Reference

Runtime surfaces in one page. Sanitized illustrative shapes only; no real tokens, no real payloads, no domain-bearing examples.

Runtime request headers

Response states

HTTP/1.1 401 Unauthorized
HTTP/1.1 402 Payment Required
HTTP/1.1 200 OK
X-AgentTrust-Receipt-Id: rcp_<placeholder>

401 reasons (bounded enum)

• identity_evidence_missing
• signature_invalid
• vc_issuer_untrusted
• vc_status_revoked
• principal_unmappable
• did_resolution_failed
• registry_evidence_missing

402 challenge body

{
  "type": "payment_required",
  "protocol": "x402",
  "requestSha256": "<sha256>",
  "challengeId": "chl_<placeholder>"
}

Receipt fields

{
  "schemaVersion": "agenttrust.receipt.v1",
  "receiptId": "rcp_<placeholder>",
  "providerId": "prv_<placeholder>",
  "requestSha256": "<sha256>",
  "agentDid": "did:web:<placeholder>",
  "principalId": "<placeholder>",
  "paid": true,
  "facilitator": "sandbox",
  "signature": "<ed25519>",
  "signingKeyId": "gw-ed25519-<id>"
}

Proof bundle terms

• proof.bundle.v1, bundle schema
• verdict, valid · tampered · signature_invalid
• hashChainContinuous, boolean
• signaturesValid, boolean
• receiptCount, number

Status labels

The bounded enum used across the CLI, the docs, the dataroom, and the public site:

• shipped, implemented, typechecked, tested
• bounded, shipped within stated bounds
• operator-gated, shipped; needs operator credentials to verify externally
• not-claimed, deliberately out of scope
• roadmap, planned, not yet built

Operator commands

• pnpm proof:verify <bundle>, offline proof verifier
• pnpm pilot:demo:rehearse, 7-step in-process demo
• pnpm pilot:readiness, release readiness pack
• pnpm dataroom:signed:bundle, shareable signed dataroom bundle
• pnpm dataroom:verify <path>, recipient-side bundle verifier
• pnpm operator:external:scan-artifacts <dir>, 24-pattern leak scanner
• pnpm siem:replay <dir>, DLQ drain