Constraint Net is a discovery, planning, consent, execution, and receipt protocol for agent-safe actions.
The core idea is simple: agents should not scrape pages or blindly call APIs for side-effectful work. They should discover publisher-declared capabilities, plan a coherent path under constraints, ask for consent when risk requires it, execute with replay protection, and return receipts that can be verified later.
Publishers expose an actions manifest at:
https://<publisher-domain>/.well-known/constraint-net/actions.json
The manifest declares actions, schemas, planning metadata, risk tier, reversibility, confirmation policy, OpenAPI bindings, key discovery, and signatures.
- Manifests must validate against schema version
0.1. - Manifests must be active, unexpired, and signed.
- The manifest publisher domain must match the discovered domain.
- Tier 2 side effects must be reversible and require confirmation.
- Side-effectful OpenAPI actions must require idempotency.
- Execution must pin the manifest digest observed at preflight.
- Discover a publisher manifest.
- Validate and ingest it.
- Plan a capability path from the user goal.
- Preflight a selected step.
- Ask the user to confirm Tier 2 side effects.
- Execute with an idempotency key.
- Verify intent, consent, and execution receipts.
POST /v1/manifestsPOST /v1/manifests/ingest-urlPOST /v1/actions/searchPOST /v1/executions/preflightPOST /v1/confirmations/:id/decisionPOST /v1/executionsGET /v1/receipts/:idPOST /v1/receipts/verify