Agent Protocols
PEAC provides mappings for major agent communication protocols. Each mapping is a pure transform -- it takes protocol-specific input and produces a standardized PEAC extension object that you attach to a receipt.
Supported protocols
| Protocol | Package | Description | Status |
|---|---|---|---|
| MCP | @peac/mappings-mcp | Model Context Protocol (tool calls, resources) | Stable |
| ACP | @peac/mappings-acp | Agentic Commerce Protocol (commerce evidence) | Stable |
| A2A | @peac/mappings-a2a | Agent-to-Agent v1.0 carrier evidence and handoff observation records (AGT/AAIF compatible) | Stable |
| TAP | @peac/mappings-tap | Visa Trusted Agent Protocol | Stable |
| UCP | @peac/mappings-ucp | Universal Commerce Protocol | Stable |
| RSL | @peac/mappings-rsl | Rights Specification Language | Stable |
| AIPREF | @peac/mappings-aipref | IETF AI Preferences vocabulary | Stable |
| MPP / paymentauth | @peac/mappings-paymentauth | Machine Payments Protocol HTTP Auth challenges and receipts | Stable |
| Runtime Governance | @peac/adapter-runtime-governance | Policy evaluation, safety check, compliance gate, mode transition records (AGT/AAIF compatible) | Stable |
| Managed Agents | @peac/adapter-managed-agents | Managed agent platform evidence (Claude, OpenAI Assistants, and similar) | Stable |
MCP (Model Context Protocol)
Carry a signed PEAC receipt on an MCP tool response. You issue a record of the tool call, then attach it to the response _meta so any consumer can verify it offline.
pnpm add @peac/mappings-mcp
import { attachReceiptToMeta } from '@peac/mappings-mcp';
import { issue } from '@peac/protocol';
import { computeReceiptRef } from '@peac/schema';
// Issue a signed record of the observed tool call
const { jws } = await issue({
iss: 'https://tools.example.com',
kind: 'evidence',
type: 'org.peacprotocol/mcp-tool-call',
privateKey: signingKey,
kid: 'tools-key-1',
});
// Carry the receipt on the MCP tool response via _meta
const toolResponse = attachReceiptToMeta(originalResponse, {
receipt_ref: await computeReceiptRef(jws),
receipt_jws: jws,
});
The receipt carried in _meta:
- Tool identity -- recorded in the issued record's claims
- Call arguments -- hashed by default for privacy
- Result metadata -- response shape and size
- Timing -- call timestamps
MCP Server
The @peac/mcp-server package is a complete MCP server that exposes PEAC verification, inspection, and issuance as MCP tools. See the MCP Server guide for setup and usage.
ACP (Agentic Commerce Protocol)
Map ACP session lifecycle and payment observation events to PEAC receipts. The mapping enforces a strict two-function boundary: session lifecycle evidence is separate from payment observation evidence.
pnpm add @peac/mappings-acp
import { fromACPSessionLifecycleEvent } from '@peac/mappings-acp';
// Session/access evidence only
const sessionEvidence = fromACPSessionLifecycleEvent({
sessionId: 'session_abc',
event: 'completed',
});
import { fromACPPaymentObservation } from '@peac/mappings-acp';
// Commerce evidence requires explicit observed_payment_state
const paymentEvidence = fromACPPaymentObservation({
sessionId: 'session_abc',
observed_payment_state: 'settled',
});
A2A (Agent-to-Agent Protocol)
Carry verifiable evidence through A2A metadata in TaskStatus, Message, and Artifact objects. The mapping uses the Evidence Carrier Contract to attach receipt references and JWS signatures to A2A interactions. Compatible with A2A v1.0.0 and v0.3.0 via a dual-version transition normalizer.
pnpm add @peac/mappings-a2a
import { extractReceiptFromArtifactAsync, attachReceiptToArtifact } from '@peac/mappings-a2a';
// Attach evidence to an A2A artifact
const artifact = attachReceiptToArtifact(originalArtifact, [
{
receipt_ref: 'sha256:abc123...',
receipt_jws: 'eyJhbGciOiJFZERTQSIs...',
},
]);
// Extract evidence from an A2A artifact
const result = await extractReceiptFromArtifactAsync(incomingArtifact);
Agent Card Discovery
A2A agents advertise PEAC support via the Agent Card capabilities.extensions array:
{
"capabilities": {
"extensions": [
"https://www.peacprotocol.org/ext/traceability/v1"
]
}
}
See the A2A integration page for the full discovery flow and metadata examples.
Runtime Governance
Record policy evaluation, safety check, compliance gate, and mode transition events from runtime governance systems. Compatible with Microsoft AGT (Agent Governance Toolkit) and AAIF (Agent AI Interoperability Framework).
pnpm add @peac/adapter-runtime-governance
import { issueRuntimeGovernanceRecord, mapAgtEvent } from '@peac/adapter-runtime-governance';
// Map the upstream governance event
const event = mapAgtEvent({
family: 'policy_decision',
event: 'policy.evaluated',
data: { action: 'allow', matched_rule: 'content-safety-v2' },
source: { system: 'microsoft-agt' },
});
// Record what the governance system reported as a signed PEAC record
const { jws } = await issueRuntimeGovernanceRecord(event, {
privateKey: signingKey,
kid: 'gov-key-1',
issuer: 'https://governance.example.com',
sessionId: 'sess-001',
agentId: 'agent-001',
provider: 'example-runtime',
});
Observation type URIs (Section 27, RTGOV-001..007):
| Type URI | Description |
|---|---|
org.peacprotocol/runtime-governance-policy-evaluation | Policy was evaluated against an agent action |
org.peacprotocol/runtime-governance-safety-check | Safety check was performed |
org.peacprotocol/runtime-governance-compliance-gate | Compliance gate was evaluated |
org.peacprotocol/runtime-governance-mode-transition | Agent mode or operating boundary was changed |
org.peacprotocol/runtime-governance-override-decision | A governance override was issued |
org.peacprotocol/runtime-governance-audit-trigger | Audit event was triggered by the governance system |
All records are observer scope: PEAC records what the governance system reported. PEAC does not evaluate policies or enforce governance rules.
See the Runtime Governance profile for the full field specification.
Managed Agents
Record evidence from managed agent platforms. @peac/adapter-managed-agents normalizes managed agent execution events into PEAC observer-scope records.
pnpm add @peac/adapter-managed-agents
import { issueSessionEvent } from '@peac/adapter-managed-agents';
// Record a managed agent session event as a signed PEAC record
const { jws } = await issueSessionEvent({
privateKey: signingKey,
kid: 'app-key-1',
issuer: 'https://your-app.example.com',
sessionId: 'run_abc123',
agentId: 'agent-001',
provider: 'your-runtime', // caller-supplied, never hardcoded
event: 'session.completed',
});
How mappings work
Mappings are pure functions with no I/O, no side effects, and no dependencies on protocol SDKs. They take protocol-specific input and return a PEAC extension object. This makes them safe to run in any environment -- server, edge, or browser.
The data flows through three stages:
Protocol event
|
v
Mapping function (pure transform)
|
v
PEAC extension object
|
v
Receipt (via issue or issue)
Extension objects use reverse-DNS namespaced keys. In Interaction Record format, extensions are top-level under extensions:
{
"extensions": {
"org.peacprotocol/correlation": {
"trace_id": "a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4",
"workflow_id": "mcp-tool-call-123"
}
}
}
Extension registry
PEAC maintains advisory registries for tool call metadata. These registries define standard vocabularies so that different implementations describe the same operations consistently.
toolcall_op_types-- types of tool call operations (read,write,execute,query,subscribe)toolcall_resource_types-- types of resources accessed (api,database,file,network,compute)
See Registries for the full registry specification.