A2A Integration
Carry verifiable evidence through the Linux Foundation Agent-to-Agent Protocol (A2A) and Microsoft AGT / AAIF agent flows. PEAC evidence attaches to TaskStatus, Message, and Artifact objects via a registered extension URI, and now includes signed handoff observation records for agent-to-agent task transfers.
A2A v1.0.0 compatible. Microsoft AGT framework (AAIF) compatible via the A2A mapping layer. v0.3.0 support removed in v0.13.0.
Built on the Evidence Carrier Contract.
Install
pnpm add @peac/mappings-a2a
Agent Card Extension
Agents advertise PEAC evidence support in their Agent Card via the capabilities.extensions array. The extension URI is https://www.peacprotocol.org/ext/traceability/v1.
{
"name": "Example Agent",
"url": "https://agent.example",
"capabilities": {
"extensions": [{
"uri": "https://www.peacprotocol.org/ext/traceability/v1",
"description": "PEAC evidence traceability for agent interactions",
"required": false
}]
}
}Setting required: false allows non-PEAC agents to interoperate. Set to true only when evidence is mandatory for the workflow.
Evidence Carrier in Metadata
Evidence is carried in the metadata field of A2A objects (TaskStatus, Message, Artifact). The extension URI is the key, and the value contains a carriers array of PeacEvidenceCarrier objects.
{
"metadata": {
"https://www.peacprotocol.org/ext/traceability/v1": {
"carriers": [{
"receipt_ref": "sha256:abc123...",
"receipt_jws": "eyJhbGciOi..."
}]
}
}
}Each carrier includes a receipt_ref (SHA-256 of the JWS) and the receipt_jws (compact JWS). The receipt_ref is verified at extraction: sha256(receipt_jws) == receipt_ref.
Discovery
PEAC evidence support is discovered through a 3-step process:
1. Agent Card
Check capabilities.extensions[] for the PEAC extension URI. This is the primary discovery mechanism.
2. Well-Known
Fetch /.well-known/peac-issuer.json from the agent's origin for issuer configuration and JWKS resolution.
3. Header Probe
If the Agent Card does not declare the extension, check for PEAC-Receipt headers in HTTP responses as a fallback.
Transport Constraints
| Constraint | Value |
|---|---|
| Embed size limit | 64 KB |
| Carrier placement | metadata[extensionURI].carriers[] |
| receipt_ref format | sha256:<64 hex chars> |
| receipt_jws format | JWS Compact Serialization |
Attach and Extract
import { A2ACarrierAdapter } from '@peac/mappings-a2a';
const adapter = new A2ACarrierAdapter();
// Attach evidence to an A2A metadata object
const metadata = adapter.attach({}, {
receipt_ref: 'sha256:abc123...',
receipt_jws: 'eyJhbGciOi...',
});
// Extract evidence from A2A metadata
const carriers = adapter.extract(metadata);
// carriers: PeacEvidenceCarrier[]
// Validate transport constraints
const validation = adapter.validateConstraints(carriers);
// validation.valid: booleanPlacement in A2A Objects
Evidence can be attached to any A2A object that carries a metadata field:
| A2A Object | Use Case |
|---|---|
TaskStatus | Evidence for task lifecycle transitions |
Message | Evidence for individual agent messages |
Artifact | Evidence for generated outputs and deliverables |
Handoff Observation Records New in v0.14.1
Beyond carrying existing receipts, PEAC can now issue signed handoff observation records when a task transfers between agents. These records capture the observable boundary crossing — who initiated it, what was passed, and which agent accepted the task — as a portable, offline-verifiable signed record.
Handoff records use the org.peacprotocol/a2a-handoff extension namespace (15th extension group) with 10 registered type URIs covering task lifecycle events.
| Type URI | Event |
|---|---|
a2a-task-submitted | Task submitted to a remote agent |
a2a-task-completed | Task completed by the receiving agent |
a2a-handoff-initiated | Handoff initiated to a downstream agent |
a2a-handoff-accepted | Downstream agent accepted the handoff |
a2a-message-observed | Cross-agent message observed (non-task) |
import { issueA2AHandoffRecord } from '@peac/mappings-a2a';
// Issue a signed handoff observation record
const record = await issueA2AHandoffRecord({
eventKind: 'a2a-task-submitted',
taskRef: 'sha256:abc123...', // opaque reference, no raw task ID
upstreamAgentRef: 'did:key:z6Mk...',
downstreamAgentRef: 'did:key:z6Ml...',
signingKey: myKey,
issuer: 'https://agent.example.com',
});
// record.jws is a portable signed Wire 0.2 record
// Can be verified offline by any party with the issuer's public keyMicrosoft AGT / AAIF Compatibility
Microsoft's Agent-to-Agent Interoperability Framework (AAIF) and the Azure AI Foundry Agent toolkit (AGT) implement the Linux Foundation A2A protocol. Because PEAC's A2A mapping targets the A2A v1.0 specification directly, evidence carriers and handoff observation records work with AGT-based agents without any additional adapter.
Discovery
AGT agents advertise A2A capabilities via an Agent Card at /.well-known/agent.json. Add the PEAC extension URI to capabilities.extensions[] to signal evidence support.
Evidence Carry
Use the standard A2A metadata[extensionURI].carriers[] pattern. AGT passes metadata through TaskStatus and Message objects unchanged, so PEAC carriers travel transparently.
Handoff Records
For cross-agent task boundaries within AGT orchestrations, issue a2a-task-submitted and a2a-handoff-accepted records at the boundary. These provide verifiable evidence of what was delegated and to whom, independent of the orchestration platform.
Links
Verifier Resolution
After extracting a carrier from A2A metadata, verify the receipt by resolving the issuer: receipt iss claim to /.well-known/peac-issuer.json to jwks_uri to JWKS to public key. The receipt_ref integrity check (sha256(receipt_jws) == receipt_ref) runs before signature verification.