Proof after action.
Agent Provenance is the proof layer for agent-readable systems. It declares where a claim came from, what evidence travels with it, how the authorization chain is linked, and what audit surface makes the action reviewable later.
The declaration note already makes the asymmetry explicit: an agent without authority must not act; an agent with authority but without provenance must not be trusted after acting.
This domain narrows the declaration system to proof. It is the place where chain-of-custody, evidence references, signatures, hashes, lineage, and audit records become machine-readable objects rather than post-hoc narratives.
The minimal example set already defines the proof-side file family. On the provenance side, the declared objects are:
/.well-known/provenance.json
The proof root: source systems, attestations, evidence references, and the linked authority object.
/.well-known/audit.json
The operational trail: recorded events, retention period, escalation path, and verification pointers.
In the current example family, provenance.json points back to the authority domain while audit.json preserves the reviewable event model. That split is intentional: provenance is the proof primitive; audit is the running trail.
agent-provenance.org is the proof layer.
agent-authority.org is the control layer.
Authority answers whether an agent was allowed to act. Provenance answers what evidence supports that action, which systems fed it, which signatures or attestations travel with it, and how later review can reconstruct the chain.
- Publish
provenance.jsonas the lineage and evidence root for a declared agent action. - Bind source systems, attestations, and evidence references directly into that object.
- Publish
audit.jsonas the event trail and escalation surface that complements provenance without replacing it. - Cross-link both objects to the paired authority-side files so proof and permission remain machine-resolvable together.