Skip to content

docs: A2A Receipt Profile and MCP Evidence Profile specs#420

Merged
jithinraj merged 2 commits intofeat/evidence-carrier-typesfrom
feat/evidence-profile-specs
Feb 23, 2026
Merged

docs: A2A Receipt Profile and MCP Evidence Profile specs#420
jithinraj merged 2 commits intofeat/evidence-carrier-typesfrom
feat/evidence-profile-specs

Conversation

@jithinraj
Copy link
Member

@jithinraj jithinraj commented Feb 23, 2026

Summary

  • New A2A Receipt Profile spec: extension registration, metadata layout, header conventions, lifecycle, security
  • New MCP Evidence Profile spec: _meta key schema, reserved key guard rule, legacy compatibility (DD-125), migration guide

New files

  • docs/specs/A2A-RECEIPT-PROFILE.md: Normative spec for A2A extension placement
  • docs/specs/MCP-EVIDENCE-PROFILE.md: Normative spec for MCP _meta key placement

Design decisions

  • DD-124: Evidence Carrier Contract
  • DD-125: MCP legacy peac_receipt deprecation (3-phase)
  • DD-126: No runtime dependency on @a2a-js/sdk
  • DD-127: Carrier size limits (64 KB for both)
  • DD-128: A2A spec v0.3.0 pinning
  • DD-131: Carrier validation as ASI-04 defense

Test plan

  • Docs-only PR; no code changes
  • guard.sh, check-planning-leak.sh pass
  • Tables formatted via pnpm format

Stacked on

@jithinraj
docs: A2A Receipt Profile and MCP Evidence Profile specs
abf09ca 
A2A Receipt Profile (docs/specs/A2A-RECEIPT-PROFILE.md):
- Extension URI: https://www.peacprotocol.org/ext/traceability/v1
- Agent Card capabilities.extensions[] declaration (A2A v0.3.0)
- Metadata layout: metadata[extensionURI] = { carriers: [...] }
- A2A-Extensions header convention
- Lifecycle: when to attach at TaskStatus transitions
- Security: namespace isolation, SSRF, no prompt leakage

MCP Evidence Profile (docs/specs/MCP-EVIDENCE-PROFILE.md):
- _meta key schema: org.peacprotocol/receipt_ref, receipt_jws
- Reserved key guard: second label rule per MCP 2025-11-25
- Legacy compatibility (DD-125): 3-phase deprecation plan
- Legacy key migration from org.peacprotocol/receipt
- Migration guide from peac_receipt to _meta format
@jithinraj
fix: replace jwks_uri with issuer_config_url in A2A profile, add RFC …
15d66de 
…8174

- A2A-RECEIPT-PROFILE: Agent Card params use issuer_config_url pointing
  to peac-issuer.json (not jwks_uri directly) to preserve the normative
  issuer configuration discovery chain
- Both A2A and MCP profile specs: add RFC 8174 alongside RFC 2119 per
  BCP 14 for correct normative keyword interpretation
@jithinraj jithinraj merged commit 5978374 into feat/evidence-carrier-types Feb 23, 2026
1 check passed
@jithinraj jithinraj deleted the feat/evidence-profile-specs branch February 24, 2026 21:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jithinraj