Under the seven services sits a three-repo platform. agent-passport is the spec: one agent:// identifier, one Passport document, one event envelope. agent-stack-go is the Go binding, with the agent-conform checker. terraform-provider-taipan turns budgets, passports and policies into PR-reviewed code. No shared runtime, no shared database; adopting it is a naming agreement plus a few optional fields.
This is a simulation, labeled as one: a replay of the envelope's normal day. A passport is issued, seven services emit their own event types into one NDJSON stream, two schema versions ride side by side, and agent-conform validates the whole stream at the end. Exit 0.
Seven emitters write one shape onto one NDJSON bus: five required fields, five optional ones. Three consumers read it back: the agent-conform CLI validates against embedded copies of the canonical JSON Schemas, Idryx folds events into the identity graph, and TokenFuse Cloud files them into evidence packs. On the right, the part your platform team owns: budgets, passports and policies as Terraform resources.
One agent, one URI: agent://trust-domain/path, at most 255 bytes, aligned with SPIFFE without requiring it. The document behind the ID names an owner, a runtime and one of five attestation methods. The delegation chain is ordered root first, acyclic, and capped at 32 entries.
Five required fields: schema, ts, source, type, agent_id. Two versions coexist by design: v0.1 with a closed source enum, v0.2 with an open string. Event types live in a per-source registry, so tokenfuse can add a type without asking engram.
agent-stack-go v0.2.0 ships passport.Parse, an append-only event.Writer and chain.Validate, stdlib only at runtime. It is the same validation Idryx runs on ingest: a passport that parses in your pipeline parses in the graph.
A standalone conformance CLI with the canonical JSON Schemas embedded. Files are classified by their own schema field, and unrecognized content is a FAIL, never silently skipped. Exit 0 or exit 1; it has already caught a real 63-versus-64 hex character prev_hash defect.
Three Terraform resources: taipan_budget, taipan_agent_passport, taipan_wardryx_policy. Budgets and policies get PRs, plans and diffs like everything else, and edits made out of band surface on the next plan. Where the API has no delete, the provider says so instead of pretending.
The provider is not on the Terraform Registry yet: you build from source and wire it in with dev_overrides, exactly as the README says. The passport is metadata, not a token, and the spec is not an authentication protocol. Small claims, kept.
Without a shared contract you get one of two outcomes: every tool logs its own JSON, or one vendor's schema becomes the standard and you rent it. Here is the matrix.
| the contract | “every tool logs its own JSON” | a vendor's proprietary schema | |
|---|---|---|---|
| Cross-tool correlation | One agent_id everywhere | grep and prayer | Inside one vendor only |
| Versioning | Explicit schema field; v0.1 and v0.2 coexist | None | The vendor's roadmap |
| Validation | JSON Schema + a conformance CLI | None | Closed |
| Who can implement it | Anyone; Apache-2.0 | n/a | Licensees |
Every other page on this site is a producer or a consumer of this contract. TokenFuse pushes its incident taxonomy through the envelope verbatim, zero renaming. Wardryx answers policy_deny in schema v0.2. Engram writes memory_written and reflection_run into the same stream, and Idryx reads everything back into one identity graph, checking passports with the same passport.Parse this platform ships. Different rooms, one grammar.
Exit 0 means every file and every NDJSON line conforms; exit 1 means at least one did not. That is the whole interface.