Core
Attested Action Envelope (AAE)
A signed, per-agent hash-chained record of a pre-action authorization verdict — what an agent may do, with refusals as first-class signed artifacts. Reference implementation:
sm-aae.envelope
The eight-field signed JSON object:
agent_id, action, policy_id, outcome, prev_hash, issued_at, sig, pubkey. See What is the Attested Action Envelope.outcome
The verdict field: one of
authorized, denied, or conditional.conditional
One of the three
outcome values, alongside authorized and denied. sm-aae signs and chains a conditional verdict exactly like the other two; the meaning of the condition itself is the caller's policy domain, not defined by the SPEC.policy_id
The identifier of the policy entry that produced the verdict — an opaque string sm-aae signs but does not interpret. The caller supplies it.
prev_hash
The hex SHA-256 of this agent's previous envelope, or
null for its first envelope. What chains one verdict to the next.envelope hash
The lowercase-hex SHA-256 of the full signed envelope (including
sig) — the value a successor's prev_hash points at.chain
An agent's envelopes linked genesis-first by
prev_hash. Reconstructed by order_chain, which returns the ordering or rejects a set that isn't exactly one intact chain.canonicalization
The deterministic serialization the signature covers: sorted-key, compact-separator JSON over the envelope with
sig removed, UTF-8 encoded. Identical inputs always produce byte-identical canonical bytes.gap / fork / foreign-chain splice
The three chain defects
order_chain rejects: a missing interior envelope, two envelopes claiming the same predecessor, and a prev_hash that reaches into another agent's chain, respectively.Stack acronyms
Canonical expansions used across the Stellarminds agent-evidence stack.
AAE
Attested Action Envelope — the signed, per-agent-chained record of a pre-action authorization verdict (this project).
ARP
Agency Receipt Protocol — the signed receipt envelope: what an agent did. See Primitives.
DAT
Delegated Authority Token — the principal-signed grant defining what an agent was allowed to do.
PARC
Portable Agent Reputation Credential — portable reputation computed over an agent's ARP receipt history.