Public directory of AGP-compliant actors (vendors, planes, customers).
actors/— one signed JSON file per registered actor
Each entry includes:
- Actor identity (FQDN, vendor/plane/customer kind)
- Conformance level (L1, L2, L3)
- Public keys (Ed25519, with
key_idandpurpose) - Endpoints
- Signed CTS conformance report reference
- Run
agp-ctsagainst your endpoint to produce a signed conformance report. - Copy
actors/example.openagp.io.jsontoactors/<your-fqdn>.jsonand replace the identity, public keys, endpoints, and conformance report with your own. The file MUST be named for your FQDN — CI rejects a mismatch between the filename andactor.fqdn. - Sign the entry with one of the keys you listed in
public_keys(see "Signing your entry" below). The entry followsschemas/actor.json. - Open a PR.
- A maintainer verifies the conformance report's signature, schema validity, and endpoint reachability, then merges.
Registry entries are self-signed: you sign your own entry with one of the Ed25519 keys it advertises, exactly as you sign AGP events — ADR 0001 (RFC 8785 JCS + Ed25519). The reference SDKs use one signing protocol for every message kind:
from openagp.events import sign # same signing protocol used for events and policies
import json
entry = json.load(open("actors/your-fqdn.json")) # authored without signature.value
signed = sign(entry, private_key_b64=YOUR_KEY, key_id="your-key-2026", kind="actor")
json.dump(signed, open("actors/your-fqdn.json", "w"), indent=2)actors/example.openagp.io.json is a complete, schema-valid, correctly-signed reference entry you can diff against. Its keypair is a fixed example seed — do not reuse it; generate your own.
Entries are themselves signed. A registry merge is an attestation that the entry is well-formed and the conformance report is valid — not an endorsement of the actor's product. Anyone can mirror this registry; verification works without the central index.
Before opening a PR, run the same checks CI does:
# Clone the spec sibling — the actor schema (once it lands) lives there.
git clone https://github.com/openagp/spec ../spec
# Parse and structurally validate every actor entry.
python - <<'PY'
import json, pathlib
for f in pathlib.Path("actors").glob("*.json"):
json.loads(f.read_text())
print(f"OK {f}")
PY
# Once spec/schemas/actor.json exists, also run:
# python -m jsonschema -i actors/your-domain.json ../spec/schemas/actor.jsonThe CI workflow at .github/workflows/validate-entries.yml runs the authoritative checks — match that locally for fewer round-trips.
See CONTRIBUTING.md at the org level for DCO sign-off and PR conventions, and SUPPORT.md for where to ask questions.
Registry data is published under CC0 — no rights reserved. Your contributed entry includes your own signed claims; CC0 applies to the index, not to the cryptographic claims you make in your own entry.