peac

Portable signed proof for agent, API, and MCP interactions

<a href="https://www.peacprotocol.org"> <h1 align="center">PEAC Protocol</h1> </a> Portable signed proof for agent, API, and MCP interactions Publish machine-readable terms, return signed interaction records, and verify them offline. <a href="LICENSE"><img src="https://img.shields.io/badge/License-Apache%202.0-brightgreen.svg" alt="License: Apache 2.0" /></a> <a href="https://github.com/peacprotocol/peac/releases"><img src="https://img.shields.io/github/v/release/peacprotocol/peac?color=brightgreen" alt="Latest Release" /></a> <a href="https://www.npmjs.com/package/@peac/protocol"><img src="https://img.shields.io/npm/dm/@peac/protocol?style=flat&color=brightgreen" alt="npm downloads" /></a> <a href="https://github.com/peacprotocol/peac/actions/workflows/ci.yml"><img src="https://img.shields.io/github/actions/workflow/status/peacprotocol/peac/ci.yml?branch=main&label=CI&color=brightgreen" alt="CI Status" /></a> <a href="https://www.peacprotocol.org">Website</a> · <a href="docs/SPEC_INDEX.md">Spec Index</a> · <a href="https://github.com/peacprotocol/peac/discussions">Discussions</a> · <a href="https://github.com/peacprotocol/peac/releases">Releases</a>

PEAC is an open standard for publishing machine-readable terms, returning signed interaction records, and verifying them offline. It is the evidence layer: portable proof across organizational boundaries, without replacing auth, payment rails, or observability.

For API providers, MCP tool hosts, agent operators, platforms, and auditors who need proof that crosses boundaries.

How it works

1. Publish terms at /.well-known/peac.txt
2. Return PEAC-Receipt with signed proof
3. Verify offline with the issuer's public key

What a governed HTTP response looks like:

HTTP/1.1 200 OK
PEAC-Receipt: eyJhbGciOiJFZERTQSIsInR5cCI6ImludGVyYWN0aW9uLXJlY29yZCtqd3QifQ...
Link: </.well-known/peac-issuer.json>; rel="issuer"

Quick start

Requirements: Node 24 (tested); Node 22+ (compatible). Go 1.26+ and Python 3.12+ also supported.

Verify a receipt

pnpm add @peac/protocol @peac/crypto

import { verifyLocal } from '@peac/protocol';

const receipt = response.headers.get('PEAC-Receipt');
const result = await verifyLocal(receipt, publicKey, {
  issuer: 'https://api.example.com',
});

if (result.valid) {
  console.log(result.claims.iss, result.claims.kind, result.claims.type);
}

Or from the CLI:

peac verify 'eyJhbGciOiJFZERTQSIsInR5cCI6ImludGVyYWN0aW9uLXJlY29yZCtqd3QifQ...'

Issue a receipt

import { generateKeypair } from '@peac/crypto';
import { issue } from '@peac/protocol';

const { privateKey, publicKey } = await generateKeypair();

const { jws } = await issue({
  iss: 'https://api.example.com',
  kind: 'evidence',
  type: 'org.peacprotocol/access-decision',
  pillars: ['access'],
  extensions: {
    'org.peacprotocol/access': {
      resource: 'https://api.example.com/inference/v1',
      action: 'execute',
      decision: 'allow',
    },
  },
  privateKey,
  kid: 'key-2026-03',
});

// Return jws in the PEAC-Receipt header

Run the example

pnpm install && pnpm build
pnpm --filter @peac/example-minimal demo

See examples/minimal/ for the full source. For HTTP/REST, Express middleware, and Go examples, see docs/README_LONG.md.

Common use cases

PEAC is most useful where logs are not enough: payments, cross-boundary verification, audit, dispute review, and multi-agent workflows.

Agentic commerce and payments: Prove what was offered, challenged, paid, or settled across paymentauth, x402, Agentic Commerce Protocol (ACP), Stripe SPT, and other commerce flows. See paymentauth Kit, ACP Kit, x402 Kit.
Audit and dispute review: Keep signed evidence that survives organizational boundaries, not just local logs. See Governance Mappings.
MCP tools and APIs: Verify, issue, and carry signed receipts for tool calls, API responses, and automated actions. See MCP Integration Kit.
Agent-to-agent workflows: Carry verifiable receipts across A2A task/state transitions and multi-agent chains. See A2A Integration Kit.

Start here

Full decision tree with quickstarts and integration kits

I run an API: API Provider Quickstart (5 minutes, Express middleware)
I run an MCP server: MCP Integration Kit or npx -y @peac/mcp-server
I want to verify a receipt: Agent Operator Quickstart (5 minutes)
I build A2A agents: A2A Integration Kit

Where it fits

Existing system	What PEAC adds
Logs	Portable proof that survives organizational boundaries
OpenTelemetry	Signed evidence that correlates to traces
MCP / A2A	Proof carried alongside tool calls and agent exchanges
AP2 / ACP (Agentic Commerce Protocol) / UCP	Proof of terms and outcomes across commerce protocols
paymentauth	Evidence from HTTP Payment authentication challenges and receipts
x402	Settlement proof mapping with offline verification
Stripe SPT / Payment rails	Delegation and settlement references made verifiable

What changes in your stack: keep auth, keep payments, keep observability. Add /.well-known/peac.txt and return PEAC-Receipt on governed responses.

What the artifacts look like

Artifact	Description
`/.well-known/peac.txt`	Machine-readable terms
`PEAC-Receipt`	Signed interaction proof in headers or transport metadata
`verifyLocal()`	Local verification once keys are available
`peac-bundle/0.1`	Portable audit/dispute package

CLI

Install: pnpm add @peac/cli or run from this repo: pnpm --filter @peac/cli exec peac --help.

peac verify 'eyJhbGc...'                # Verify a receipt
peac conformance run                     # Run conformance tests
peac reconcile a.bundle b.bundle         # Merge and diff evidence bundles
peac policy init                         # Create peac-policy.yaml
peac policy validate policy.yaml         # Validate policy syntax
peac policy generate policy.yaml         # Compile to deployment artifacts

See packages/cli/README.md for the full command reference.

Versioning

Current stable: Interaction Record format (interaction-record+jwt)
Legacy: Wire 0.1 (peac-receipt/0.1) is frozen; verifyLocal() returns E_UNSUPPORTED_WIRE_VERSION

See docs/specs/VERSIONING.md for the full versioning doctrine.

Security

JWS signature verification required before trusting any receipt claim
Key discovery via /.well-known/peac-issuer.json JWKS with SSRF guards
Kernel constraints enforced at issuance and verification (fail-closed)
No silent network fallback for offline verification
Errors mapped to RFC 9457 Problem Details

See SECURITY.md and docs/specs/PROTOCOL-BEHAVIOR.md.

Documentation

Document	Purpose
Spec Index	Normative specifications
Interaction Record Spec	Receipt envelope, kinds, extensions
Architecture	Kernel-first design
Kernel Constraints	Structural limits enforced at issue and verify
Policy Kit Quickstart	Policy authoring guide
Profiles	Integration profiles (Stripe x402, etc.)
Evidence Carrier Contract	Transport-neutral carrier placement rules
Developer Guide	Package catalog, integration examples, layer maps

Implementations

TypeScript (this repo): issuance, verification, CLI, middleware
Go: sdks/go/ issuance and verification
MCP: MCP server evidence emission and verification tools
A2A: A2A carrier mapping metadata carrier, OAuth PKCE auth surface
gRPC: gRPC transport carrier adapter with HTTP/2 metadata binding
DID: DID resolution did:key and did:web resolver with caching
Express: Express middleware receipt middleware
x402: x402 adapter payment evidence adapter (V1 + V2)
Supply chain: in-toto and SLSA provenance mappings

Building an implementation? Open an issue.

Contributing and license

Contributions are welcome. For substantial changes, please open an issue first. See docs/SPEC_INDEX.md for normative specifications and docs/CI_BEHAVIOR.md for CI guidelines.

Apache-2.0. See LICENSE. Stewardship: Originary and the open source community.

Source: github.com/peacprotocol/peac | Website: peacprotocol.org | Discussions: GitHub Discussions

Repository

peacprotocol

peacprotocol/peac

Created

July 14, 2025

Updated

April 13, 2026

Language

TypeScript