When software acts on behalf of people, every decision should be provable.
Originary was founded on a simple observation: agents are crossing organizational boundaries every day, booking, purchasing, calling APIs, accessing tools, but there is no standard way to verify what happened after the fact. Logs stay inside one system. Originary makes agent interactions verifiable across boundaries.
We built PEAC so that any team can publish machine-readable terms, issue verifiable interaction records, and let third parties verify outcomes independently, even offline. Originary is the product surface that makes this practical in production.
PEAC Protocol
The open standard underneath: protocol specification, wire format, conformance suite, and reference implementation. Apache-2.0, no CLA.
Originary Platform
The product surface: middleware, tools, and SDKs that help teams author policy, enforce decisions, and verify interaction records in production.
How it works
Evidence Layer, Not Another Platform
PEAC sits between application logic and the compliance surface. It does not replace payment rails, identity providers, or AI frameworks: it gives them a shared way to produce and verify interaction evidence.
Not a payment protocol
Settlement adapters (Stripe, x402, card networks) plug in; PEAC captures the evidence.
Not an identity system
PEAC verifies key control (Ed25519); the identity layer above decides what keys mean.
Not an AI framework
PEAC works with any agent stack. Receipts travel alongside tool calls, not inside them.
Typical Adoption Path
Start small, expand as trust requirements grow.
Declare
Publish a peac.txt and start issuing signed receipts with the SDK or CLI.
Enforce + Verify
Add middleware or gateway rules. Third parties verify receipts offline.
Operate
Export evidence bundles, run conformance checks, and feed receipts into audits and dispute workflows.
Built for
Who It's For
API Providers
Publish interaction terms and issue receipts to every caller, human or agent.
AI Agent Builders
Collect verifiable proof of what your agent did, under which terms, for audit or dispute resolution.
Compliance Teams
Map regulatory obligations to receipt-backed evidence without building custom logging.
Payment Platforms
Attach settlement evidence to existing rails through adapter-based integration.
What We Build
Most teams start with Agent Auditor or Gateway 402 and add lower-level building blocks as their verification needs grow.
Agent Auditor
Open a signed record, inspect every field, verify the signature. The fastest way to see what Originary does.
Gateway 402
Edge enforcement with HTTP 402 challenges and signed record issuance.
MCP Server
Verification middleware for MCP tool endpoints. Signed records travel with the response.
Teams typically start with Declare + the SDK/CLI, then add Gateway and Verify when they need enforcement and third-party verifiability. Trace and Studio follow when audits or scale require structured evidence workflows.
Built on an Open Foundation
PEAC is the open standard for verifiable interaction records. It defines how policies are published and how cryptographically signed receipts provide portable evidence of an interaction outcome under declared terms.
PEAC Protocol (Open Format)
- Protocol spec, wire format, and conformance suite
- Apache-2.0 licensed, no CLA required
- Anyone can implement without permission
- Wire format frozen until v1.0
- Independent implementations encouraged
Originary Platform (Product Surface)
- Middleware, tools, and SDKs for production use
- Managed policy authoring and enforcement
- Evidence export, audit views, dashboards
- Gateway for edge enforcement and HTTP 402
- Support, SLAs, and compliance guidance
Trust and Governance
The protocol specification, conformance vectors, and reference implementation are all published under Apache-2.0 on GitHub. There is no contributor license agreement.
Normative changes follow a public decision record process. Every new field, header, or protocol behavior requires spec text, schema updates, and conformance vectors before shipping.
Originary is the primary implementer, not the sole authority. The conformance suite lets any team validate their implementation independently.
How We Work
Receipts-first
Durable evidence that can be verified independently and used across audits, disputes, and partner workflows.
Protocol-driven
Clear specifications, test vectors, and governance so anyone can implement without permission.
Developer-led
Start with a single file (peac.txt) and the SDK/CLI. Adopt hosted services only when you need them.
Scope
Ten Verification Domains
Every receipt can attest to one or more of these dimensions, ordered from identity establishment through compliance reporting.
Identity
Cryptographic proof-of-control for agents and operators.
Purpose
Declared intent for each interaction.
Consent
What is allowed under stated terms.
Privacy
What is collected, retained, and disclosed.
Safety
Defense-in-depth security and safe-by-default design.
Access
Who can read or call what.
Commerce
Optional settlement terms and evidence.
Attribution
How creators and sources are credited.
Provenance
How outputs trace to inputs and decisions.
Compliance
How obligations map to verifiable controls.
Company
Originary is the steward and primary implementer of PEAC, operated by Poem, Inc.
ORIGINARYTM is a brand of Poem, Inc.
Poem, Inc. builds AI infrastructure software and tools for the agentic web, and maintains the Originary products and services that run on top of PEAC Protocol. PEAC's receipt verification model was cited in technical discussions with the Coinbase x402 protocol team.
In the U.S., “Originary” is used by Poem, Inc. as a brand for its AI infrastructure software and tools for the agentic web. Poem, Inc. is not affiliated with Originary Inc.