agentic-payments 0.1.0

Autonomous multi-agent Ed25519 signature verification with Byzantine fault tolerance
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381

# Agentic Commerce Protocol (ACP) Integration Plan

## Executive Summary

This document outlines the integration plan for migrating the agentic-payments crate from Google's Agent Payments Protocol (AP2) to support both AP2 and OpenAI/Stripe's Agentic Commerce Protocol (ACP). The goal is to create a unified payment infrastructure that supports both protocols while maintaining backward compatibility with existing AP2 implementations.

### Current State
- **Implementation**: Full AP2 protocol with Ed25519 signatures, verifiable credentials, mandates (Intent, Cart, Payment), DID management, and multi-agent consensus
- **Codebase**: 4,000+ lines of production-ready Rust code
- **Architecture**: Multi-agent Byzantine fault-tolerant verification system
- **Standards Compliance**: W3C VC/DID, RFC 8032 (Ed25519)
- **Performance**: 10,000+ verifications/second with <5ms authorization chains

### Target State
- **Dual Protocol Support**: Both AP2 and ACP with protocol abstraction layer
- **ACP Core Features**: Checkout API, Delegated Payment Spec, Shared Payment Tokens
- **Enhanced Security**: SPT (Shared Payment Token) integration with existing Ed25519 infrastructure
- **OpenAPI Integration**: RESTful endpoints following ACP specification
- **Merchant Compatibility**: Support for Stripe and non-Stripe payment processors
- **Agent Interoperability**: Cross-protocol agent communication

## Protocol Comparison

### Google Agent Payments Protocol (AP2) - Current
**Focus**: Agent-to-agent secure transactions with mandate-based authorization
**Key Features**:
- Three-tier mandate system (Intent → Cart → Payment)
- Ed25519 cryptographic signatures
- W3C Verifiable Credentials and DID
- Multi-agent consensus with BFT
- Payment-agnostic (supports cards, crypto via x402 extension)
- Self-contained cryptographic verification

**Strengths**:
- Comprehensive agent identity and trust management
- Byzantine fault tolerance
- Flexible payment method support (including crypto)
- Industry-wide backing (60+ companies, Mastercard, Amex, PayPal)

**Current Status**: Specification released, not yet in consumer products

### Agentic Commerce Protocol (ACP) - Target
**Focus**: AI agent checkout flows with merchant/buyer interaction
**Key Features**:
- Checkout API with RESTful endpoints
- Delegated Payment Specification
- Shared Payment Tokens (SPT)
- Product feed integration
- Webhook-based order events
- Rich checkout state management

**Strengths**:
- Live in ChatGPT for U.S. shoppers (Etsy, Shopify)
- Co-developed by OpenAI and Stripe
- Immediate merchant adoption path
- Works across payment processors
- Focused on practical e-commerce flows

**Current Status**: Production deployment in ChatGPT

## Integration Strategy

### Phase 1: Protocol Abstraction Layer
Create a unified interface that supports both AP2 and ACP protocols:

```rust
pub enum PaymentProtocol {
    AP2,
    ACP,
}

pub trait PaymentProtocolHandler {
    async fn authorize_payment(&self, request: PaymentRequest) -> Result<Authorization>;
    async fn verify_credentials(&self, credentials: Credentials) -> Result<VerificationResult>;
    async fn process_checkout(&self, checkout: CheckoutRequest) -> Result<CheckoutResponse>;
}

pub struct UnifiedPaymentSystem {
    ap2_handler: Ap2Handler,
    acp_handler: AcpHandler,
    protocol_router: ProtocolRouter,
}
```

### Phase 2: ACP Core Implementation
Implement ACP-specific components:

1. **Checkout API**
   - RESTful endpoint implementations
   - Order state management
   - Webhook integration
   - Product feed support

2. **Shared Payment Token (SPT) Integration**
   - SPT structure and lifecycle management
   - Token scoping and time constraints
   - Integration with existing Ed25519 infrastructure
   - Credential delegation patterns

3. **Delegated Payment Specification**
   - Payment provider abstraction
   - Stripe SPT API integration
   - Support for non-Stripe processors
   - Payment method negotiation

### Phase 3: Cross-Protocol Interoperability
Enable agents to work across both protocols:

1. **Protocol Detection**
   - Automatic protocol identification
   - Graceful fallback mechanisms
   - Protocol capability negotiation

2. **Credential Translation**
   - AP2 mandate → ACP checkout mapping
   - Verifiable Credential → SPT conversion
   - DID → merchant identity mapping

3. **Unified Agent Interface**
   - Single API for agent developers
   - Protocol-agnostic payment flows
   - Transparent protocol selection

### Phase 4: OpenAPI and Standards Compliance
Implement ACP OpenAPI specifications:

1. **OpenAPI Schema Integration**
   - Generate Rust types from OpenAPI YAML
   - Implement required endpoints
   - Validate request/response schemas

2. **Webhook System**
   - Event-driven order notifications
   - Reliable delivery guarantees
   - Event replay and debugging

3. **Conformance Testing**
   - OpenAI conformance checks
   - Protocol validation suite
   - Certification requirements

## Technical Architecture

### Module Structure
```
crates/agentic-payments/src/
├── ap2/              # Existing AP2 implementation (keep as-is)
│   ├── credentials.rs
│   ├── mandates.rs
│   ├── did.rs
│   ├── verification.rs
│   └── mod.rs
├── acp/              # New ACP implementation
│   ├── checkout.rs       # Checkout API endpoints
│   ├── spt.rs           # Shared Payment Token
│   ├── delegate.rs      # Delegated Payment Spec
│   ├── webhooks.rs      # Webhook handlers
│   ├── product_feed.rs  # Product catalog
│   └── mod.rs
├── protocol/         # Protocol abstraction layer
│   ├── router.rs        # Protocol detection and routing
│   ├── translator.rs    # Cross-protocol translation
│   ├── unified.rs       # Unified API
│   └── mod.rs
├── openapi/          # OpenAPI integration
│   ├── schema.rs        # Generated types
│   ├── validation.rs    # Schema validation
│   └── mod.rs
└── lib.rs
```

### Data Flow

**AP2 Flow (Existing)**:
```
Agent Identity → Intent Mandate → Cart Mandate → Payment Mandate →
Multi-Agent Consensus → Ed25519 Verification → Authorization
```

**ACP Flow (New)**:
```
Product Feed → AI Agent Discovery → Checkout API Request →
Shared Payment Token → Delegated Payment → Order Webhooks → Completion
```

**Unified Flow**:
```
Agent Request → Protocol Detection → Route to Handler →
Execute Protocol-Specific Logic → Return Unified Response
```

## Key Design Decisions

### 1. Backward Compatibility
**Decision**: Keep AP2 implementation unchanged, add ACP as separate module
**Rationale**: Existing AP2 users continue to work, no breaking changes
**Impact**: Slightly larger codebase but safer migration path

### 2. Protocol Coexistence
**Decision**: Support both protocols simultaneously, not force migration
**Rationale**: Different use cases benefit from different protocols
- AP2: Agent-to-agent transactions, crypto payments, multi-issuer trust
- ACP: Merchant checkout, traditional e-commerce, ChatGPT integration

### 3. Shared Infrastructure
**Decision**: Reuse crypto, consensus, and agent infrastructure for both
**Rationale**: Both protocols use Ed25519 signatures and agent verification
**Shared Components**:
- Ed25519 signature verification
- Multi-agent consensus system
- Agent pool management
- Byzantine fault tolerance
- DID infrastructure (with ACP extensions)

### 4. OpenAPI-First for ACP
**Decision**: Generate Rust types from official ACP OpenAPI schemas
**Rationale**: Ensures specification compliance and automatic updates
**Tools**: `openapiv3`, `utoipa`, code generation tools

### 5. WASM Compatibility
**Decision**: Maintain full WASM support for both protocols
**Rationale**: Enable browser-based agents and lightweight deployments
**Considerations**:
- No tokio async runtime in WASM
- Use wasm-bindgen for JavaScript interop
- Browser-compatible crypto libraries

## Security Considerations

### Shared Payment Tokens (SPT)
1. **Time-Constrained Tokens**: Implement TTL with automatic expiration
2. **Scoped Authorization**: Limit SPT to specific merchants and amounts
3. **No Credential Exposure**: Never expose underlying payment credentials
4. **Ed25519 Integration**: Use existing signature infrastructure for SPT signing

### Cross-Protocol Security
1. **Protocol Isolation**: Prevent cross-protocol attacks
2. **Credential Translation Security**: Validate during AP2 ↔ ACP conversions
3. **Audit Trail**: Log all protocol transitions and translations
4. **Rate Limiting**: Per-protocol rate limits to prevent abuse

### Webhook Security
1. **Signature Verification**: Validate all webhook signatures
2. **Replay Protection**: Use nonces and timestamps
3. **HTTPS Only**: Enforce TLS for all webhook endpoints
4. **IP Allowlisting**: Optional IP-based restrictions

## Performance Requirements

### Latency Targets
- **Protocol Detection**: <1ms
- **AP2 Authorization**: <5ms (existing performance)
- **ACP Checkout API**: <50ms (network-bound)
- **SPT Generation**: <2ms
- **Protocol Translation**: <3ms

### Throughput Targets
- **AP2 Verifications**: 10,000+ ops/sec (existing)
- **ACP Checkout Requests**: 5,000+ ops/sec
- **Webhook Processing**: 10,000+ events/sec
- **Concurrent Protocols**: No degradation with both active

### Resource Utilization
- **Memory Overhead**: <50MB for ACP module
- **CPU Overhead**: <10% for protocol routing
- **WASM Bundle Size**: <500KB additional for ACP

## Testing Strategy

### Unit Tests
- [ ] ACP checkout API endpoint handlers
- [ ] SPT generation and validation
- [ ] Delegated payment processing
- [ ] Protocol detection and routing
- [ ] Cross-protocol translation
- [ ] Webhook signature verification

### Integration Tests
- [ ] Full AP2 → ACP translation flows
- [ ] End-to-end checkout with SPT
- [ ] Multi-protocol agent scenarios
- [ ] Webhook delivery and processing
- [ ] Protocol fallback mechanisms

### Conformance Tests
- [ ] OpenAI ACP conformance suite
- [ ] OpenAPI schema validation
- [ ] Stripe SPT integration tests
- [ ] Protocol specification compliance

### Performance Tests
- [ ] Protocol routing overhead benchmarks
- [ ] ACP checkout API latency tests
- [ ] Concurrent multi-protocol scenarios
- [ ] WASM bundle size and performance

### Security Tests
- [ ] SPT security properties
- [ ] Cross-protocol isolation
- [ ] Webhook signature validation
- [ ] Credential translation security
- [ ] Rate limiting effectiveness

## Migration Path for Existing Users

### For Current AP2 Users
1. **No Changes Required**: Existing AP2 code continues to work
2. **Opt-In ACP**: Enable ACP via feature flags
3. **Gradual Adoption**: Use unified API for new code
4. **Protocol Selection**: Choose protocol per-transaction

### For New Users
1. **Start with Unified API**: Protocol abstraction from day one
2. **Automatic Selection**: Let system choose optimal protocol
3. **Override When Needed**: Manual protocol selection available

## Success Metrics

### Technical Metrics
- ✅ All existing AP2 tests pass
- ✅ 90%+ ACP OpenAPI conformance
-<5% performance overhead for protocol abstraction
- ✅ Full WASM compatibility maintained
- ✅ Zero breaking changes to public API

### Business Metrics
- 🎯 Support ChatGPT Instant Checkout integration
- 🎯 Enable merchant adoption (Etsy, Shopify compatibility)
- 🎯 Maintain AP2 ecosystem support
- 🎯 Enable cross-protocol agent development

## Timeline and Milestones

See `implementation-roadmap.md` for detailed milestone breakdown.

**High-Level Timeline**:
- **Phase 1**: Protocol Abstraction (2-3 weeks)
- **Phase 2**: ACP Core Implementation (4-6 weeks)
- **Phase 3**: Cross-Protocol Interop (2-3 weeks)
- **Phase 4**: OpenAPI & Certification (2-3 weeks)
- **Total**: 10-15 weeks for full integration

## Risk Assessment

### Technical Risks
| Risk | Impact | Mitigation |
|------|--------|------------|
| OpenAPI spec changes | High | Pin to spec version, automated testing |
| Protocol conflicts | Medium | Strict isolation, comprehensive testing |
| Performance degradation | Medium | Benchmarking, optimization passes |
| WASM incompatibility | Low | Early WASM testing, feature flags |

### Business Risks
| Risk | Impact | Mitigation |
|------|--------|------------|
| ACP adoption delays | Low | Maintain AP2 as fallback |
| Spec fragmentation | Medium | Support both protocols long-term |
| Breaking changes | High | Backward compatibility guarantee |

## Next Steps

1. **Review and Approve**: Stakeholder sign-off on integration plan
2. **Prototype**: Build protocol abstraction layer POC
3. **OpenAPI Integration**: Generate types from ACP schemas
4. **Iterative Development**: Implement in phases with continuous testing
5. **Documentation**: Maintain both protocol documentation
6. **Community Engagement**: Contribute to ACP and AP2 specifications

## References

- [Agentic Commerce Protocol (GitHub)](https://github.com/agentic-commerce-protocol/agentic-commerce-protocol)
- [OpenAI Commerce Docs](https://developers.openai.com/commerce)
- [Stripe Agentic Commerce](https://docs.stripe.com/agentic-commerce)
- [Google AP2 Protocol](https://github.com/google-agentic-commerce/AP2)
- [Current AP2 Implementation](../AP2_IMPLEMENTATION.md)

---

**Document Version**: 1.0
**Last Updated**: 2025-09-29
**Status**: Draft - Pending Review