Context
The A2A delegation-link field has landed in agentrust-io/trace-spec#80, and the public delegation verifier API has landed in agentrust-io/agent-manifest#218. cA2A also now has a conformance suite from #28.
A useful follow-up would be fixture-style conformance coverage that connects these pieces to offline-verifiable action evidence:
delegation block -> public delegation verifier -> TRACE/action receipt evidence
This would line up with the action receipt discussion in agentrust-io/trace-spec#66 and the embodied action receipt example in agentrust-io/examples#36.
Proposed fixture cases
MUST-level cases:
- valid root -> delegated child TRACE record, with
delegation.parent_record_hash matching the canonical parent record hash
- valid
delegation.credential_id that resolves through the public agent-manifest delegation verifier
- parent record present but canonical hash mismatch
- missing parent record for a non-root delegated hop
- delegation credential id unknown to the verifier
- delegation credential signature invalid
- delegation credential expired or not yet valid
- delegatee/session/channel binding mismatch
- requested action outside the effective delegated scope
- valid delegation chain with local policy denial, reported as valid provenance plus authorization/policy denial rather than malformed evidence
SHOULD-level cases:
- multi-hop attenuation where each hop narrows scope
- attempted scope widening at an intermediate hop
- valid negative outcome, such as delegated action rejected by the controller, treated as useful evidence rather than verifier failure
- external subject identifier/digest present for cross-system resolution, but not dereferenced by base TRACE verification
Boundary
The verifier should distinguish three classes of result:
- provenance invalid: malformed delegation block, bad hash, unknown credential, invalid signature, broken binding
- authorization invalid: valid delegation evidence, but requested action is outside delegated scope
- valid negative outcome: delegation/action was well evidenced, but local policy/controller denied or rejected the action
That boundary keeps cA2A compatible with embodied/action evidence: the system can prove what was authorized and attempted without claiming that the physical or business-world outcome succeeded.
I can help with the fixture shape or a follow-up PR once the preferred fixture location/API surface is clear.
Context
The A2A delegation-link field has landed in agentrust-io/trace-spec#80, and the public delegation verifier API has landed in agentrust-io/agent-manifest#218. cA2A also now has a conformance suite from #28.
A useful follow-up would be fixture-style conformance coverage that connects these pieces to offline-verifiable action evidence:
This would line up with the action receipt discussion in agentrust-io/trace-spec#66 and the embodied action receipt example in agentrust-io/examples#36.
Proposed fixture cases
MUST-level cases:
delegation.parent_record_hashmatching the canonical parent record hashdelegation.credential_idthat resolves through the publicagent-manifestdelegation verifierSHOULD-level cases:
Boundary
The verifier should distinguish three classes of result:
That boundary keeps cA2A compatible with embodied/action evidence: the system can prove what was authorized and attempted without claiming that the physical or business-world outcome succeeded.
I can help with the fixture shape or a follow-up PR once the preferred fixture location/API surface is clear.