Capability manifest
What an agent may discover, call, spend, write, or expose.
Aweb Labs / Public-goods grant dossier
Open execution evidence for AI agents.
Aweb Agent Receipts turns agent actions into portable, inspectable records: what was authorized, which tool or provider ran, what happened, what failed, what it cost, and what evidence should remain for review.
Execution Receiptopen primitive
- Agent
- aweb.operator
- Capability
- gmail.send_message
- Authority
- scoped, time-bound, reviewable
- Outcome
- sent / failed / recovered
- Evidence
- inputs, cost, provider ids, replay hints
Apache-2.0 targetSix-month first milestoneNo token dependencyNo custody claim
Why this matters now
The next wave of AI does not just answer. It executes.
Agents are beginning to touch inboxes, cloud services, data providers, developer tools, customer systems, payments, and onchain workflows. Without a portable execution record, teams cannot reliably inspect what happened, debug failures, prove boundaries, or improve autonomous systems after they act.
What the grant funds
A small open primitive with sharp edges.
The workstream is deliberately narrow: publish the receipt schema, reference implementation, validator, examples, and viewer that make accountable agent execution reusable outside the private Aweb platform.
- Portable receipt schema for agent, tool, API, and MCP execution.
- TypeScript reference implementation for producing and consuming receipts.
- CLI validator for inspecting execution records, failures, and recovery state.
- MCP/API examples showing receipts across real provider calls.
- Lightweight viewer for reviewers, developers, and operators.
- Integration documentation for agent frameworks and application teams.
Architecture
From permission to proof.
Execution grant
The scoped authorization that turns intent into bounded action.
Action receipt
A portable record of provider, inputs, outputs, cost, failure, and recovery state.
Verifier
CLI and viewer surfaces that let humans and systems inspect the evidence.
Six-month plan
Credible scope, visible outputs, no theater.
Month 1
Schema and threat model
Define receipt fields, authority boundaries, privacy rules, failure states, and interoperability requirements.Months 2-3
SDK, examples, and validator
Ship a TypeScript reference package, CLI validation flow, and concrete MCP/API examples.Months 4-5
Viewer and framework adapters
Build a small reviewer UI and adapters that make receipts practical inside existing agent stacks.Month 6
Hardening and public release
Test edge cases, document integration paths, publish examples, and prepare public project reporting.Ecosystem fit
One primitive, several serious execution contexts.
The core work stays stable: scoped authority before action and receipt-grade evidence after action. Different ecosystems need the same primitive for different execution surfaces.
Public internet infrastructure
adaptable moduleOpen schema, SDK, validator, MCP/API examples, and viewer for the broader agent ecosystem.
Agent commerce and payments
adaptable moduleReceipts for AI agents using tools, payments, provider workflows, and settlement metadata.
Smart accounts
adaptable moduleExecution evidence for account actions: who authorized what, which action ran, and what proof remains.
Account abstraction
adaptable moduleReceipts for agent-controlled account abstraction workflows and verifiable execution paths.
Oracle-aware execution
adaptable moduleReceipts for agent decisions that depend on data feeds, automation, and external proofs.
Upgrade readiness
adaptable moduleExecution-evidence tooling for impact analysis, monitoring, and repeatable technical review.
Boundary
Ambitious, but honest.
This is not a token launch, custody product, or claim that all autonomous execution is already solved. It is the open evidence layer underneath serious agent systems: the receipt trail reviewers, users, developers, and future machines need before AI agents can operate with real responsibility.