Build agent-native products on Accords.
CLP, AccordsVault, and AccordsConnectors are open source. Apache 2.0. Clone the repo, run locally, ship in weeks.
The governance layer for agent commerce can't be owned by one company. That's the point.
Three commands.
git clone https://github.com/accordsai/contractlane cd contractlane
npm install
npm run dev
Three primitives, one system.
Every action ends in one of these.
A receipt binds what was asked, what policy allowed, what credential was granted, and what actually ran — into one content-addressed bundle a third party can check without trusting your logs. The hash on this specimen is real; compute it yourself.
- ACTION
- Book SFO→JFK Mar 15 morning, under $400
- POLICY
- Travel policy: $400 cap, preferred carriers
- GRANT
- Releasing scoped payment credential
- OUTCOME
- Confirmed UA1438 · 9:42am · $389 · Receipt filed
Illustrative specimen of an Accords action receipt. The bundle hash is the real SHA-256 of this specimen’s fields — verify it yourself. Signed, verifiable receipts are what the runtime emits; this page only claims the shape.
Reference implementation, coming soon.
When it ships, its Accords integration will live in the same repos — so builders can see a real product using every primitive end to end.
Questions builders ask.
§ 01What is Accords?
Accords governs what agents do on the open internet. It is the permission layer and runtime for AI agents acting across organizations — agents receive scoped, time-boxed authorization instead of raw credentials, every action is checked against policy before it runs, and every action emits a signed receipt.
§ 02What is the Contract Lane Protocol (CLP)?
CLP is the open wire protocol underneath the stack: JSON schemas for agent actions, typed connectors, and signed receipts that bind signatures, authorization, and payment events into portable, content-addressed proof bundles. Apache 2.0, with SDKs in Go, Python, and TypeScript.
§ 03What is a deterministic execution boundary?
A layer between the agent and every privileged system. The agent submits a typed intent; policy is evaluated in code — amount ceilings, counterparty allowlists, cumulative limits, approval thresholds — before anything executes. Deterministic means the check cannot be argued with: an out-of-policy request is not refused politely, it does not execute.
§ 04How is this different from a secrets manager?
A secrets manager stores credentials and hands them to whatever is authorized to fetch them — so your agent still ends up holding the secret, and anything that compromises the agent holds it too. Accords never gives the agent the credential: the agent gets permission for one action at a time, the runtime executes with a short-lived scoped credential, and the secret never enters the model's context.
§ 05How is this different from an API gateway?
A gateway filters traffic in-line — it sees requests, not authority. It can rate-limit and inspect, but it cannot tell an authorized action from an authorized credential being misused. Accords decides whether each action is permitted before it exists, and proves what ran afterward with a signed receipt.
§ 06Does Accords replace OAuth?
No — it composes with it. OAuth scopes grant access to a resource surface; Accords governs actions within it: which operation, what amount, how often, approved by whom. Scopes answer what a credential can reach. Accords answers what an agent may do, right now, within what limits.
§ 07What exists today?
The CLP spec (v1.0.0, Apache 2.0) with Go, Python, and TypeScript SDKs, and the AccordsVault MCP server (Go) with connector, plan, and approval tools — all public on GitHub. Duffel is in integration today.
§ 08How do agents prove what they did?
Every action emits a receipt: signed, content-addressed, binding the policy reference, the authorization grant, and the execution outcome. A third party — an auditor, a counterparty — can verify it offline, without trusting anyone's logs.