Is this only for people building AI agents?

No. It is also for API publishers, MCP server operators, priced API teams, security reviewers, compliance teams, and any workflow where automated requests cross organizational boundaries.

Does this still work if agents do not comply?

Yes. The point is not to assume good behavior. The point is to return records that help you inspect what happened, what was allowed, and what another party can verify later.

Is this just observability?

No. Observability helps teams understand internal behavior. Signed records help teams prove what happened across boundaries.

Do I need PEAC to use Originary?

Originary is built on PEAC. In practice, you use the product surface while keeping the underlying record format and verification model open.

For AI agents, APIs, tools, and MCP servers

Prove what
agents did

Originary helps teams return signed records for AI agents, APIs, MCP, and automated workflows, so another party can verify what happened without trusting a dashboard.

See Originary Verify Start here

Offline verification·Signed records·Open standard·Self-hostable·Downloads

Offline verificationSigned recordsOpen standardSelf-hostableDownloads

Originary Verify is the fastest way to operationalize PEAC in production.

Already have a signed record? Open Agent Auditor·See a full transaction trace →

Signed interaction recordVerified locally

ISSUERtools.vendor.com

TYPEorg.peacprotocol/access

POLICYsha256:3f8a...c7e1

SIGNEDEd25519 valid

VERIFYlocal, no callback

No Originary dependency in verificationInspect →

Sample record. Verified with issuer public key only.

The real question

Who called. What happened. Where's the proof?

An agent running on Company A's infrastructure calls Company B's inventory API. Company B's gateway returns a signed record proving the request was authorized under the published terms. Three weeks later, when a billing dispute arises, Company B exports that record. Company A's auditor verifies it offline using the issuer's public key. No dashboard access needed. No phone call. No screenshot.

Logs vs. decisions

Logs explain behavior. Records prove decisions.

Logs are useful for debugging inside your systems. They are weak evidence outside them. Originary returns signed records another party can inspect and verify independently.

Internal logsLocal only

14:23:01Agent invoked tool: check_inventory

14:23:01External API call: GET /api/v2/inventory

14:23:02Policy: tools.check_inventory → allow

14:23:02Result returned to agent

Useful for debugging. Not portable.

Signed recordVerifiable offline

✓

Issuer: tools.vendor.com

✓

Type: org.peacprotocol/access

✓

Policy: sha256:3f8a...c7e1 ✓

✓

Signature: Ed25519, valid

✓

Verify: local, no callback

Verifiable by any party, offline.

Signed recordVerifiable offline

✓

Issuer: tools.vendor.com

✓

Type: org.peacprotocol/access

✓

Policy: sha256:3f8a...c7e1 ✓

✓

Signature: Ed25519, valid

✓

Verify: local, no callback

Verifiable by any party, offline.

Internal logsLocal only

14:23:01Agent invoked tool: check_inventory

14:23:01External API call: GET /api/v2/inventory

14:23:02Policy: tools.check_inventory → allow

14:23:02Result returned to agent

Useful for debugging. Not portable.

Need	Logs / traces	Originary
Debug system behavior	Yes	Partial
Make access decisions	Limited	Yes
Keep an exportable record	No	Yes
Support cross-team review	Weak	Yes
Open standard underneath	No	Yes

Debug system behavior

LogsYes

OriginaryPartial

Make access decisions

LogsLimited

OriginaryYes

Keep an exportable record

LogsNo

OriginaryYes

Support cross-team review

LogsWeak

OriginaryYes

Open standard underneath

LogsNo

OriginaryYes

Originary adds:

Evaluate requests before action is takenApply explicit policy decisionsKeep exportable records for review and disputes

Who this is for

Built for the systems agents touch

Originary is for teams operating APIs, tools, gateways, MCP servers, priced APIs, and review workflows. If your systems receive automated requests, you need proof that survives beyond your own dashboards.

API operators

An agent books a resource through your API

You need to know who authorized it, under what policy, and prove the decision later when the charge is disputed.

MCP server hosts

An MCP tool call modifies production data

The tool host needs a signed record of what was requested, what was allowed, and what the agent actually did.

Platform teams

A partner asks for proof of an agent interaction

You export a signed record they can verify independently, offline, without calling your systems.

Security and compliance

An auditor reviews agent-driven transactions

Compliance needs an exportable record tied to the policy that applied at decision time, not just logs.

Works with your existing gateway, auth, payments, and observability stack.

Why trust Originary

Built to be verified without us

Every record should survive vendor boundaries. Originary can issue and manage records in production, but verification should remain local, offline, and independent.

Trust center

Self-hostable

Run on your own infrastructure. No external dependency required.

Offline verification

Verify with the public key alone. No network call required.

Exportable records

Inspect, share, archive, and use in disputes, reviews, and audits.

Open standard

PEAC Protocol under Apache-2.0. Portable across vendors and implementations.

Ed25519 signatures

Every record is signed with Ed25519 and independently verifiable.

Audit and dispute ready

Timestamped records for compliance, procurement, and incident review.

Built for real workflows

Designed for AI agents, APIs, MCP, priced API access, and cross-boundary automated systems.

Why this matters now

Records are not keeping up with automation

Cross-boundary agent activity

Agents now act across APIs, tools, and runtimes owned by different teams and vendors. Signed records travel with the action so another party can verify what happened independently.

Growing audit and review expectations

Teams are increasingly expected to prove what automated systems did. Logs describe behavior. Signed records prove decisions.

Faster dispute resolution

When records are exportable and offline-verifiable, disputes resolve faster than when everyone depends on the dashboard owner to confirm what happened.

Open standard

Deploy Originary. Keep your records portable.

Originary is the production product surface. PEAC is the open standard underneath. You can self-host, verify offline, and keep your records portable across teams and vendors.

Learn about PEAC Start here

Offline-verifiable with a public key alone

Apache-2.0 and self-hostable

Built for APIs, MCP, and automated workflows

FAQ

Frequently asked questions

A log is a local observation inside your system. A signed record is an exportable artifact another party can verify independently. Logs help you debug. Signed records help you prove.

Deploy Originary. Keep your records portable.

Originary is the production product surface. PEAC is the open standard underneath. You can self-host, verify offline, and keep your records portable across teams and vendors.

See Originary Verify Start here

Prove whatagents did

Who called. What happened. Where's the proof?

Logs explain behavior. Records prove decisions.

Built for the systems agents touch

An agent books a resource through your API

An MCP tool call modifies production data

A partner asks for proof of an agent interaction

An auditor reviews agent-driven transactions

Built to be verified without us

Self-hostable

Offline verification

Exportable records

Open standard

Ed25519 signatures

Audit and dispute ready

Built for real workflows

Records are not keeping up with automation

Cross-boundary agent activity

Growing audit and review expectations

Faster dispute resolution

Deploy Originary. Keep your records portable.

Frequently asked questions

Deploy Originary. Keep your records portable.

Prove what
agents did