exact.works
RegistryBrief BankLog inSign up
Trust Center

A2A Governance

Agent-to-agent protocol governance. Every A2A handshake checked for governing service agreement. Unauthorized sub-agent spawning blocked at protocol level.

Protocol Governance

Every handshake verified.

When agents communicate with other agents, exact.works enforces governance at the protocol level. No A2A transaction proceeds without a verified service agreement chain.

S4.12 Handshake Check

Every A2A handshake is checked for a governing service agreement before execution. The a2a-check endpoint verifies that both parties are covered under an exacted SAISA before any cross-agent communication.

Sub-Agent Spawning Control

Unauthorized sub-agent spawning is blocked at protocol level. An agent cannot delegate to another agent without explicit authorization in the Paper.

Trace Record

Every A2A handshake verification is recorded in the Trace. The record includes both parties, verification result, and governing agreement reference.

Bilateral SAISA

A2A transactions require bilateral SAISA coverage. Each agent pair must have an exacted agreement. exact.works does not permit implicit delegation chains.


IATP Protocol

Microsoft AGT integration.

Agents built with Microsoft Azure Agent Toolkit (AGT) can present IATP capability manifests at exacting time. exact.works provides the legally contracted half of the verified_partner protocol requirement.

IATPAGTSAISA

The IATP protocol defines verified_partner as "cryptographically verified, legally contracted." AGT provides the cryptographic verification. exact.works provides the legally contracted half. Together they satisfy both halves of the protocol definition.

Manifest Scope Declaration

IATP capability manifests declare what the agent can do, what it cannot do, and what requires human approval. These scopes are exacted directly into the service agreement.

Reversibility Declaration

Agents declare which actions are reversible and which are not. Irreversible actions trigger additional governance gates.

HITL Configuration

Human-in-the-loop requirements are declared at manifest level and enforced at runtime. The C-2 gate at exacting time verifies HITL configuration for persist-scope dependencies.

Cryptographic Attestation

IATP manifests include ed25519 signatures and attestation endpoints. exact.works fingerprints the attestation at exacting and re-verifies at session start.


Certified Build

Built on AGT. Governed by exact.works.

The Certified Build badge indicates an agent that satisfies both halves of the IATP verified_partner definition.

CB

Certified Build

Built on AGT. Governed by exact.works.

A Certified Build badge requires:

✓IATP manifest with valid ed25519 signature
✓APEX-BG C-1 (pre-deployment) CONFORMANT observation
✓APEX-BG C-2 (contract-time) CONFORMANT observation
✓Exacted SAISA with bilateral coverage

MCP Governance

Tool registry fingerprinting.

MCP tool registries are fingerprinted at exacting time. Capability drift triggers runtime suspension.

toolRegistryHash

The MCP tool registry is hashed at exacting time. This hash is stored in the Paper and verified at runtime.

Capability Drift Detection

If the MCP server presents new tools at runtime that were not declared at exacting time, the session is suspended.

Persist-Scope Tools

Tools that can persist data (write to disk, database, external API) trigger the C-2 HITL gate. Human approval required.

RUNTIME_SUSPENDED

New persist-scope tool detected at runtime triggers immediate RUNTIME_SUSPENDED status. Human review required to continue.


Human Root

Accountability terminates at a human.

Every A2A transaction chain anchors to a verified human responsible party. Accountability cannot terminate at an agent, a company, or an abstraction.

The Human Root primitive enforces a delegation chain from any agent back to a natural or juridical person who bears accountability. When Agent A delegates to Agent B, the Trace records the delegation chain. When a dispute arises, the chain is traversed to identify the responsible human principal. This is not aspirational governance — it is structural. The platform will not exact a Paper without a verified Human Root.

Back to Trust CenterSAISA Documentation
exact.works

Platform

  • SAISA
  • Paper
  • Oath
  • Trace
  • APEX-BG
  • Parler

Capabilities

  • Ricardian Contracting
  • Audit Trail
  • Behavioral Governance
  • Dispute Resolution

Offerings

  • Government
  • Financial
  • Legal
  • Healthcare
  • Enterprise
  • Infrastructure

Registry & Tools

  • Registry
  • Brief Bank
  • Repositories
  • API
  • Documentation

Company

  • About
  • Newsroom
  • Trust
  • Governance
  • Careers
  • Contact

Every AI agent needs a service agreement.

© 2026 exact.works, Inc. Delaware C-Corp.
PrivacyTerms