Adapters & Integrations
PEAC provides unified verifiable interaction records across systems and organizational boundaries. One receipt format designed to compose with MCP, ACP, A2A, TAP, UCP, x402, payment gateways, and more via adapters and mappings.
Agent Protocol Mappings
Integrate with AI agent and commerce protocols
MCP
@peac/mappings-mcpModel Context Protocol integration with budget utilities.
- Per-call and daily budget limits
- Bigint minor units for precision
- Tool call authorization
ACP
@peac/mappings-acpAgentic Commerce Protocol session lifecycle and payment observation evidence.
- Session lifecycle evidence (fromACPSessionLifecycleEvent)
- Payment observation with explicit state (fromACPPaymentObservation)
- Budget enforcement utilities
- Agent identity binding
TAP
@peac/mappings-tapVisa Trusted Agent Protocol mapping with signature verification.
- RFC 9421 HTTP Message Signatures
- Time window validation (8 min max)
- Fail-closed security defaults
RSL
@peac/mappings-rslRobots Specification Language alignment for access permissions.
- RSL 1.0 token mapping
- Canonical ControlPurpose (train, search, user_action, inference, index)
- Collective licensing support
UCP
@peac/mappings-ucpGoogle Universal Commerce Protocol webhook verification with order-vs-payment separation.
- Order-vs-payment semantic separation (payment_state_source marker)
- JWS verification (RFC 7797 detached payload for UCP webhooks)
- Dispute evidence generation for audit bundles
- ES256/ES384/ES512 signature support
AIPREF
@peac/mappings-aiprefIETF AIPREF vocabulary mapping for purpose declarations.
- Purpose token normalization
- Canonical purpose mapping
- Robots.txt bridge
A2A
@peac/mappings-a2aAgent-to-Agent Protocol evidence carrier for TaskStatus, Message, and Artifact metadata.
- Agent Card extension (capabilities.extensions)
- Evidence Carrier Contract support
- 3-step discovery (Agent Card, well-known, header probe)
Content Signals
@peac/mappings-content-signalsObservation-only mapping for robots.txt (RFC 9309), AIPREF Content-Usage, tdmrep.json, and Content-Signal headers.
- Three-state model: allow / deny / unspecified
- Source precedence: tdmrep.json > Content-Signal > Content-Usage > robots.txt
- No network I/O (pure transform)
Inference Evidence
@peac/adapter-openai-compatibleHash-first interaction evidence for OpenAI-compatible chat completion APIs.
- SHA-256 digests only, no raw text stored
- Works with any OpenAI-compatible provider
- fromChatCompletion() convenience function
Payment Rails
5 adaptersx402
@peac/rails-x402HTTP 402 extension with v0.2 profile, DoS protection, and v1/v2 dual-header read.
- Profile: peac-x402-offer-receipt/0.1
- v1/v2 dual-header read with upstream artifact separation
- DoS guards: 128 entries max, 256 KiB total
- CAIP-2 network validation
Payment gateways
@peac/rails-stripeStripe payment gateway integration with webhook verification, SPT delegation evidence, and x402 crypto bridge.
- Payment Intent observation with explicit payment state
- SPT delegation evidence (granted, presented, deactivated)
- Webhook signature verification
- Subscription billing support
- fromCryptoPaymentIntent() for x402 bridge
Card Billing
@peac/rails-cardGeneric card billing bridge with billing_snapshot support.
- billing_snapshot in payment.evidence
- Works with any card processor
- Statement descriptor support
Paymentauth / MPP
@peac/mappings-paymentauthHTTP Payment authentication scheme (draft-ryan-httpauth-payment) with envelope-first parsing and carrier adapter.
- Challenge + Credential + Receipt envelope parsing
- Raw + normalized dual representation
- JSON-RPC/MCP error helpers
- Carrier coexistence with PEAC-Receipt header
Razorpay
@peac/rails-razorpayIndia payment adapter supporting UPI, cards, and netbanking.
- UPI, cards, netbanking support
- Webhook signature verification
- India-first payment flows
x402 Vendor Adapters
Normalize vendor-specific events to PaymentEvidence
Daydreams
@peac/adapter-x402-daydreamsAI inference router adapter for Daydreams events.
- Event normalization to PaymentEvidence
- Model and token tracking
- Inference cost attribution
Fluora
@peac/adapter-x402-fluoraMCP marketplace adapter for Fluora hosting events.
- Tool call metering
- Hosting cost tracking
- MCP integration
Pinata
@peac/adapter-x402-pinataIPFS gateway adapter for Pinata private objects.
- Private IPFS object access
- Bandwidth tracking
- CID-based authorization
Infrastructure
Low-level utilities and transports
Contracts
@peac/contractsSingle source of truth for error codes and MODE_BEHAVIOR contract.
- Canonical E_* error codes
- WWW-Authenticate builder
- Contract-driven design
Worker Core
@peac/worker-coreRuntime-neutral TAP verification handler with security hardening.
- Default mode: tap_only
- Error message sanitization
- LRU replay protection
HTTP Signatures
@peac/http-signaturesRFC 9421 HTTP Message Signatures parsing and verification.
- Full RFC 9421 compliance
- Signature-Input parsing
- Component extraction
JWKS Cache
@peac/jwks-cacheEdge-safe JWKS fetch with SSRF protection.
- Literal IP blocking
- No redirect following
- Cache TTL management
Net Node
@peac/net-nodeSSRF-safe network utilities with DNS resolution pinning.
- RFC 6890 special-use IP blocking
- Redirect policy with host-change validation
- Three-tier evidence redaction
gRPC Transport
@peac/transport-grpcgRPC carrier adapter with HTTP/2 metadata binding and status code parity.
- CarrierAdapter for gRPC metadata (8 KiB default)
- Real SHA-256 receipt_ref computation
- Binary metadata rejection
- HTTP/gRPC status code mapping
DID Resolution
@peac/adapter-didDID document resolution for did:key and did:web with caching.
- did:key Ed25519 resolution (zero I/O)
- did:web SSRF-hardened resolution
- TTL-based caching with mutation isolation
- Domain allowlist and IP rejection
Observability & Telemetry
Trace correlation and metrics for PEAC operations
OpenTelemetry
@peac/telemetry-otelOpenTelemetry adapter for PEAC telemetry with privacy modes.
- Privacy modes: strict, balanced, custom
- W3C Trace Context support
- Metrics and spans for issue()/verify()
- receipt_ref span attribute correlation
Provenance & Attribution
Content derivation proofs and C2PA bridging
Attribution
@peac/attributionContent derivation and usage proofs for AI training, RAG, and content reuse.
- Content hash verification (SHA-256)
- Attribution chain resolution
- C2PA provenance bridging
in-toto v1.0
@peac/mappings-intotoBidirectional mapping between in-toto v1.0 attestation statements and PEAC provenance extension.
- Statement envelope mapping (subjects, predicate type)
- Deterministic digest selection (sha256 preferred)
- First-subject-wins for multi-subject statements
SLSA v1.2
@peac/mappings-slsaBidirectional mapping between SLSA v1.2 provenance predicates and PEAC provenance extension.
- Build definition and run details mapping
- Source from resolvedDependencies (not buildType)
- Track-based SLSA level metadata
MCP Server for AI Agents
Verify, inspect, decode, issue, and bundle receipts via MCP tools
MCP Server
@peac/mcp-serverMCP server exposing 5 tools for AI agents in Claude Desktop, Cursor, and other MCP hosts.
- peac_verify: verify a receipt with full check pipeline
- peac_inspect: decode and display receipt claims
- peac_decode: raw JWS decode without verification
- peac_issue: issue signed receipts (privileged)
- peac_create_bundle: create evidence bundles (privileged)
Middleware
Framework middleware for automatic receipt issuance
Middleware Core
@peac/middleware-coreFramework-agnostic middleware primitives for PEAC receipt issuance.
- Bounded rate-limit store with LRU eviction
- Configurable maxKeys for memory management
- Framework-agnostic design
Express Middleware
@peac/middleware-expressExpress.js middleware for automatic receipt issuance (Express 4.x and 5.x).
- Automatic PEAC-Receipt header injection
- Express 4.x and 5.x compatibility
- 3-line integration
Capture Pipeline
Evidence capture with spool stores and deduplication
Capture Core
@peac/capture-coreRuntime-neutral capture pipeline with deterministic timestamps and tamper-evident chain.
- MemorySpoolStore and MemoryDedupeIndex
- Deterministic timestamps for reproducibility
- Tamper-evident chain with hash linking
- 6 E_CAPTURE_* error codes
Capture Node
@peac/capture-nodeDurable filesystem-backed stores for Node.js environments.
- FileSpoolStore for persistent spool storage
- FileDedupeIndex for durable deduplication
- Filesystem-backed durability
Agent Runtimes
Interaction evidence capture for agent execution frameworks
OpenClaw
@peac/adapter-openclawFull OpenClaw plugin for agent interaction evidence capture with two-stage pipeline.
- activate() one-call setup with generateSigningKey()
- Two-stage pipeline: sync capture (< 10ms) + async emit
- Tamper-evident chain with deterministic timestamps
- Protocol-grade JWK signing and verification
- Slash commands: /peac-status, /peac-query, /peac-verify
Example: Rail-Agnostic Verification
import { verify } from '@peac/protocol'
// Works with any payment rail - same verification logic
app.use('/api/premium', async (req, res, next) => {
const receipt = req.header('PEAC-Receipt')
if (!receipt) {
return res.status(402).json({
type: 'https://www.peacprotocol.org/problems/payment-required',
title: 'Payment Required',
rails: ['x402', 'card', 'payment-gateway']
})
}
const result = await verify(receipt, {
issuerAllowlist: ['https://api.example.com']
})
if (!result.ok) {
return res.status(401).json({ error: result.error.code })
}
// Receipt is valid - rail-agnostic verification
console.log('Rail:', result.claims.payment.rail) // 'x402' | 'card' | ...
console.log('Amount:', result.claims.amt, result.claims.cur)
console.log('Facilitator:', result.claims.payment.facilitator) // 'daydreams' | 'fluora' | ...
next()
})Get Started
Install a payment rail adapter and start issuing verifiable receipts.
# Install core + your preferred rail pnpm add @peac/protocol @peac/rails-x402 # Or for payment gateways pnpm add @peac/protocol @peac/rails-stripe