Agent Action Receipt

Verifiable Agent Actions

Cryptographically signed AI agent receipts make every autonomous action auditable, portable, and trusted across merchants, wallets, and protocols.

Read the Spec

Problem

AI agents can move money, call APIs, and trigger workflows, but counterparties still lack a shared, tamper-evident proof of what actually happened.

Opaque Agent Behavior

Actions are executed by autonomous systems, but counterparties cannot verify intent, inputs, and outcomes.

Fragmented Trust

Each platform rebuilds assurance independently, creating expensive and inconsistent trust assumptions.

Weak Auditability

Without signed receipts, dispute resolution and compliance reviews rely on incomplete internal logs.

How AAR Works

Five deterministic steps produce an interoperable trust artifact.

  1. 01

    Intent Created

    Agent assembles action intent with actor identity, scope, and policy constraints.

  2. 02

    Execution Performed

    The action runs against a target API, payment rail, or application workflow.

  3. 03

    Receipt Signed

    AAR payload is canonicalized and signed with cryptographic keys tied to the agent identity.

  4. 04

    Receipt Distributed

    Receipts are shared with counterparties, trust layers, or storage providers.

  5. 05

    Verification

    Any verifier validates signature, schema, and policy proofs before accepting outcomes.

Integration

Start with an SDK call in your stack, then verify receipts before downstream execution.

Real Receipt JSON
{
  "aar_version": "1.0.0",
  "receipt_id": "aar_01HV9K0CG7B6R8KQ2X4N",
  "timestamp": "2026-03-06T15:20:11.902Z",
  "actor": {
    "agent_id": "agent_risk_router_v2",
    "did": "did:key:z6Mkh..."
  },
  "action": {
    "type": "payment.authorize",
    "target": "merchant_api",
    "amount": "125.00",
    "currency": "USD"
  },
  "result": {
    "status": "approved",
    "latency_ms": 183
  },
  "proof": {
    "alg": "EdDSA",
    "kid": "key-2026-03",
    "signature": "z4Yf..."
  }
}
import express from "express";
import { createReceipt } from "@botindex/aar";

const app = express();
app.use(express.json());

app.post("/pay", async (req, res) => {
  const result = await chargeCard(req.body);

  const receipt = await createReceipt({
    actor: { agent_id: "agent_risk_router_v2" },
    action: { type: "payment.authorize", target: "merchant_api" },
    result
  });

  res.json({ result, receipt });
});

Ecosystem

AAR aligns with existing standards and emerging network primitives for portable machine trust.

Mastercard Verifiable Intentx402 CoinbaseFIDO AllianceW3CIETF

Privacy

Selective Disclosure keeps sensitive fields private while preserving proof integrity.

Selective Disclosure

Reveal only required claims to each counterparty, with cryptographic binding to the signed receipt.

Policy-Bound Claims

Enforce least-privilege proofs for compliance, fraud controls, and jurisdiction-specific checks.

Composable Security

Combine zero-knowledge disclosures, signature verification, and revocation checks in one trust flow.

Trust Layer

Standardized endpoints help wallets, merchants, and agents integrate one verification contract.

POST/v1/receiptsMint and sign a new AAR for an agent action.
POST/v1/verifyValidate signature, schema, and policy requirements.
GET/v1/receipts/{receipt_id}Resolve canonical receipt payload for audits and dispute workflows.
POST/v1/disclosureIssue selective-disclosure views of existing receipts.

Ship Trust Into Every Agent Transaction

Adopt AAR to standardize verification, reduce integration risk, and unlock interoperable agent commerce.

Read the SpecExplore Integration