Eight schema documents, a Python reference verifier, and a 22-vector conformance test suite. The executable vocabulary that defines what a valid AGTS artifact looks like — and proves it.
The AGTS Open Format Specification defines the canonical schemas for every artifact produced by the Autonomous Governance Transparency Standard. Any implementation — in any language, on any platform — can verify conformance against these schemas using the reference verifier and test suite.
A governance standard without an open, executable specification is just marketing. The open format serves three purposes:
Vocabulary ownership. Every field name, every threshold, every state transition is defined once with canonical semantics. Implementors speak the same language.
Independent verification. Any third party can verify that an AGTS artifact is well-formed and internally consistent without running ObligationSign software.
Interoperability. Competing implementations can prove conformance by passing the same test suite. The standard belongs to the ecosystem, not a single vendor.
Eight documents define the V1 artifact vocabulary. All schemas are frozen — no breaking changes permitted. Extensions require V2 interfaces with backward-compatible adapters.
| Document | Artifact Type | Purpose |
|---|---|---|
| governance-envelope-v1 | AGTS_GOVERNANCE_ENVELOPE_V1 |
Atomic unit of governed decision-making |
| plugin-result-v1 | AGTS_PLUGIN_RESULT_V1 |
Individual evaluator output format |
| hce-aggregation-v1 | — | H/C/E scoring model and verdict computation |
| merkle-proof-v1 | AGTS_SIGNED_STH_V1 |
Tamper-evident append-only transparency log |
| sovereign-bundle-v1 | OCLAW_SOVEREIGN_BUNDLE_V1 |
Portable agent identity artifact (.oclaw) |
| decision-boundary-v1 | — | Human-defined action classification rules |
| execution-trace-v1 | AGTS_EXECUTION_TRACE_V1 |
Record of governed action execution |
| variance-record-v1 | AGTS_VARIANCE_RECORD_V1 |
Authorization-vs-execution drift measurement |
The first six schemas cover the base protocol (authorization, scoring, signing, logging, bundling, boundaries). The last two — execution-trace-v1 and variance-record-v1 — extend the base into the Closed-Loop Triple-Leaf Ledger.
The reference verifier is a standalone Python implementation that checks any AGTS artifact for schema compliance, internal consistency, and cryptographic validity.
If Ed25519 signature verification is requested but the cryptography package is not installed, the verifier raises an error. It does not silently accept. This is a deliberate design decision for a governance-critical system.
22 test vectors — 13 valid and 9 invalid — define the boundary between conformant and non-conformant implementations. Every vector is a self-contained JSON file with expected outcomes.
| Vector | What it tests |
|---|---|
envelope_default_pass | Two-plugin envelope with DEFAULT profile, all thresholds met |
envelope_strict_review | STRICT profile falls into REVIEW zone |
envelope_block_synthetic | Single synthetic BLOCK result (fail-closed) |
envelope_empty_plugins | Empty plugins array defaults to REVIEW |
envelope_signed | Valid Ed25519 signature and leaf hash |
bundle_minimal | Minimal valid sovereign bundle |
bundle_with_hashes | Bundle with config file content hash verification |
merkle_proof | Merkle inclusion proof for leaf in 4-leaf tree |
boundary_easy_tool | Easy boundary matched by tool name |
boundary_hard_keyword | Hard boundary matched by keyword overlap (≥ 30%) |
boundary_escalation | Escalation rule matched by trigger word overlap (≥ 40%) |
boundary_priority | Escalation overrides matching easy boundary |
boundary_default | No boundaries match — classification defaults |
| Vector | What it catches |
|---|---|
envelope_missing_fields | Missing required fields (verdict, final_state, execution, requires_review) |
envelope_wrong_state_mapping | PASS verdict with QUARANTINE final_state — inconsistent |
envelope_hce_mismatch | Falsified H_total (0.50 instead of correct 0.10) |
envelope_hce_out_of_range | Plugin H value 1.5 — out of [0,1] range |
bundle_wrong_type | Wrong type identifier on bundle |
envelope_wrong_type | Wrong type identifier on envelope |
envelope_bad_signature | Tampered Ed25519 signature |
merkle_bad_proof | Tampered sibling hash in Merkle proof |
bundle_bad_hash | Tampered config file content hash |
| Category | Valid | Invalid | Checks |
|---|---|---|---|
| Governance Envelope | 4 | 4 | Schema, verdict consistency, HCE aggregation, type |
| Ed25519 Signature | 1 | 1 | Signature verification, leaf hash |
| Sovereign Bundle | 2 | 1 | Type, content hash verification |
| Merkle Proof | 1 | 1 | Inclusion proof recomputation |
| Decision Boundary | 5 | — | Tool match, keyword overlap, escalation priority, defaults |
| Total: 13 valid + 9 invalid = 22 vectors | |||
No competing AI governance framework — Microsoft Agent Governance Toolkit, AIGP, Aegis, Strata — publishes an open, executable conformance suite for their governance format. This is the first.
Run the conformance suite locally in under a minute:
The verifier requires Python 3.10+ and the cryptography package. All other checks use the standard library only.
The complete specification, verifier source, and all test vectors are published at agts-clearinghouse/agts-clearinghouse-spec on GitHub.