Hi — I'm working on OM World, a protocol for a decentralized intent economy. The ap2-rust implementation — canonical mandates + SD-JWT chains + JOSE crypto + A2A helpers + constraint verification in production-shape Rust — is the most rigorous AP2 implementation I've seen. Three design questions where your implementation experience would be valuable.
1. SD-JWT (and dSD-JWT) vs alternative mandate carriers
AP2 settles on SD-JWT for selective disclosure. The alternatives — JWS + claim filtering, COSE with redaction, ZK proofs over a Merkleized credential — each have different trust and verifier-cost profiles. What pushed AP2's choice in your view — interoperability with existing JWT tooling, the standard-track maturity of SD-JWT, or specific selective-disclosure semantics? And: have you hit cases where SD-JWT's expressiveness wasn't enough?
2. Constraint verification depth at the agent boundary
AP2 mandates carry constraints (merchant allowlist, max amount, expiry, currency). "Constraint verification" in your implementation — does it stop at structural validation (the constraint object parses, expiry is in the future), or extend to runtime evaluation (this specific transaction satisfies all of the mandate's constraints)? The latter is where the real safety value lives but also where implementations diverge.
3. A2A helpers — what's in and what's out of AP2 scope
You included A2A helpers in the AP2 implementation, which suggests practical coupling between the protocols. What's the boundary — is AP2 the authority + commerce layer and A2A the messaging substrate, or do the protocols overlap in some surface (both define agent identity, both define delegation)? The clean separation question is one we're hitting on the OM World side too.
The production-shape framing matters. Most spec-implementations stop at demo quality. Happy to share where OM World's Mandate primitive landed and would value cross-checking.
Hi — I'm working on OM World, a protocol for a decentralized intent economy. The ap2-rust implementation — canonical mandates + SD-JWT chains + JOSE crypto + A2A helpers + constraint verification in production-shape Rust — is the most rigorous AP2 implementation I've seen. Three design questions where your implementation experience would be valuable.
1. SD-JWT (and dSD-JWT) vs alternative mandate carriers
AP2 settles on SD-JWT for selective disclosure. The alternatives — JWS + claim filtering, COSE with redaction, ZK proofs over a Merkleized credential — each have different trust and verifier-cost profiles. What pushed AP2's choice in your view — interoperability with existing JWT tooling, the standard-track maturity of SD-JWT, or specific selective-disclosure semantics? And: have you hit cases where SD-JWT's expressiveness wasn't enough?
2. Constraint verification depth at the agent boundary
AP2 mandates carry constraints (merchant allowlist, max amount, expiry, currency). "Constraint verification" in your implementation — does it stop at structural validation (the constraint object parses, expiry is in the future), or extend to runtime evaluation (this specific transaction satisfies all of the mandate's constraints)? The latter is where the real safety value lives but also where implementations diverge.
3. A2A helpers — what's in and what's out of AP2 scope
You included A2A helpers in the AP2 implementation, which suggests practical coupling between the protocols. What's the boundary — is AP2 the authority + commerce layer and A2A the messaging substrate, or do the protocols overlap in some surface (both define agent identity, both define delegation)? The clean separation question is one we're hitting on the OM World side too.
The production-shape framing matters. Most spec-implementations stop at demo quality. Happy to share where OM World's Mandate primitive landed and would value cross-checking.