v0.15.05 rails · 8 agent protocols · 19 extension namespaces · 290 conformance IDs

Adapters & Integrations

One record format that composes across the full stack — agent protocols, payment rails, runtime governance, provisioning, observability, and supply-chain provenance. Every adapter maps external semantics to portable signed records verifiable by any party.

New in v0.14 — Execution and Lifecycle Records

v0.14.1 added CLI execution records and lifecycle observation records. v0.14.2 adds provisioning lifecycle records for credential, token, and permission provisioning events. All use the existing Wire 0.2 format with new extension namespaces.

Provisioning Lifecycle·CLI Execution Records·Runtime Governance

Execution & Lifecycle Records

Portable signed records for CLI commands, lifecycle events, and provisioning operations

3 profiles

CLI Execution Records

@peac/cli

New in v0.14

Signed portable records for CLI command execution. Every command invocation becomes a verifiable artifact: hashed arguments, exit codes, execution time, and redacted output.

peac observe command — unsigned JSON observation
peac record command — signed Wire 0.2 compact JWS
Double opt-in for raw capture modes (argv, env, stdout)
org.peacprotocol/cli-execution extension namespace
Conformance Section 29 (CLI-EXEC-001..006)

Since v0.14.1

Lifecycle Observation Records

@peac/cli + @peac/schema

Source-only

Signed records for lifecycle events emitted by orchestration systems: approvals, evaluations, experiments, and workflow transitions. Purely observational — PEAC records what happened, not what to do.

peac emit lifecycle — signed lifecycle observation record
9 discriminated event kinds (approval, evaluation, experiment, workflow)
Opaque reference grammar — no raw PII in any field
org.peacprotocol/lifecycle-observation extension namespace
Conformance Section 30 (LIFE-OBS-001..010)

Since v0.14.1

Provisioning Lifecycle Records

@peac/schema

New in v0.14

Signed observer-scope records for credential, token, and permission provisioning events. Captures what upstream systems report — not authorization or settlement decisions.

10 event kinds covering the full provisioning surface
Recursive credential-material scanner (blocks secrets at validation time)
Abstract storage_surface with vendor-neutral kind enum
21 stable error codes including invalid_utf8, inline_credential_blocked
Conformance Section 31 (PROV-LIFE-001..010)

Since v0.14.2

Agent Protocol Mappings

MCP, A2A, AGT, ACP, TAP, UCP, AIPREF, and content signals

10 protocols

A2A — Agent-to-Agent Protocol

@peac/mappings-a2a

84 testsProduction-ready

Full A2A v1.0 alignment with handoff observation records. Carry verifiable evidence alongside A2A task submissions, handoffs, and message exchanges. Compatible with Google A2A and Microsoft Agent Framework (AGT).

A2A v1.0 task handoff observation records
Signature observation field (sha256: digest-only, SSRF-safe)
Agent Card extensions (capabilities.extensions)
Evidence Carrier Contract support
3-step discovery: Agent Card, well-known, header probe
Microsoft AGT / AAIF compatible

Since v0.14.1

MCP — Model Context Protocol

@peac/mappings-mcp

Stable

Model Context Protocol integration for issuing and verifying signed records alongside MCP tool responses. Works with Claude Desktop, Cursor, Windsurf, and any MCP-compliant host.

Per-call and daily budget limits
Signed records alongside tool responses
Bigint minor units for precision
org.peacprotocol/mcp-tool-call type URI

ACP — Agentic Commerce Protocol

@peac/mappings-acp

Stable

Agentic Commerce Protocol session lifecycle and payment observation evidence with strict semantic boundaries between lifecycle and payment state.

Session lifecycle evidence (fromACPSessionLifecycleEvent)
Payment observation with explicit finality guard
Budget enforcement utilities
Agent identity binding

Managed Agents / Runtime Governance

@peac/adapter-managed-agents + @peac/adapter-runtime-governance

Source-only

Evidence records for managed agent runtimes and runtime governance systems. Generic adapter layer that composes with AGT, AAIF, LangGraph, CrewAI, and other orchestration frameworks.

Generic runtime-governance profile (RTGOV-001..007)
AGT mapper as first concrete integration
observation-specific type URIs per governance event
Per-family validation with discriminated union payloads
Hosted Verify record profile detection (registry-driven)

Since v0.14.0+

TAP — Trusted Agent Protocol

@peac/mappings-tap

29 testsSource-only

Visa Trusted Agent Protocol mapping with full RFC 9421 HTTP Message Signature verification and replay protection.

RFC 9421 HTTP Message Signatures
Time window validation (8 min max)
Fail-closed security defaults

RSL — Robots Specification Language

@peac/mappings-rsl

47 testsSource-only

RSL 1.0 token mapping for access control purposes. Canonical ControlPurpose values aligned with the RSL specification.

RSL 1.0 token mapping
Canonical ControlPurpose (train, search, user_action, inference, index)
Collective licensing support

UCP — Universal Commerce Protocol

@peac/mappings-ucp

84 testsStable

Google Universal Commerce Protocol webhook verification with strict order-vs-payment separation and dispute evidence generation.

Order-vs-payment semantic separation
JWS verification (RFC 7797 detached payload)
Dispute evidence generation for audit bundles
ES256/ES384/ES512 signature support

AIPREF

@peac/mappings-aipref

32 testsSource-only

IETF AIPREF vocabulary mapping for AI purpose declarations. Normalizes AIPREF tokens to PEAC canonical ControlPurpose values.

Purpose token normalization
Canonical purpose mapping
Robots.txt bridge

Content Signals

@peac/mappings-content-signals

Stable

Observation-only mapping for robots.txt (RFC 9309), AIPREF Content-Usage, tdmrep.json, and Content-Signal headers. Three-state model with source precedence.

Three-state model: allow / deny / unspecified
Source precedence: tdmrep.json > Content-Signal > Content-Usage > robots.txt
No network I/O (pure transform)

Inference Evidence

@peac/adapter-openai-compatible

Stable

Hash-first interaction evidence for any OpenAI-compatible chat completion API. SHA-256 digests only — no raw text stored in the record.

SHA-256 digests only, no raw text stored
Works with any OpenAI-compatible provider
fromChatCompletion() convenience function

Payment Rails

x402, Stripe, Paymentauth/MPP, card billing, and Razorpay

5 adapters

x402 — HTTP 402 Payment

@peac/rails-x402

Production-ready

HTTP 402 extension adapter with v0.2 profile, dual-header read for v1/v2 responses, DoS protection, and CAIP-2 network validation.

Profile: peac-x402-offer-receipt/0.1
v1/v2 dual-header read with upstream artifact separation
DoS guards: 128 entries max, 256 KiB total
CAIP-2 network validation

Stripe Payment Gateways

@peac/rails-stripe

Source-only

Stripe payment gateway with webhook verification, SPT delegation evidence, x402 crypto bridge, and subscription billing observation.

Payment Intent observation with explicit finality state
SPT delegation evidence (granted, presented, deactivated)
Webhook signature verification
Subscription billing observation
fromCryptoPaymentIntent() for x402 bridge

Paymentauth / MPP

@peac/mappings-paymentauth

Beta

HTTP Payment authentication scheme (draft-ryan-httpauth-payment) — the foundation for Machine Payments Protocol. Envelope-first parsing with raw and normalized dual representation.

Challenge + Credential + Receipt envelope parsing
Raw + normalized dual representation
JSON-RPC/MCP error helpers
Carrier coexistence with PEAC-Receipt header

Card Billing

@peac/rails-card

Source-only

Generic card billing bridge with billing_snapshot support. Works with any card processor.

billing_snapshot in payment.evidence
Works with any card processor
Statement descriptor support

Razorpay

@peac/rails-razorpay

Source-only

India payment adapter supporting UPI, cards, and netbanking with webhook signature verification.

UPI, cards, netbanking support
Webhook signature verification
India-first payment flows

x402 Vendor Adapters

Normalize vendor-specific x402 events to canonical PaymentEvidence

3 adapters

Daydreams

@peac/adapter-x402-daydreams

28 testsSource-only

AI inference router adapter for Daydreams events with model and token tracking.

Event normalization to PaymentEvidence
Model and token tracking
Inference cost attribution

Fluora

@peac/adapter-x402-fluora

27 testsSource-only

MCP marketplace adapter for Fluora hosting events with tool call metering.

Tool call metering
Hosting cost tracking
MCP integration

Pinata

@peac/adapter-x402-pinata

27 testsSource-only

IPFS gateway adapter for Pinata private objects with bandwidth tracking and CID-based authorization.

Private IPFS object access
Bandwidth tracking
CID-based authorization

HTTP Middleware

Automatic PEAC-Receipt header issuance for HTTP frameworks

2 packages

Express Middleware

@peac/middleware-express

Production-ready

Express.js middleware for automatic PEAC-Receipt header injection. Compatible with Express 4.x and 5.x. 3-line integration.

Automatic PEAC-Receipt header injection
Express 4.x and 5.x compatibility
3-line integration: import, configure, use

Middleware Core

@peac/middleware-core

Stable

Framework-agnostic middleware primitives. Bounded rate-limit store with LRU eviction for building custom middleware.

Bounded rate-limit store with LRU eviction
Configurable maxKeys for memory management
Framework-agnostic — wire to any HTTP framework

MCP Server for AI Agents

Verify, inspect, decode, issue, and bundle records via MCP tools in any AI host

1 package

PEAC MCP Server

@peac/mcp-server

226 testsProduction-ready

MCP server exposing 5 tools for AI agents in Claude Desktop, Cursor, Windsurf, and any MCP host. Verify, inspect, decode, issue, and bundle records directly from your AI assistant.

peac_verify — full verification pipeline with policy check
peac_inspect — decode and display record claims
peac_decode — raw JWS decode without verification
peac_issue — issue signed records (privileged mode)
peac_create_bundle — create portable evidence bundles

Observability & Telemetry

OpenTelemetry span correlation and privacy-aware metrics

1 package

OpenTelemetry

@peac/telemetry-otel

96 testsSource-only

OpenTelemetry adapter for PEAC telemetry. Bridge PEAC receipt events to OTel spans and metrics with configurable privacy modes. The peac.record.ref attribute is a PEAC custom attribute, not an OTel semantic convention.

Privacy modes: strict, balanced, custom
W3C Trace Context support
Metrics and spans for issue()/verify()
peac.record.ref span attribute for cross-system correlation
Informative-only OTel composition (PEAC does not ship an OTel SDK)

Provenance & Attribution

in-toto v1.0, SLSA v1.2, and C2PA content derivation proofs

3 packages

Attribution

@peac/attribution

Source-only

Content derivation and usage proofs for AI training, RAG, and content reuse. C2PA provenance bridging.

Content hash verification (SHA-256)
Attribution chain resolution
C2PA provenance bridging

in-toto v1.0

@peac/mappings-intoto

21 testsStable

Bidirectional mapping between in-toto v1.0 attestation statements and PEAC provenance extension.

Statement envelope mapping (subjects, predicate type)
Deterministic digest selection (sha256 preferred)
First-subject-wins for multi-subject statements

SLSA v1.2

@peac/mappings-slsa

25 testsStable

Bidirectional mapping between SLSA v1.2 provenance predicates and PEAC provenance extension.

Build definition and run details mapping
Source from resolvedDependencies (not buildType)
Track-based SLSA level metadata

Infrastructure

DID resolution, gRPC transport, SSRF protection, JWKS caching, and replay protection

7 packages

DID Resolution

@peac/adapter-did

73 testsStable

DID document resolution for did:key and did:web with SSRF-hardened fetching, TTL caching, and mutation isolation.

did:key Ed25519 resolution (zero I/O)
did:web SSRF-hardened resolution
TTL-based caching with mutation isolation
Domain allowlist and IP rejection

gRPC Transport

@peac/transport-grpc

84 testsStable

gRPC carrier adapter with HTTP/2 metadata binding, real SHA-256 receipt_ref computation, and HTTP/gRPC status code parity.

CarrierAdapter for gRPC metadata (8 KiB default)
Real SHA-256 receipt_ref computation
Binary metadata rejection
HTTP/gRPC status code mapping

HTTP Signatures

@peac/http-signatures

22 testsStable

Full RFC 9421 HTTP Message Signatures parsing and verification for TAP, webhook auth, and signed request flows.

Full RFC 9421 compliance
Signature-Input parsing
Component extraction

JWKS Cache

@peac/jwks-cache

19 testsStable

Edge-safe JWKS fetch with SSRF protection. No redirect following. Cache TTL management.

Literal IP blocking
No redirect following
Cache TTL management

Net Node

@peac/net-node

Stable

SSRF-safe network utilities with DNS resolution pinning and RFC 6890 special-use IP blocking.

RFC 6890 special-use IP blocking
Redirect policy with host-change validation
Three-tier evidence redaction

Worker Core

@peac/worker-core

112 testsSource-only

Runtime-neutral TAP verification handler with LRU replay protection and error message sanitization.

Default mode: tap_only
Error message sanitization
LRU replay protection

Contracts

@peac/contracts

28 testsStable

Single source of truth for canonical error codes and MODE_BEHAVIOR contract. Machine-readable contract for error code dispatch.

Canonical E_* error codes
WWW-Authenticate builder
Contract-driven design

Capture Pipeline

Spool stores, deduplication, and tamper-evident chain for evidence capture

2 packages

Capture Core

@peac/capture-core

Stable

Runtime-neutral capture pipeline with deterministic timestamps and tamper-evident chain linking.

MemorySpoolStore and MemoryDedupeIndex
Deterministic timestamps for reproducibility
Tamper-evident chain with hash linking
6 E_CAPTURE_* error codes

Capture Node

@peac/capture-node

Stable

Durable filesystem-backed stores for Node.js environments. Persistent spool storage and file-based deduplication.

FileSpoolStore for persistent spool storage
FileDedupeIndex for durable deduplication
Filesystem-backed durability

Agent Runtimes

Interaction evidence capture for agent execution frameworks

1 adapter

OpenClaw

@peac/adapter-openclaw

1815 testsStable

Full OpenClaw plugin for agent interaction evidence capture with two-stage pipeline: sync capture under 10ms, async emit.

activate() one-call setup with generateSigningKey()
Two-stage pipeline: sync capture (< 10ms) + async emit
Tamper-evident chain with deterministic timestamps
Protocol-grade JWK signing and verification
Slash commands: /peac-status, /peac-query, /peac-verify

Rail-agnostic verification

Every adapter maps to the same underlying Wire 0.2 record. Verification logic is identical regardless of which rail or protocol generated the record.

middleware.tsTypeScript

import { verify } from '@peac/protocol'

app.use('/api/premium', async (req, res, next) => {
  const receipt = req.header('PEAC-Receipt')

  if (!receipt) {
    return res.status(402).json({
      type: 'https://www.peacprotocol.org/problems/payment-required',
      title: 'Payment Required',
      rails: ['x402', 'card', 'payment-gateway']
    })
  }

  const result = await verify(receipt, {
    issuerAllowlist: ['https://api.example.com']
  })

  if (!result.ok) {
    return res.status(401).json({ error: result.error.code })
  }

  // Same verification — different rails
  console.log('Rail:', result.claims.payment.rail)        // 'x402' | 'card' | ...
  console.log('Amount:', result.claims.amt, result.claims.cur)
  next()
})

Get started

Install the core package and the adapter for your system. All adapters are Apache-2.0 and have no hosted dependency.

# Core + HTTP middleware (most common starting point)
pnpm add @peac/protocol @peac/middleware-express

# Core + x402 payment rail
pnpm add @peac/protocol @peac/rails-x402

# Core + A2A handoff records
pnpm add @peac/protocol @peac/mappings-a2a

Quickstart Guide View Examples GitHub