diff --git a/CHANGELOG.md b/CHANGELOG.md index dee98b9..c1c3a43 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,12 @@ # CHANGELOG — Protocol-Commercial +## Unreleased + +### Changed + +- Separated VerifyAgent into its own public Commons/MIT repository. This repo now focuses exclusively on CommandLayer Commercial infrastructure including hosted runtime, paid verification APIs, x402 billing, indexing, dashboards, and enterprise support. +- clarified repository scope to exclude a standalone public verifier product/demo surface and to refer public receipt verification users to https://github.com/commandlayer/verifyagent + ## v1.1.0 Repository-validated current release line for final Commons-style publication. diff --git a/COMPLIANCE.md b/COMPLIANCE.md index b69f86b..ede33e1 100644 --- a/COMPLIANCE.md +++ b/COMPLIANCE.md @@ -2,6 +2,8 @@ This document describes current-line release compliance expectations for the active v1.1.0 commercial line. +Scope boundary: this repository governs CommandLayer Commercial infrastructure contracts and does not ship the public VerifyAgent product/UI. For public receipt verification, see https://github.com/commandlayer/verifyagent. + Protocol-Commercial compliance is about typed economic semantics and release integrity. A compliant release candidate must satisfy all of the following: diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 5c29060..dec18a5 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -2,6 +2,8 @@ This document defines the contributor workflow for the current release line. Keep changes minimal, validation-preserving, and explicit about whether they affect the current line (`v1.1.0`) or retained legacy artifacts. +Product boundary reminder: do not add VerifyAgent product/demo/UI code to this repository. For public receipt verification UX, refer users to https://github.com/commandlayer/verifyagent. + ## Pull request expectations - Describe the exact problem being fixed and the exact files changed. diff --git a/GOVERNANCE.md b/GOVERNANCE.md index 03c2a8a..ce0f9e1 100644 --- a/GOVERNANCE.md +++ b/GOVERNANCE.md @@ -2,6 +2,8 @@ This document applies repo-wide and is version-independent unless a section says otherwise. +Governance boundary: Protocol-Commercial governance in this repository does not govern the public VerifyAgent product/UI; that public verifier lives at https://github.com/commandlayer/verifyagent. + **Founding steward:** commandlayer.eth ## Steward responsibility diff --git a/INTEGRATOR.md b/INTEGRATOR.md index 516ddc6..a5ddf33 100644 --- a/INTEGRATOR.md +++ b/INTEGRATOR.md @@ -2,6 +2,13 @@ This document is the external-consumer quickstart for the current commercial release line. +For public receipt verification, see https://github.com/commandlayer/verifyagent. + +Usage boundary: + +- Human usage → VerifyAgent (free UI): https://github.com/commandlayer/verifyagent +- Programmatic usage → CommandLayer Commercial API (paid / x402) + ## What to import Use the explicit current-line JSON path export by default: @@ -20,6 +27,8 @@ Normative machine artifacts: - `schemas/v1.1.0/index.json` - `manifest.json` +This repository does not ship or document a standalone public verifier product/demo surface as part of Protocol-Commercial. + Illustrative conformance fixtures: - `examples/v1.1.0/commercial//valid/` diff --git a/ONBOARDING.md b/ONBOARDING.md index ebbe977..f0e5520 100644 --- a/ONBOARDING.md +++ b/ONBOARDING.md @@ -2,6 +2,15 @@ This document is an orientation guide for the active v1.1.0 release line. Contributor policy and pre-merge workflow live in `CONTRIBUTING.md`. +For public receipt verification, see https://github.com/commandlayer/verifyagent. + +Architecture boundary: + +- VerifyAgent.eth = public verifier (Commons / MIT) +- CommandLayer Commercial = paid infrastructure layer for hosted APIs, x402 billing, indexing/storage, dashboards, monitoring, and enterprise support +- Agent Cards = identity + capability metadata +- CommandLayer receipts = signed execution proof + ## Document scope Use this document to understand the repository shape, release line, and shipped package boundary before editing. diff --git a/POLICY.md b/POLICY.md index edd1366..084c0d8 100644 --- a/POLICY.md +++ b/POLICY.md @@ -2,6 +2,8 @@ This policy governs the active release line and the canonical shipped package boundary. Repo-wide governance and security reporting are defined separately. +Product boundary: this repository is CommandLayer Commercial only. Public receipt verification UX/product usage is handled by VerifyAgent at https://github.com/commandlayer/verifyagent. + ## Current line `v1.1.0` is the current Protocol-Commercial line and the only canonical shipped line. diff --git a/README.md b/README.md index bbde183..7432663 100644 --- a/README.md +++ b/README.md @@ -25,6 +25,30 @@ Protocol-Commercial is intentionally limited to protocol truth: - no routing logic - no transport implementation beyond the normative x402-first execution assumption +For public receipt verification, see https://github.com/commandlayer/verifyagent. + +## Product boundary and architecture + +CommandLayer Commercial in this repository provides: + +- hosted verification APIs +- high-volume verification infrastructure +- x402-based billing +- receipt indexing and analytics +- dashboards, monitoring, and enterprise/commercial support + +Architecture alignment: + +- VerifyAgent.eth = public verifier (Commons / MIT) +- CommandLayer Commercial = paid infrastructure layer +- Agent Cards = identity + capability metadata +- CommandLayer receipts = signed execution proof + +Usage boundary: + +- Human usage → use VerifyAgent (free UI): https://github.com/commandlayer/verifyagent +- Programmatic usage → use CommandLayer Commercial API (paid / x402) + ## Document scope This README is a repo-wide orientation document for the active release line and its canonical shipped boundary. @@ -211,6 +235,9 @@ This repository does not define: - legal finality - provider SLAs - runtime traces or debugging exhaust as normative truth +- a standalone public verifier product, demo UI, or hosted public verification app surface + +For public receipt verification, see https://github.com/commandlayer/verifyagent. ## Example current-line schema pair diff --git a/RESOLUTION.md b/RESOLUTION.md index e4c26bf..b2ac0bd 100644 --- a/RESOLUTION.md +++ b/RESOLUTION.md @@ -4,6 +4,8 @@ This document records repository-level release and migration resolutions. +Product scope note: VerifyAgent.eth is maintained separately as the public Commons/MIT verifier at https://github.com/commandlayer/verifyagent. This repository resolves CommandLayer Commercial infrastructure release policy only. + ## Resolution record ### 2026-03-19 — v1.1.0 migration resolution diff --git a/SECURITY.md b/SECURITY.md index e838c27..1b50c04 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -2,6 +2,8 @@ This document applies repo-wide to the security posture of published Protocol-Commercial release lines unless a section states a narrower scope. +Scope boundary: this repository secures CommandLayer Commercial artifacts and infrastructure contracts, not the public VerifyAgent UI/product. Public verifier usage belongs to https://github.com/commandlayer/verifyagent. + Protocol-Commercial provides schema-level security properties, not transaction or fraud guarantees. ## What this repository is responsible for diff --git a/SECURITY_PROVENANCE.md b/SECURITY_PROVENANCE.md index ef590c1..dc470c7 100644 --- a/SECURITY_PROVENANCE.md +++ b/SECURITY_PROVENANCE.md @@ -4,6 +4,8 @@ Current release line: `v1.1.0` (current repository-validated line; external publication is not asserted by this repository) +Product boundary: this repository covers CommandLayer Commercial infrastructure artifacts. Public verifier UX/product usage is handled by VerifyAgent at https://github.com/commandlayer/verifyagent. + Canonical shipped npm package surface: - `schemas/v1.1.0/` diff --git a/SPEC.md b/SPEC.md index 8b79329..0d5f268 100644 --- a/SPEC.md +++ b/SPEC.md @@ -18,6 +18,15 @@ This specification governs: This specification does not govern runtime transport implementation, provider policy, or legal adjudication. +For public receipt verification, see https://github.com/commandlayer/verifyagent. + +Repository product boundary: + +- VerifyAgent.eth = public verifier (Commons / MIT) +- CommandLayer Commercial = paid infrastructure layer (hosted APIs, x402 billing, indexing/storage, dashboards, monitoring, enterprise support) +- Agent Cards = identity + capability metadata +- CommandLayer receipts = signed execution proof + ## 2. Canonical release boundary The canonical shipped line is `v1.1.0` only. @@ -50,6 +59,8 @@ Historical repository-only material that is outside the canonical shipped packag Additional prose docs may remain authoritative for interpretation or process inside the repository, but they are outside the shipped package surface unless package metadata is changed deliberately in a later release. +Protocol-Commercial focuses on commercial infrastructure contracts and does not include a standalone public verifier product/demo surface in this repository. + ## 3. Version and identity rules 1. Every v1.1.0 schema MUST use a stable `$id` under `https://commandlayer.org/schemas/v1.1.0/...`.