Lab/ATP

Make trust auditable, so it cannot change in secret

ATP is the trust-protocol face: it issues, distributes and revokes the trust assertions ATX carries, and records every one in a public Merkle log. It is how the score AIP computes becomes auditable across the ecosystem.

REFERENCE · read the full ATP specification

Interactive lab · 4 of 5 in the familystart

the problem

Before the spec: the usual way

The usual way: trust is a private database row. No one outside the authority can audit it, and it can be downgraded or deleted with no trace anyone could detect.

the usual way

trust_db.agents["billing"] = { trustLevel: 3 }

Trust lives in a private row. No one outside the authority can audit it, and it can be changed, or quietly downgraded, with no trace anyone could detect.

What is real here

ATP is 1.0.0-rc1. The base trust-proof fields shown are the shipped ones; some extension fields are proposed for v1.1. Revocation is append-only: a revocation is a new log entry, never a deletion, which is exactly what makes the log auditable. The Merkle root and inclusion proof here are computed with real SHA-256, so tampering is genuinely detected.

Copy as codeVerify a proof is in the transparency log

import { getInclusionProof, verifyInclusion } from "@opena2a/atp";

const { proof, root } = await getInclusionProof(logIndex);
// Reconstructs the root from the audit path and compares (RFC 6962).
if (verifyInclusion(entry, proof, root)) trustIsAuditable();

Read the ATP specification→Next: use the credential without leaking it→

Next in the chain5 of 5: Use a credential the agent never sees→