Skip to content

Verifiable Agent Trust Envelope v0.3.1 - Credibility and Reviewability Patch Draft

Pre-release
Pre-release

Choose a tag to compare

View all tags
@Poke-nushi Poke-nushi released this 14 May 01:31
· 16 commits to main since this release
v0.3.1
3bdbb81
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Verifiable Agent Trust Envelope v0.3.1 - Credibility and Reviewability Patch Draft

v0.3.1 is a credibility and reviewability patch for the current VATE AL2 verifier admission discussion draft.

This pre-release supersedes the archived v0.3.0 review snapshot for current main-branch review purposes. It does not mutate the v0.3.0 GitHub release or Zenodo archive artifacts.

v0.3.1 does not broaden VATE beyond the VATE-AL2-Verifier-Admission-v0.3 discussion-draft boundary. It remains a review aid for verifier-side admission, attenuation, receipt, external SUT comparison, and report-bundle integrity semantics.

Summary

The main change in v0.3.1 is that canonical AL2 attenuation and receipt review surfaces are now easier to inspect and harder to misread.

This release includes:

  • VATE-AL2-Verifier-Admission-v0.3
  • a 66-case AL2 v0.3 draft conformance corpus
  • canonical emitted AL2 attenuation.effective_constraints names for admission receipts
  • fail-closed attenuation fixtures for legacy emitted aliases and malformed attenuation forms
  • stricter admission receipt schema coverage for attenuation.changes
  • stricter admission receipt schema coverage for supported attenuation.mode values
  • a constraints-only app-effect-0.2 attenuation effect shape for status/input effects
  • a receipt audit walkthrough for following digest-bound admission, post-execution, policy snapshot, conformance report, implementation report, and report-bundle references
  • README and A2A review package links to the new audit walkthrough

What Changed

v0.3.1 keeps the existing AL2 verifier-admission boundary from v0.3.0 and tightens reviewability around attenuation.

Admission receipts now describe emitted attenuation through a single attenuation object. The schema requires non-empty structured attenuation.changes entries, and attenuation.mode is limited to:

  • narrow
  • require_new_permit
  • deny_if_not_accepted

The canonical emitted attenuation.effective_constraints fields are:

  • max_amount
  • tool_allowlist
  • target_resource
  • approval
  • expires_at

Legacy or input-side aliases such as max_amount_usd, bare resource, and string-valued approval are not canonical emitted AL2 receipt fields. The reference runner fails closed when those forms appear in emitted attenuation constraints.

schemas/attenuation-effect.schema.json now keeps the status/input attenuation effect shape constraints-only. Admission receipts use attenuation.effective_constraints; status-layer or legacy candidate objects remain input signals that must be normalized before receipt emission.

Added

  • docs/receipt-audit-walkthrough-v0.3.1.md
  • conformance/al2-vate-v0.3/cases/deny-attenuation-approval-string.json
  • conformance/al2-vate-v0.3/cases/deny-attenuation-legacy-effective-constraints.json
  • conformance/al2-vate-v0.3/cases/deny-attenuation-malformed-money.json
  • corresponding attenuation fixtures and denial receipt examples
  • strict schema negative cases for unsupported attenuation mode, empty changes, incomplete changes, unsafe change roots, legacy effective constraint aliases, string-valued approval, malformed money, and admission-only effective_constraints on attenuation effect objects

What Implementers Can Test

Implementers can run their verifier against the v0.3 corpus, emit a SUT result file matching the repository schemas, and compare that result with the reference runner.

Minimal comparison command:

python3 scripts/vate_conformance.py compare \
  --corpus-root conformance/al2-vate-v0.3 \
  --sut-results examples/conformance/sut-results-pass.example.json \
  --report /tmp/vate-v0.3.1-compare-report.json \
  --implementation-report /tmp/vate-v0.3.1-implementation-report.json

Passing the comparison means one SUT result matched one corpus snapshot under the repository comparison rules.

It does not grant a compatibility badge, certification, endorsement, production approval, or general compatibility claim.

Release Boundary

This is:

  • a discussion draft
  • a conformance review aid
  • an interoperability review aid
  • an A2A-shaped metadata review package
  • a reference runner and package-private helper set
  • a receipt and report-bundle reviewability patch

This is not:

  • production-ready
  • certified or certification-ready
  • an official A2A extension
  • endorsed by A2A
  • an SDK or A2A middleware package
  • a production JOSE / JCS / PKI verifier
  • a complete security review
  • a general compatibility proof
  • a certification, endorsement, badge, or production-readiness statement

Not Production Ready

This patch does not provide:

  • production JOSE / JCS / PKI verification
  • an official A2A extension
  • AP2, AgentKit, AgentBook, World ID, or other adjacent-protocol profile expansion
  • an attenuation primitive registry
  • a broad policy language or general constraint grammar
  • independent multi-implementation certification
  • production approval or endorsement

Verification

The final local verification gate was run on the release content tree for:

3bdbb8163e2ca0c2d958e3ef35d66ccd8105399c

Gate summary:

  • working tree clean
  • corpus case count: 66
  • Python compile checks: pass
  • repository sanity check: pass
  • strict schema validation: pass
  • v0.3 corpus run: 66 passed / 0 failed
  • SUT compare: 66 passed / 0 failed
  • implementation report generation: 66 passed / 0 failed
  • corpus index regeneration diff: no changes
  • bundle verification: 23 passed / 0 failed
  • deterministic npm install: pass
  • TypeScript check: pass
  • TypeScript tests: 6 test files / 16 tests passed
  • npm audit, moderate or higher: 0 vulnerabilities
  • final external release-boundary review: approve, no P0/P1/P2 findings

Citation and DOI

At GitHub release publication time, the Zenodo archive DOI for v0.3.1 may not yet be available.

Until the Zenodo record exists, cite the repository URL and exact release target commit:

3bdbb8163e2ca0c2d958e3ef35d66ccd8105399c

After Zenodo ingests this GitHub release, cite the Zenodo version DOI for the exact v0.3.1 archive when reproducibility matters.

For references to the evolving project across all archived versions, use the Zenodo all-version concept DOI:

10.5281/zenodo.19839768

A separate citation metadata patch may update CITATION.cff and README citation text after the v0.3.1 archive DOI is available.

Assets 2
Loading