Open Protocol Specification — Public Summary

A-Comm Evidence Protocol (AEP) v1.0.1

A cryptographically verifiable evidence standard for agentic commerce transactions — from AI-driven discovery through payment authorization and fulfillment.

v1.0.1 Apache License 2.0 Published by A-Comm Inc. 2026 Public Summary
This is the public summary of AEP v1.0.1. It presents the abstract, motivation, core concepts, transaction-flow positioning, and attribution methodology. The full specification — including artifact payload schemas, hash chain construction, verification algorithm, dispute evidence export mapping, and PSP integration details — is available to partners and implementers via access request. Request access to the full spec →
Interactive technical demos available on request Two walkthroughs — a consumer-journey phone-mockup demo and a technical walkthrough with live SHA-256 computation and tamper-detection — are available confidentially to partners, investors, and implementers under access password. Request access at contact@a-comm.ai.

Abstract

The A-Comm Evidence Protocol (AEP) defines a standard for generating, storing, and verifying cryptographic evidence of agentic commerce transactions. As AI agents increasingly drive product discovery and purchase decisions, merchants and payment processors require a dispute-grade audit trail that can demonstrate the provenance of any transaction — from the AI platform that surfaced the product through to payment authorization and fulfillment.

AEP specifies a sequential hash chain of typed artifacts, each immutably linked to its predecessor via SHA-256. The chain spans seven defined layers: discovery, referral, intent, policy, cart, authorization, and fulfillment. Any insertion, deletion, or modification of an artifact is cryptographically detectable at every subsequent node in the chain. The protocol is designed to be implementable by any PSP, commerce platform, or merchant independently of A-Comm Inc.'s infrastructure.

Status of This Document

Public Summary — Draft Specification This is the public summary of AEP v1.0.1, covering motivation, core concepts, transaction-flow positioning, and attribution methodology. The full normative specification — payload schemas, hash chain formulas, verification algorithms, and integration mappings — is distributed under access request while the protocol's underlying IP is under provisional patent review. Both the public summary and the full specification are licensed under Apache License 2.0; access gating reflects IP protection during review, not licensing restriction.

A-Comm Inc. maintains the reference implementation. The protocol itself is open and implementable by any party without royalty or permission from A-Comm Inc. once the full specification is released.

License

Copyright 2025 A-Comm Inc. Licensed under the Apache License, Version 2.0 (the "License"). You may not use this specification except in compliance with the License. You may obtain a copy of the License at https://www.apache.org/licenses/LICENSE-2.0.

Unless required by applicable law or agreed to in writing, materials distributed under the License are distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

1. Introduction

1.1 Problem Statement

AI-mediated commerce is growing rapidly. Consumers increasingly discover and purchase products through AI chat interfaces — ChatGPT, Google Gemini, Perplexity, Microsoft Copilot — where product recommendations drive real transactions. This creates a new class of dispute risk:

  • The consumer interacted with an AI agent, not a human or traditional web UI
  • No browser-native referrer chain is reliable across AI platforms
  • The authorization trail exists, but the intent trail — what was asked, what was recommended, what was confirmed — is typically absent from PSP evidence
  • Merchants cannot prove to card networks that a consumer explicitly authorized an agentic transaction

AEP solves this by defining a tamper-evident evidence chain that captures every step from AI-driven discovery through order fulfillment, producing a dispute-grade artifact bundle that merchants can submit to PSPs and card network reviewers.

1.2 Design Goals

  • Tamper-evident: Any modification to any artifact in the chain is detectable at all subsequent nodes without requiring a trusted third party.
  • Dispute-grade: The evidence bundle maps directly to Stripe, Adyen, and card network representment evidence fields.
  • PII-minimal: Consumer identifiers are pseudonymized. No raw card data, no PAN, no personal identifiers in any artifact payload.
  • Platform-agnostic: Works across Shopify, WooCommerce, BigCommerce, Magento, and any PSP.
  • Open: Apache 2.0. Any implementation can generate and verify AEP chains without dependency on A-Comm Inc.
  • Attribution-aware: Bridges AI platform citation events (ChatGPT, Gemini, Perplexity, Copilot) into the cryptographic chain as a first-class artifact type.

2. Core Concepts

An AEP commerce journey is modeled as a single transaction chain — an ordered sequence of immutable artifacts. Each artifact records one event in the consumer's journey and is cryptographically linked to its predecessor. This section introduces the protocol's conceptual model. Normative payload schemas, hash formulas, and verification algorithms are defined in Sections 2.1–8 of the full specification.

2.1 Evidence Chain

A transaction chain is a linear sequence of artifacts, beginning with a genesis artifact and extending forward as the consumer progresses through discovery, intent, authorization, and fulfillment. Each artifact carries:

  • A canonical type (one of seven defined artifact layers)
  • A typed payload specific to that layer
  • A cryptographic hash of the previous artifact, linking the chain
  • A signature from the artifact's producer

The chain is tamper-evident: modifying any artifact changes its hash, which breaks every subsequent link. Verification is deterministic and requires no trusted third party.

2.2 Artifact Layers

A complete agentic commerce transaction spans up to eight artifact layers. The first two (discovery and referral) are present only when the consumer arrived via an external AI platform. The fourth (delegation) is present when one or more agentic commerce protocols (TAP, AP2, ACP, UCP, MCP) carried the transaction.

# Layer Captures Signed by
1DiscoveryThe AI platform citation event — which platform surfaced which product for which querymerchant
2ReferralThe inbound session linking the AI citation to the merchant's site, with consent signals (GPC, cookie) and IP/UA hashesmerchant
3IntentThe consumer's product selection and expressed purchase intentagent + user + merchant
4DelegationThe agent ↔ merchant handshake — TAP agent identity, AP2 consumer authorization, ACP session binding (one or more)agent + user + merchant
5PolicyThe merchant's risk evaluation and policy-gate outcome prior to authorizationmerchant
6CartThe consumer's final cart composition and explicit confirmation, with hashed shipping and billing addressesagent + user + merchant
7AuthorizationThe PSP authorization result with full card-network representment fields — network_transaction_id, auth_code, AVS, CVV, 3DS, card brand/last4PSP
8FulfillmentOrder shipment and delivery confirmation with address-match evidence against the cartfulfillment_provider (carrier-attested) + merchant (wrapper)

Normative payload schemas for each layer are defined in Section 3 of the full specification. Every field carries a signal class (see §2.6) so evidence weight is legible to reviewers.

2.3 Actors

Four actor roles participate in an AEP chain:

  • Consumer — the end user whose intent drives the transaction. Identified pseudonymously.
  • Agent — an AI platform or on-site conversational agent that surfaces products or takes action on behalf of the consumer.
  • Merchant — the seller fulfilling the transaction; producer of intent, policy, cart, and fulfillment artifacts.
  • PSP — the payment service provider (Stripe, Adyen, Square, etc.); producer of the authorization artifact.

Each artifact is signed by the actor that produces it, enabling downstream verifiers to attribute responsibility for every step in the chain.

2.4 Sealing Model

An AEP chain is sealed when its final artifact is produced and no further artifacts are appended. A sealed chain produces a single, exportable evidence bundle containing all artifacts in sequence, their hashes, and their signatures. The bundle is the primary unit consumed by dispute resolution workflows, regulatory audit, and analytics.

Sealed chains are immutable. To record a correction or follow-up action (refund, return, chargeback response), a new chain is started and cross-referenced via artifact metadata; the original chain is never modified.

2.5 Protocol Interoperability

AEP is protocol-agnostic. It does not replace or compete with the emerging agentic commerce protocols — it wraps them. Every AEP artifact carries a protocol field identifying which protocol carried the handshake it represents, and a protocol_metadata sub-object carrying the protocol-specific payload (signatures, mandates, session IDs, tool call records).

Supported protocols (v1.0.1):

Protocol Owner Path Position What It Carries
TAPVisaAgent ↔ MerchantSigned agent-domain-operation identity assertion
AP2GoogleAgent ↔ PSP (via Merchant)User-signed Cart / Intent Mandate (VDC)
ACPOpenAI + StripeAgent ↔ MerchantCheckout session lifecycle with Stripe payment primitive
UCPGoogleAgent ↔ MerchantCanonical checkout intent abstraction
MCPAnthropicAgent ↔ MerchantTool invocation (calls and results)
x402Open standardAgent ↔ Merchant / PSPHTTP-native payment challenge/response
A2AOpen standardAgent ↔ Agent (upstream)Agent-to-agent coordination metadata
GENERICFallbackTransactions with no standard protocol present
Where the protocol attaches to the chain The agentic protocol handshake is the event that binds the agent to the merchant before any cart, policy, or authorization artifact exists. It attaches to the Delegation artifact (when the chain includes one) or is carried forward as protocol_metadata on the Intent artifact. Protocol-specific payload schemas are defined in the full specification.

Multi-protocol chains: A single transaction may carry multiple protocols simultaneously — for example, TAP for agent identity + AP2 for consumer authorization + ACP for session binding. AEP captures all three in one Delegation artifact. This composition is the strongest possible evidence configuration.

Cross-protocol witness: Because AEP wraps rather than replaces these protocols, an AEP chain is the only evidence structure that records which protocol(s) carried a given transaction, producing a cross-protocol interoperability record that no single protocol produces on its own.

2.6 Signal Classification

Every field in every AEP artifact carries a signal class that tells dispute reviewers, regulators, and downstream systems how much weight to place on the field. Signal classification is a first-class AEP concept and is preserved on export to PSPs, card networks, and dispute-management platforms.

Class Meaning Examples
Deterministic Verifiable by independent re-computation or returned by a trusted system (PSP webhook, platform webhook, signed API response) network_transaction_id, charge_id, auth_code, AVS/CVV/3DS results, delivery_address_hash
Attested Cryptographically signed by a party with standing — user (WebAuthn, AP2 VDC), merchant (JWKS-published key), PSP, agent (TAP) AP2 user signature, TAP agent signature, merchant session-binding signature
Inferred Reconstructed from observable signals rather than proven — best-effort attribution AI platform attribution, attribution_confidence, IP-derived country
Asserted Unsigned claim by one party, weakest signal, included for completeness but MUST NOT be relied on alone Citation position (when only the agent knows it), merchant-asserted quantity without AP2 signature
Why this matters to Visa, Mastercard, and PSPs Card-network representment workflows weight evidence by its class. A chain dense with Deterministic and Attested fields is evidentiarily stronger than one dense with Asserted claims. By surfacing the class per-field on export (§6 of the full specification), AEP makes the weight of every signal legible to the reviewer — rather than forcing the reviewer to infer quality from field names.

Chain-level strength ranking. §3.9.12 of the full specification defines an S/A/B/C/D evidence strength tier derived from the Delegation artifact's signal composition (TAP present, AP2 present, ACP session-binding present, etc.). Future AEP revisions may extend strength scoring across the full chain.

Sections 3–8 are in the full specification Artifact Type payload schemas, Cryptographic Hash Chain construction, Verification algorithm, Dispute Evidence Export, Discovery Attribution implementation, and Implementation Notes are normatively defined in the full spec.
See full specification: Request Full Spec →

9. A-Comm's Position in the Transaction Flow

A-Comm Inc. is the maintainer of the AEP reference implementation and the primary evidence custodian for merchants using the A-Comm platform. A-Comm is adjacent to the payment path, not in it. A-Comm is the black box recorder for agentic commerce — parallel to the transaction, never gating it. A-Comm does not move money, authorize charges, or hold funds. PSPs and card networks remain in the payment path. A-Comm is the evidence capture layer attached to every step.

9.1 Transaction Flow Diagram

┌───────────────────────────────────────────────────────────────────────────────┐
│                       PAYMENT PATH (in the flow)                              │
│                                                                               │
│  Consumer → AI Agent & Protocol → Merchant → PSP → Network → Issuer           │
└────────────────────────────────────┬──────────────────────────────────────────┘
                                     │
                        Reads events from every step
                                     │
┌────────────────────────────────────▼──────────────────────────────────────────┐
│                     A-COMM EVIDENCE LAYER (adjacent)                          │
│                                                                               │
│  Discovery → Referral → Intent → Delegation → Policy → Cart → Auth → Fulfill  │
│                                                                               │
│  Hash-chained, cross-network, dispute-grade evidence bundle                   │
└───────────────────────────────────────────────────────────────────────────────┘

9.2 Positioning by Phase

PhaseA-Comm's PositionWho Owns the Path
Pre-authorizationIn the decision flow (Merchant Policy Engine consulted before auth)A-Comm (policy)
Authorization itselfFully adjacent — evidence observer onlyPSP
Post-authorizationIn the evidence flow (receives auth result, seals bundle)A-Comm (evidence)
Settlement / clearingNot involvedNetwork + Issuer
Dispute / representmentEvidence provider only — does not manage workflowPSPs + dispute mgmt platforms

9.3 What A-Comm Is NOT

A-Comm is explicitly not in any of the following categories:

Not a money transmitter. A-Comm never holds, routes, or settles funds. No MTL required in any U.S. state.
Not a payment processor. A-Comm does not authorize charges, settle transactions, or clear funds. PSPs own that.
Not in PCI-DSS scope for card data. A-Comm never touches raw card data. Tokenization only, via the merchant's existing PSP SDK.
Not a dispute manager. A-Comm generates and delivers evidence. Dispute workflow management is owned by Chargebacks911, Midigator, Justt, Sift, and in-house merchant teams.
Not a fraud decisioning platform. A-Comm provides cryptographic proof, not decisions. Sift, Kount, and Signifyd make the call; A-Comm ensures evidence exists when the call is challenged.

9.4 Regulatory Classification

A-Comm operates in the observability and evidence infrastructure category — the same category as Datadog, Snowflake, and Segment. A-Comm is subject to:

  • CCPA and applicable U.S. state privacy laws (consumer data, DSRs within 45 days, published privacy policy)
  • Two-party consent state requirements for chat/voice recording (CA, FL, IL, MD, MA, MI, MT, NV, NH, OR, PA, WA)
  • FTC AI disclosure requirements (chat agent identifies itself as AI when sincerely asked)
  • SOC 2 compliance for evidence storage
  • GPC signal and consent cookie honoring in referral tracking

A-Comm is not subject to money transmitter licensing, PCI-DSS Level 1 scope (as an acquirer or processor), banking regulation, or Visa/Mastercard operating regulations for participants in the payment path.

Appendix — Attribution Methodology

A.1 The Challenge

AI platforms (ChatGPT, Gemini, Perplexity, Copilot) do not provide reliable referral signals. Claiming deterministic AI attribution is not defensible. AEP acknowledges this directly and defines a hybrid model.

A.2 Two Parallel Systems

AEP implementations MUST track AI-driven activity through two distinct signal systems. Neither alone is sufficient.

1
Synthetic Visibility Monitoring
  • Purpose: measure potential visibility
  • Method: low-volume, controlled query sampling against ChatGPT, Gemini, Perplexity, Copilot
  • Output: directional Visibility Score, not absolute truth
  • Labeling requirement: all synthetic-derived metrics MUST be labeled as "sampling-based measurement"
  • Constraints: queries MUST be low volume and carefully structured; aggressive automation patterns are prohibited
2
Observed Referral Tracking
  • Purpose: measure realized visibility
  • Method: capture real inbound traffic via URL parameters (when AI platform provides them), referrer headers (when available), merchant-controlled entry points (tracked links embedded in structured data and feeds), and behavioral heuristics (session patterns, device fingerprints, timing signatures)
  • Output: Discovery Performance — real traffic, real conversion
  • Consent: MUST honor GPC signal and acomm_consent=0 cookie before firing any events
  • Default posture: on ambiguous consent, default to no-tracking

A.3 Session Linking

Once a session starts, linking is deterministic. The ambiguity is only at the first hop (was this traffic AI-originated?).

referral event → session token → product view → cart add
              → checkout → purchase → fulfillment

All steps are linked by agentic_session_id and tied to the
evidence chain via the bundle's context.transactionID.

A.4 Dashboard Presentation Requirements

AEP-compliant dashboards MUST surface both signals separately and never collapse them into a single number:

  • Visibility Score (synthetic): e.g., "78/100 (sampling-based)"
  • Discovery Performance (observed): e.g., "142 sessions, 12 conversions, $2,340 revenue"

The relationship between the two signals over time is the primary merchant-value metric — "are enrichment investments translating to real traffic and revenue?"

A.5 Forward Compatibility

As AI platforms expose richer referral signals (e.g., via TAP agent identity metadata, AP2 cart mandate provenance, or platform-native referral headers), AEP implementations SHOULD ingest these signals into the same observed referral tracking system. The architecture sharpens as the ecosystem matures.