Portable signed proof for agent, API, and MCP interactions
Publish machine-readable terms, return signed interaction records, and verify them offline.
PEAC adds cross-boundary evidence across APIs, MCP servers, A2A exchanges, and commerce flows without replacing auth, payment rails, or observability.
import { verifyLocal } from '@peac/protocol'
const receipt = response.headers.get('PEAC-Receipt')
const result = await verifyLocal(receipt, publicKey, {
issuer: 'https://api.example.com',
audience: 'https://client.example.com',
})
if (result.valid) {
console.log('Issuer:', result.claims.iss)
console.log('Kind:', result.claims.kind)
console.log('Type:', result.claims.type)
}How PEAC works in practice
Publish terms
/.well-known/peac.txtMachine-readable access, payment, and usage terms.
Return proof
PEAC-ReceiptSigned interaction record in headers or transport metadata.
Verify locally
verifyLocal()Deterministic offline verification once keys are available.
Bundle evidence
peac-bundle/0.1Portable audit/dispute package with records, policy, keys, and report.
Start with the outcome you want
Each path takes under 5 minutes.
Key Concepts
Record
PeacRecordThe portable interaction artifact: structured claims about what happened.
Receipt
PEAC-ReceiptThe signed file format: an Ed25519 JWS returned in PEAC-Receipt or transport metadata.
Evidence Bundle
peac-bundle/0.1A portable ZIP package containing records, policy snapshots, public keys, and verification output for audit or dispute.
Why teams use PEAC
Cross-boundary proof
Logs are local. PEAC gives you proof you can hand to another team, partner, auditor, or customer.
Incident and dispute review
When an agent action is questioned, verify the signed record or export a bundle instead of arguing from screenshots and logs.
Policy-bound access
Publish machine-readable terms and return proof that those terms were actually applied.
How PEAC differs from what you already have
From policy to proof
Publish
Service publishes terms
/.well-known/peac.txtRequest
Client or agent sends request with declared intent
PEAC-Purpose: indexEnforce
Service uses its existing auth, payment, and policy stack
Your stack decidesReturn
Service returns signed interaction proof
PEAC-Receipt: eyJ...Verify or bundle
Anyone verifies locally or packages into an evidence bundle
verifyLocal()Where PEAC fits
PEAC is the evidence layer. It adds portable, verifiable proof to existing systems.
What PEAC adds
- Internal logs: Portable proof that survives organizational boundaries
- OpenTelemetry: Signed evidence that can correlate to traces
- MCP / A2A: Verifiable records carried alongside tool calls and agent exchanges
- ACP / x402 / payment rails: Signed proof of outcomes and settlement references
- Compliance workflows: Portable artifacts for audit, dispute, and incident review
Does not replace
- Auth: Your identity and access control system stays as-is
- Payment rails: Rails move funds; PEAC records settlement references
- Observability: OTel is internal traces; PEAC is portable proof
- MCP / A2A runtimes: These coordinate tool use and agent exchanges; PEAC carries proof alongside them
- C2PA: C2PA is media provenance; PEAC is interaction evidence
Built for real workflows
Paid or permissioned APIs
Return signed proof for governed responses.
MCP and agent tool calls
Attach verifiable evidence to tool execution outcomes.
Audit and incident review
Export one bundle with records, policy, keys, and verification output.
Commerce and settlement evidence
Carry proof of what terms applied and what payment outcome occurred.
Works with your stack
Security and verification
PEAC verification is designed to be deterministic, portable, and fail-closed.
Cryptographic Foundations
Ed25519Compact 64-byte signatures, verified in microsecondsJWSRFC 7515: JSON Web Signature envelope formatRFC 8032EdDSA algorithm specificationRFC 8785Canonical JSON for deterministic policy bindingVerification Guarantees
- Offline verification once keys are acquired
- Deterministic output (canonical JSON)
- Cross-language parity (TypeScript and Go)
- JWKS discovery with SSRF protection
- Replay protection via nonce and timestamp
- Fail-closed by default
Common questions
Do I need a central service or account to use PEAC?
No. PEAC is an open standard. You publish your own policy and keys, return signed records with your own services, and anyone can verify them independently.
What is the difference between a record, a receipt, and a bundle?
A record is the claim set about an interaction. A receipt is the signed JWS that carries that record. A bundle is a portable package that collects receipts, policy snapshots, public keys, and verification output for audit or dispute.
Is PEAC a payment protocol?
No. PEAC is an evidence layer. Payment rails move funds. PEAC records what terms applied and what outcome occurred, and can carry settlement references from systems such as x402 and Stripe.
Is verification really offline?
Yes, once the verifier has the issuer's public key or a bundled verification artifact. Key acquisition may involve a network step. Signature and claims verification do not.
Is PEAC production ready?
Interaction Record Format 0.2 is stable and the current release line is v0.12.1. The project is still pre-1.0, so library APIs may continue to evolve, but the wire and verification surfaces are already usable for real integrations.
Do I still need PEAC if I already use logs or OpenTelemetry?
Yes, when proof must cross organizational boundaries. Logs and traces help you observe your own system. PEAC gives you signed, portable evidence another party can verify independently.
For evaluation, governance, and institutional review
Specifications, conformance, and governance
PEAC includes specifications, conformance artifacts, and governance documentation for technical and institutional review.
Open protocol. Active development.
PEAC is in active development. Library APIs may evolve before v1.0.