PEAC Protocol·open standard

Every API call.One verifiable
record.

Agents cross org boundaries. Logs don't.

PEAC returns a signed interaction record on every response. Both sides can verify it offline and export it for audits. Publish terms at /.well-known/peac.txt.

QuickstartVerify a receiptDownload

Verifies locally. No server needed.

Originary maintains PEAC Protocol and ships production tooling.

ORIGINARY™·Offline verification·Conformance vectors·Portable evidence bundles·Apache-2.0 · v0.10.9

Works with

x402HTTP 402 paymentsMCPModel Context ProtocolA2AAgent-to-AgentACPAgent Commerce ProtocolAIPREFIETF Internet-DraftCloudflareEdge deploymentVercelEdge functions
Before
  • No portable record of what an agent accessed
  • Disputes rely on server logs alone
  • Terms and consent are implicit, not verifiable
After
  • Every interaction produces a signature-verified record
  • Disputes use portable, third-party verifiable evidence
  • Terms, consent, and attribution are explicit and auditable

Start here

EnterprisePortable evidence for governance, investigations, and compliance.
AI BuildersVerify consent, terms, and attribution for data and tool use.
API ProvidersRecords and receipts for metered access and accountable usage.
PublishersVerifiable records for access, attribution, and downstream use.
How it works

Three steps to verifiable interactions

Publish terms, enforce decisions, verify the record

01

Publish policy

Machine-readable terms

Deploy a policy at /.well-known/peac.txt defining access terms and payment requirements. Agents discover it automatically.

See template
Click to see code
02

Enforce at edge

Real-time decisions

Allow, deny, or request payment before serving responses. HTTP 402 status codes trigger programmatic settlement.

Add middleware
Click to see code
03

Return receipt

Verified record

Sign and return a PEAC-Receipt. Verifies offline with your public key. Portable across any system.

Verify a receipt
Click to see code
See it in actionRead the docs
Product Suite

Built for AI agents

Open-source packages for policy enforcement, optional settlement flows, and receipt verification.

Gateway

Available

Edge enforcement for AI agents

Enable HTTP 402 payment-required flows and issue PEAC receipts at the edge or origin.

Edge deploymentHTTP 402 flowsSigned receipts
View on npm

Verify

Available

Cryptographic verification

Offline and hosted receipt verification with JWKS support and policy validation.

Offline verificationJWKS supportPolicy validation
View on npm

Trace

Coming Soon

Audit trails and provenance

Comprehensive audit exports and evidence views derived from PEAC receipts.

Audit exportsEvidence viewsCompliance tools
In development

Studio

Coming Soon

Policy dashboard

Policy management, receipt analytics, and governance views for PEAC deployments.

Policy editingReceipt analyticsGovernance views
In development
Open ProtocolApache-2.0 LicensedSelf-Hostable
Transparency

Verify the system

Designed for disputes and audits

Protocol SpecPEAC standard documentation
ConformanceTest vectors and validation
GovernanceVersioning and decisions
SecurityDisclosure and posture
ChangelogRelease history

Frequently Asked Questions

Open protocolSelf-hostableApache-2.0

Ready to build?

PEAC is Apache-2.0, self-hostable, and ships with everything you need to issue and verify receipts.

Start buildingContact