Open Source

Reputation you can audit

AAR is the append-only, hash-chained ledger that stores and federates AAP acknowledgments and aggregates them into reputation — with Merkle checkpoints, GDPR-compatible withdrawal, and a normative scoring algorithm. It assumes no honest operator: every tamper leaves a cryptographic trace.

Read the spec GitCaddy AI-Manifests
§9
Normative scoring algorithm
11
Threat classes hardened
3
Reference implementations
Why choose us

Why Agent Acknowledgment Record?

Detectability, not blind trust

AAR can't stop a compromised aggregator from tampering with its own ledger — but every tamper breaks a hash chain, mismatches a signed checkpoint, or fails a Merkle proof. Consumers who need strong assurance subscribe to multiple checkpoints and reconcile.

Append-only meets the right to be forgotten

Commitment-preserving withdrawal erases the event payload while retaining a position-bound cryptographic commitment — so GDPR Article 17 erasure and an auditable, hash-chained history coexist.

Federation by pull, not push

Aggregators mirror peers by verifying signed, prev-chained checkpoints. No party must accept inbound writes, no central registry exists, and conflicting views are expected — the DNS-resolver model, not consensus.

Reputation as a derived view

The normative default algorithm is fully specified so any consumer can recompute and compare. An aggregator publishes a view, never an authoritative oracle — you choose whose view to trust.

Capabilities

Features

Hash-chained record entries

Each entry wraps one AAP event with chain metadata; the entry hash binds the immutable content so a withdrawal can flip status without breaking continuity, and any reorder or edit is detectable.

Signed Merkle checkpoints

Daily, externally anchored, prev-chained checkpoints commit to a range of entries. A consumer with a checkpoint and one entry can verify inclusion with a standard Merkle proof.

ReputationSource interface

The read surface ADP consumes — modeled on ADJ's CalibrationSource for cross-spec consistency — returning aggregate score, diversity, settlement-backed fraction, and confidence.

Normative §9 default algorithm

type × issuer_trust × value × witness × time_decay, with a Simpson issuer-diversity penalty, attestation-bounded recursive trust, and verified-settlement weighting.

Commitment-preserving withdrawal

Issuer and privacy withdrawals are honored with matching authority; the payload can be erased while the chain and a proof of prior existence survive.

CI validator

@ai-manifests/aar-validate audits chain integrity, strict sequencing, cross-entry replay, and can recompute every entry hash from content.

Stand up an acknowledgment ledger

Append signed entries, publish checkpoints, and serve the ReputationSource query. The reference libraries in C#, Python, and TypeScript handle hashing, Merkle proofs, and the default scoring algorithm.

Browse reference libraries