As AI agents begin conducting transactions across organizational boundaries, a quiet question emerges: how do you prove what happened? io.github.peacprotocol/peac proposes an answer.
The Protocol
PEAC — Portable Evidence for Agent Coordination — standardizes three artifacts:
"A discoverable policy file (
— PEAC README/.well-known/peac.txt), a signed receipt format (peac-receipt/0.1JWS), and a portable evidence bundle for offline verification."
The problem it addresses:
"AI agents and automated systems operate across organizational boundaries, but proof of what happened stays locked in internal logs. When billing errors, policy violations, or safety incidents arise, there's no neutral, portable evidence that both parties can verify."
— PEAC README
The flow: a service publishes a policy file at /.well-known/peac.txt (YAML with usage terms, purposes, rate limits). An agent makes a request and receives a signed receipt as a PEAC-Receipt HTTP header — an Ed25519 JWS that can be verified offline using the issuer's public keys at /.well-known/peac-issuer.json. For disputes, a portable evidence bundle (ZIP) packages receipts, policies, and verification reports for offline audit. Replay protection via nonce and timestamp, fail-closed design, SSRF guards.
Where It Fits
PEAC explicitly complements — rather than replaces — existing infrastructure. OpenTelemetry handles observability. MCP and A2A handle tool coordination. Payment rails handle money movement. PEAC sits underneath as the evidence layer: what terms applied, what happened, and here's the cryptographic proof. The spec includes an x402 adapter for machine payments, suggesting the authors are thinking about the intersection of agent commerce and verifiable receipts.
Reference implementations exist in TypeScript and Go, plus an MCP server with five tools and Express middleware for easy integration. The project is stewarded by Originary and the open-source community.
What to Know
The repo was created July 2025 — seven months of development, which gives it more maturity than most new entries. Apache 2.0 licensed, 10 stars, 4 forks. The concept is forward-looking: there isn't yet a critical mass of autonomous agent-to-agent commerce to generate urgent demand for verifiable receipts. But the spec is well-documented, the architecture is sound, and if agent transactions become routine, having a receipt standard in place before the disputes start is better than scrambling after.
Score: 73 — the highest trust score among new entries in this batch, driven by strong provenance (85) and maintenance (71) signals.
Sources: PEAC Protocol — GitHub org · repo · peacprotocol.org · Originary — originary.xyz · Scorecard: io.github.peacprotocol (score 73)