Skip to main content
Context Graphs | Originary

Context Graphs and the Open System of Record for AI Agents

AI agents are starting to run real workflows: browsing, fetching data, calling tools, negotiating access, paying for requests, and writing changes back into systems. The hard part is no longer “can the agent do the task.” The hard part is:

Can we prove what happened, under which rules, and why it was allowed?

Foundation Capital recently framed the opportunity clearly: agents do not just need rules. They need access to decision traces that show how rules were applied in reality, where exceptions were granted, and which precedents actually govern outcomes. As those traces accumulate, they form a context graph: a living record of decisions stitched across entities and time.

This page is about two ideas:

  1. Context graphs are how agent autonomy compounds inside organizations.
  2. The internet also needs an open system of record at the interaction boundary, so decisions across vendors, CDNs, payment rails, and agent frameworks remain auditable and portable.

Originary is building and stewarding that open layer.

The new unit of truth: decision traces

Traditional systems of record store objects: tickets, invoices, accounts, documents.

In the agent era, the unit of truth is often a decision:

  • which data was used
  • which policy version applied
  • which exception path was invoked
  • who approved a deviation
  • what changed as a result

Foundation's key distinction is worth adopting verbatim in spirit:

Rules

Describe what should happen in general.

Decision Traces

Capture what happened in this specific case, including exceptions and precedent.

Agents can follow rules. They get stuck when the real world deviates from rules. Humans resolve those deviations with judgment and organizational memory. Most organizations do not store that memory as a durable artifact.

Why today's systems of record do not capture agent reality

Foundation argues that enterprises are missing the layer that actually runs them: exceptions, overrides, escalations, and the cross-system context that lives in conversations and ad hoc approvals.

That gap shows up everywhere agents touch production:

Ambiguous policy

“The policy says X, but we always do Y in these cases.”

Exceptions

“Approve once, but only for this customer and only this quarter.”

Precedent

“We set a special rule last time, reuse it.”

Cross-system context

The reason is spread across CRM, ticketing, finance, email, and chat.

This is why “governance alone” does not solve autonomy. The missing ingredient is a queryable record of how decisions were actually made.

What is a context graph

A context graph is not “chain-of-thought.” It is not an internal model artifact.

It is a living, queryable record of decision traces, stitched across entities and time, so precedent becomes searchable and automation becomes safer.

The compounding effect is the important part:

  • More decisions generate more traces.
  • More traces create better precedent.
  • Better precedent lets agents handle more cases safely.
  • That creates more traces.

This is how autonomy scales without turning into chaos.

Two systems of record are emerging, and they are not the same

Enterprise Agent Systems of Record

Closed, internal

Workday, for example, markets an “Agent System of Record” that centralizes visibility and control over agents, including third-party agents, inside the Workday platform.

This class of product is about internal management: onboarding agents, roles/permissions, measurement, and orchestration. It is valuable, but it is inherently platform-centric.

Open System of Record at the Interaction Boundary

Portable, cross-vendor

The internet also needs a system of record for agent interactions that occur across organizations:

  • agent to publisher
  • agent to API
  • agent to tool server
  • agent through a CDN or gateway
  • agent paying via different rails

This boundary layer is where disputes form and where interoperability matters. It cannot be owned by a single vendor if it is to become durable infrastructure.

The market signals are already visible

A few public shifts show the pressure toward policy, payment, and proof on the open web:

HTTP 402 is re-emerging for agent payments

Cloudflare and Coinbase launched the x402 Foundation to drive an open standard for “internet-native payments,” explicitly to simplify payment requests and responses, and to standardize how 402 challenges are interpreted.

CDNs are moving from blocking to charging

Cloudflare's Pay Per Crawl returns HTTP 402 Payment Required plus pricing headers (for example crawler-price) when paid access is required.

Edge monetization stacks are emerging

Fastly and TollBit describe an integration where bots can be detected and redirected to a paywall, then verified and granted access based on tokens or required to pay.

These are important because they establish a shared direction: policy and payment at the protocol edge.

What is still missing is an open, portable proof object that makes those interactions auditable across implementations.

Built to interoperate

An open system of record should not try to replace payment rails, CDNs, or internal agent platforms.

It should define the evidence object that can reference them.

  • Payment standards like x402 define how value is exchanged over HTTP 402.
  • Edge systems like Pay Per Crawl define enforcement surfaces and pricing headers.
  • Provenance and preference standards can define how origin and consent signals are expressed (where applicable).

The missing layer is a neutral format for “what happened” that can be independently verified later.

What an open system of record must provide

To become infrastructure, the boundary-layer record must be:

1. Policy-addressable

You must be able to prove which policy applied. A “receipt” without a deterministic policy reference becomes a screenshot.

2. Payment-aware but rail-neutral

It must support “paid” flows without hard-binding to one rail. Rails evolve.

3. Privacy-preserving by default

A system of record cannot become a tracking system. It should avoid PII and support selective disclosure patterns.

4. Portable and independently verifiable

Evidence must be verifiable by parties other than the issuer, without privileged access to internal logs.

5. Cheap enough to be default

If evidence is too expensive to emit and verify, it becomes an “enterprise feature” instead of a baseline.

Where PEAC Protocol and Originary fit

PEAC Protocol (Programmable Environment for Agent Coordination) targets this boundary layer: policy plus cryptographic receipts for agent interactions.

The core idea is simple:

  • Publish machine-readable policy (the “rules” layer).
  • Emit cryptographic receipts (the “decision trace event” layer).
  • Make verification portable.
Note: PEAC Protocol is open. Originary is the company building commercial tools and stewarding the ecosystem.

This directly complements the context graph thesis:

Context Graphs

Compound inside organizations via decision traces.

PEAC Receipts

Make cross-org interactions verifiable so those traces can be trusted inputs to context graphs, observability tools, and compliance workflows.

What PEAC and Originary should add or improve

Below is a realistic, prioritized set of improvements that map to the thesis and to market pressures.

1. Define a “Decision Trace Profile” for receipts

Foundation's framing makes “decision traces” the atomic unit. PEAC should make this explicit with an optional, standardized profile:

decision-trace-profile.json
{
  "policy_ref": "hash or version pointer",
  "policy_match": "which rule matched",
  "exception_ref": "opaque reference, not PII",
  "approval_ref": "optional",
  "decision_id": "stable identifier for dedup and linkage"
}

First-order effect: clearer positioning and better enterprise resonance.

2. Receipt chaining and hop semantics

Context graphs are “stitched across entities and time.” Make chaining first-class:

  • parent_receipt
  • hop_id
  • link_type (fetch, tool_call, transform, cache, delegate)

Enables multi-hop workflows to be audited. Standardizes lineage across vendors.

3. Witness mode (countersignatures)

Where enforcement sits at the edge (CDNs, gateways), you will want optional witness signatures for non-repudiation in high-stakes flows.

Stronger trust for disputes. Easier enterprise procurement.

4. Proof-of-possession binding

If receipts can be replayed, the “system of record” becomes a fraud surface. Add a standardized pattern for binding receipts to a requester key (without identifying the human).

Improves security credibility. Makes PEAC viable for regulated workloads.

5. Export schema and “context graph bridge”

Ship a reference export format: JSONL event stream that can be imported into warehouses and graph stores.

Enterprises already store context in platforms; you win by being the best evidence feed.

6. Conformance tests and compatibility matrix

Standards win when “it works everywhere.” Ship:

  • Canonicalization rules
  • Golden vectors
  • Conformance suite
  • Compatibility matrix across SDKs and server profiles

Accelerates ecosystem contributions. Reduces fragmentation risk.

Competitive landscape

How to position without bluffing:

Workday and enterprise “Agent System of Record” platforms

Workday's positioning is centralized management, visibility, and control for agents, including third-party registration via an “Agent Gateway.”

Position: Workday is the system of record inside Workday. PEAC is the system of record across the open web and across vendors. Integrate, do not compete head-on.

Payment standards and foundations (x402)

x402 is explicitly positioned as an open standard for internet-native payments and agentic payments at scale.

Position: x402 is a payment rail standard. PEAC is a policy and evidence standard that can reference x402 and other rails.

CDNs and edge enforcement (Cloudflare Pay Per Crawl)

Pay Per Crawl uses HTTP 402 and pricing headers for crawler access, and Cloudflare provides enforcement infrastructure.

Position: Cloudflare is an enforcement surface and merchant stack. PEAC is the portable receipt format that can be emitted at the edge and verified elsewhere.

Marketplaces and monetization platforms (TollBit, etc.)

Fastly and TollBit describe a stack of detection, redirection to paywall, verification, analytics, and monetization.

Position: They monetize and manage bot access as a service. PEAC standardizes the evidence object marketplaces can reconcile against.

Observability and tracing (LangSmith, Arize)

These tools provide visibility and tracing into agent behavior.

Position: They trace internal execution. PEAC receipts cover boundary interactions and provide verifiable evidence that can be attached to traces.

GTM: how to actually win this space

The constraint is structural: you must sit in, or adjacent to, the execution path.

Foundation explicitly notes that systems-of-agents startups have advantage because they sit in the execution path and can persist decision traces at decision time.

So the GTM should be execution-path-first:

Phase 1: Win the boundary events

  • “Receipt-first” integration kits for API servers and gateways
  • Clear story for HTTP 402 flows and price challenges

Goal: make receipts the default evidence object for “paid or policy-bound” access.

Phase 2: Win the edge

  • CDN/edge worker profiles so receipts can be emitted where enforcement lives
  • Optional witness mode for edge countersignatures

Goal: become the neutral receipt format that multiple edge stacks can produce.

Phase 3: Become the evidence feed

  • Export schema and graph bridge
  • Partnerships with observability and orchestration providers

Goal: PEAC becomes the trusted input layer for context graphs.

What Originary should productize

Without centralizing the protocol:

Hosted Verification

Turn receipts into a “verify endpoint” teams can rely on.

Receipt Ledger

Append-only storage + export.

Evidence Bundles

Audit-ready packaging for disputes and compliance workflows.

Context Graph Bridge

JSONL export for warehouses and graph stores.

This preserves the open protocol while giving Originary a credible commercial wedge.

Frequently Asked Questions

What is a context graph?

A context graph is a queryable structure formed by accumulated decision traces across entities and time, making precedent searchable and enabling safer autonomy.

How is this different from agent tracing tools?

Tracing tools capture internal execution steps. An open system of record focuses on boundary interactions and produces portable, independently verifiable evidence.

How does this relate to HTTP 402 and x402?

402 patterns standardize “payment required” challenges. x402 aims to standardize internet-native payments; an open system of record standardizes the evidence object that can reference those payments.

How does this relate to Pay Per Crawl?

Pay Per Crawl is an edge enforcement model that uses HTTP 402 and pricing headers for crawler access. A system of record adds portable receipts so the interaction can be verified later across systems.

Is this competing with enterprise “Agent Systems of Record”?

Enterprise ASOR products centralize agent management within a platform. An open system of record targets cross-vendor, cross-domain interactions and is designed to interoperate.

What must be true for this to become a standard?

Clear profiles, conformance tests, multi-language reference implementations, and adoption at execution-path surfaces (gateways, edges, tool servers).

Start building with receipts today.

Explore PEAC ProtocolSystem of RecordSee DemoGitHub

References