The standardized service agreement form for AI agent engagements. Published so parties can read, reference, and negotiate from it — then Exacted into a Paper that binds a specific Buyer, AI Provider, and engagement.
Like a standard real-estate offer-to-purchase form: the blank form is public; the deal it produces is between the parties.
The SAISA is a standardized service agreement form, published on this page so parties, counsel, and regulators can read it directly. The specification itself contains no vendor names — only role-based references like “Platform Operator,” “Settlement Provider,” and “AI Provider.”
Each Platform Operator publishes an Implementation Schedule that specifies their chosen providers. This separation means the same SAISA form can govern engagements across multiple platforms with different infrastructure choices.
The vendor-agnostic legal framework, published for parties to read and negotiate from.
exact.works' specific choices for providers and jurisdiction.
The process of joining a negotiated service agreement with its Execution Manifest and behavioral governance layer, producing a Ricardian instrument that is simultaneously enforceable in law and enforceable in code.
The SAISA form is the starting point. The parties negotiate terms from it. exact.works then Exacts a Paper: the negotiated SAISA is joined with the Execution Manifest, run through the APEX-BG exacting gates, cryptographically bound to a specific Buyer, AI Provider, and agent, and anchored to the Trace. The result is a Ricardian instrument — a single artifact that a lawyer can read and an agent can execute, where prose and code are required to agree.
The SAISA form is public. The Paper is confidential to the parties; only its hash is publicly verifiable. What exact.works alone provides is the Exacting infrastructure — the exacting gates, the prose-code fidelity validator, Schedule 1 append, the hash chain, and the Trace — which is why Papers cannot be produced anywhere else.
AI agents are executing work product worth thousands of dollars with no contractual framework. No acceptance criteria. No escrow. No independent review. No dispute resolution. No compliance artifact. The SAISA is the independent contractor agreement for autonomous AI agents.
The SAISA does not wrap the agent. It wraps the engagement. Like DocuSign wraps the signing - not the work - the Paper wraps the terms, acceptance criteria, and settlement. The agent runs wherever it runs. The Paper governs.
Accepted once per Buyer-Developer pair. Governs liability, IP ownership, confidentiality, dispute resolution. Schedule 1 (invariant blocks) attached.
One per agent engagement, issued under the SAISA. Contains scope of work prose + Execution Manifest.
Budget ceiling, timeline, acceptance criteria, tool permissions, egress rules. Machine-readable.
SHA-256 hash chain: msaHash → paperSnapshot → amendmentHashThe foundational contract between a Buyer and Developer. Accepted once and governs all subsequent Papers between those parties. Contains liability allocation, IP ownership terms, confidentiality obligations, and dispute resolution procedures.
The transaction-specific service agreement for a single agent engagement. Incorporates the SAISA by reference, contains the human-readable scope of work, and embeds the machine-readable Execution Manifest. Immutable once Exacted.
Formal modification to a Paper. Requires dual authorization from both Buyer and Developer. Cryptographically linked to the parent Paper.
Narrow exception to Paper terms for specific commercial arrangements. May have an expiration date. Does not modify core Paper terms.
Non-negotiable invariant blocks that govern over everything. Any language in a Paper, Amendment, or Side Letter that purports to modify Schedule 1 is void and unenforceable. Schedule 1 is programmatically appended to every Paper.
The platform-specific document that specifies Settlement Provider, AI Providers, governing law, and other operational choices. This is where vendor names appear.
The AI Provider creates the Execution Manifest (JSON) and corresponding SOW prose describing the agent's scope of work.
The platform validates that the prose and manifest agree:
If the prose says $5,000 but the manifest says maxCostCents: 300000, Exacting fails.
SHA-256 hash computed at PostgreSQL UTC commit timestamp, ensuring tamper-evident integrity.
Schedule 1 invariant blocks are programmatically appended. These cannot be modified or waived.
The Paper is now immutable. Any modification requires a formal Amendment with dual authorization from Buyer and Developer.
Developer is exclusively liable for Agent Logic - code, prompts, configuration. Buyer is exclusively liable for Agent Authorization - funding, access grants, exhibit content. Platform Operator is liable for neither. This bright-line allocation is in Schedule 1 and cannot be modified.
Platform Operator liability is capped at the lesser of the Escrow Balance or $500/5% of the Budget Ceiling. Carve-outs for gross negligence, willful misconduct, and fraud. The cap is anchored to a real financial instrument, not an arbitrary number.
IP ownership changes based on the escrow state: DELIVERABLE_STAGED grants read-only evaluation license. FUNDS_RELEASED triggers full IP transfer (excluding Background Technology). RESOLVED_REFUND invokes destruction covenant (5 business days). Tied to database transitions, not handshakes.
Every document is SHA-256 hashed at the PostgreSQL UTC commit timestamp. msaHash → paperSnapshot → amendmentHash. The chain is walkable: from any Paper, reconstruct the complete governing terms. Tamper-evident by construction.
{
"maxCostCents": 249900, // Budget Ceiling ($2,499.00)
"timelineDays": 7, // Execution deadline
"completionCriteria": [ // Machine-readable acceptance
"Gap analysis covers all 5 TSC",
"Policy drafts for 10+ policies",
"Remediation ranked P1/P2/P3"
],
"milestoneWeights": [0.5, 0.5], // Proportional disbursement
"permissionScopes": [ // Tool access grants
"read_context", "write_file"
],
"allowedEgressUrls": [] // Network containment (ZERO)
}The Execution Manifest is the machine-readable half of the Paper. The SOW prose is the human-readable half. Exacting validates that they agree.
The SAISA does not specify where the agent runs. The same Paper governs an agent running on NVIDIA NemoClaw, Docker, Kubernetes, AWS Lambda, Salesforce Agentforce, WebAssembly, or any MCP server. Runtimes execute. The Paper governs.
If a Buyer disputes deliverables, the Paper's completionCriteria become the Expert Question. AI systems from the providers specified in the Implementation Schedule evaluate the deliverables against these criteria.
Evidence filtering protects Developer IP - the models never see the Developer's system prompt or proprietary instructions.
Expert Determination is a recognized legal mechanism under common law and ICC rules. Human arbitration election is available within 10 business days.
The SAISA framework was designed by a licensed attorney (Wisconsin, Florida) with enterprise contracting experience. exact.works, Inc. is a Delaware corporation. All agreements are governed by Delaware law (Section 4.8). Documents should be reviewed by your own counsel before execution.
Nothing in this document constitutes legal advice. The SAISA framework produces structured contractual artifacts for use by contracting parties. exact.works, Inc. is not engaged in the practice of law. All agreements must be reviewed by licensed counsel before execution.
Copyright 2026 exact.works, Inc. All rights reserved.