BEHAVIOR.md.
| Document | Purpose |
|---|---|
| Spec Index | Normative specifications |
| Interaction Record Spec | Receipt envelope, kinds, extensions |
| Architecture | Kernel-first design |
| Kernel Constraints | Structural limits enforced at issue and verify |
| Policy Kit Quickstart | Policy authoring guide |
| Profiles | Integration profiles (Stripe x402, etc.) |
| Developer Guide | Package catalog, integration examples, layer maps |
- TypeScript (this repo):
@peac/protocol,@peac/cli,@peac/sdk-js - Go: sdks/go/ issuance, verification, and policy evaluation (Wire 0.1)
- MCP: MCP server (5 tools) and MCP carrier mapping
- A2A: A2A carrier mapping for agent-to-agent evidence
- HTTP middleware: Express automatic receipt issuance
- x402: x402 adapter for machine payment evidence
Building an implementation? Open an issue.
Contributions are welcome. For substantial changes, please open an issue first. See docs/SPEC_INDEX.md for normative specifications and docs/CI_BEHAVIOR.md for CI guidelines.
Apache-2.0. See LICENSE. Stewardship: Originary and the open source community.
Source: github.com/peacprotocol/peac | Website: peacprotocol.org | Discussions: GitHub Discussions