AEOESS
ContactGet Started
aeoess/Protocol architecture

The protocol, in one page.

Six layers, eight primitives, one enforcement boundary. Every other page on this site is built from what is on this one.

Principalhuman / orgPassportidentityDelegationscope · spend · sunsetAgentacts on your behalfGatewaypolicy enforcementReceiptsigned auditIDENTITY PATHDELEGATION PATH

Hover the nodes to see the two signing paths. The full interactive viz lives at /protocol-architecture.html.

Layers

From identity to governance.

L0
Identity
did:key, did:web, SPIFFE SVID, OAuth bridge. Every actor is a passport with verifiable keys.
rfc 8032 · w3c did
L1
Delegation
Capability tokens with monotonic narrowing. Scope cannot expand. TTL cannot extend.
paper 4 · paper 5
L2
Enforcement
The gateway runs four-gate evaluation on every intent. Sub-2ms p99. Fail-fast denial.
paper 7 · spec §4
L3
Receipts
Action, custody, and contestability receipts. RFC 8785 canonicalization. Ed25519 signatures.
paper 6 · spec §6
L4
Aggregation
APSBundle aggregates receipts under a Merkle root. Dispute window. Cascade revocation.
paper 9 · spec §8
L5
Governance
aps.txt, HTML embeds, HTTP headers. Signed terms blocks travel with the artifact.
paper 11 · spec §10
Primitives

Eight things. That is the surface.

Passport
Long-lived identity. Holds the root delegation. Issues all child delegations.
Delegation
A scoped, time-bounded capability. Can only narrow downstream.
Action receipt
A signed record of one operation under one delegation.
Custody receipt
Binds the inputs the agent saw at decision time. Merkle-rooted.
Contestability
A structured dispute against any prior receipt. Triggers a defined response window.
APSBundle
Merkle aggregation of receipts. The unit of audit.
Governance block
Signed terms a publisher attaches to an artifact, served at well-known paths.
TrustBundle
The set of issuer keys, vocabularies, and crosswalks the gateway considers valid.
End-to-end

One transaction, fully traced.

1.
agentgateway
submit intent (commerce.checkout, $248)
signed by agt:7c1f
2.
gatewaygateway
four-gate evaluation
1.21ms p50
3.
gatewayagent
allow
returns countersigned action receipt
4.
agentmerchant
execute
side effect occurs
5.
agentgateway
submit custody receipt
inputs Merkle root
6.
gatewayaggregator
aggregate
APSBundle root → audit feed
Architecture

Identity, delegation, action, receipt.

The protocol pairs identity with delegation. Each action signs against both. The receipt is verifiable by any auditor without going through aeoess.

For AI agents: llms-full.txt · MCP descriptor