Skip to content
Terrene Foundation Terrene Foundation Terrene Foundation Terrene Foundation Terrene Foundation

EATP: Enterprise Agent Trust Protocol

Version 2.2 Status Published License CC BY 4.0 Type Protocol

When an autonomous agent makes a decision, the question “who authorized this and under what constraints?” should have a verifiable answer. In most systems, it does not. Authorization is implicit, audit trails are reconstructed after the fact, and the connection between human authority and machine action is a matter of organizational belief rather than cryptographic proof.

EATP provides the mechanical layer that makes governance auditable: every autonomous decision is recorded, signed, and verifiable.

What EATP defines

Section titled “What EATP defines”

Decision records. Every autonomous action produces a structured record containing: what was decided, under what constraints, with what authority, and what the outcome was. These records are the atomic unit of accountability.

Cryptographic signing. Decision records are signed using Ed25519. This provides non-repudiation: it is possible to verify after the fact that a specific agent made a specific decision under specific constraints, and that the record has not been altered.

Monotonic trust escalation. Trust state can only escalate, never relax. An action that has been flagged for review cannot be silently downgraded to auto-approved. The possible states (Auto-Approved, Flagged, Held, Blocked) form a one-way escalation path.

Tamper-evident audit trails. Decision records are chained and integrity-protected. Any modification to historical records is detectable. This provides the audit infrastructure that compliance and regulatory frameworks require.

What EATP does not cover

Section titled “What EATP does not cover”

EATP verifies that trust chains are structurally sound. It does not determine whether a delegation was wise, whether constraints were set at the right level, or whether the human who granted authority should have done so. Cryptographic proof of authorization is not proof of good judgment. EATP provides the verification layer; the governance philosophy that informs delegation decisions is defined by CARE.

Status

Section titled “Status”

The EATP specification is published under CC BY 4.0. The reference implementation is the EATP SDK (Python, Apache 2.0), providing dataclass-based decision records, Ed25519 signing, HMAC integrity verification, and a SQLite-backed audit store.