{"request_id":"req_ece804f4a3511eb8","protocol":"TrigGuard","protocol_version":"1.0","protocol_slug":"trigguard","authority":"trigguard-ai","version":"1.0","endpoints":{"well_known":"/.well-known/trigguard","verify_receipt":"/protocol/verify-receipt","verify_signature":"/protocol/verify-signature","status":"/protocol/status","capabilities":"/protocol/capabilities","test_vectors":"/protocol/test-vectors","receipt_schema":"/protocol/receipt-schema","metrics":"/protocol/metrics","metadata":"/protocol/metadata"},"execution_model":"deterministic_authority","decision_states":["PERMIT","DENY","SILENCE"],"guarantees":{"single_authority":true,"no_probabilistic_execution":true,"no_policy_bypass":true},"execution_surfaces":["data.export"],"execution_surfaces_planned":["deploy.release","config.change","artifact.publish","database.migrate","secret.access","identity.assert","authority.delegate","data.export","data.delete","policy.activate","tool.invoke","agent.execute","document.sign"],"surface_taxonomy":{"governance_doc":"docs/governance/SURFACE_TAXONOMY_DECISION.md","enforcement_model":{"runtime_dispatch":false,"enforcement_layer":"Execution Authorization Gateway (planned, see TG-EXECUTION-AUTH-01)","description":"execution_surfaces and execution_surfaces_planned are protocol-recognized surface identifiers. The current authority runtime (POST /protocol/verify-receipt, POST /protocol/verify-signature) does not dispatch per surface; it verifies receipt shape and signature regardless of the surface field. Presence in execution_surfaces means 'recognized vocabulary', not 'runtime-enforced'."},"naming_rule":{"shape":"<domain>.<action> (or <domain>.<object>.<action> when object is meaningfully distinct)","constraints":["infrastructure vocabulary, not personal or behavioral","industry-neutral; verticals map onto primitives in copy, not in the taxonomy","self-describing system operations"],"canonical_set_field":"execution_surfaces_planned","governance_section":"SURFACE_TAXONOMY_DECISION.md §9 (9a–9i)"},"anchor_surfaces":["authority.delegate","tool.invoke","data.export","deploy.release","document.sign"],"deprecations":{}},"receipt_verification":{"supported":true,"signature_algorithm":"rsa-sha256"},"sdk_support":["typescript"],"versioning":{"policy":"stable_urls","contract_version_field":"protocol_version","response_protocol_field":"protocol","response_type_field":"type (verify_receipt | verify_signature on POST /protocol/verify-*)","extensibility":{"additive_evolution":"New fields may appear without a URL change.","unknown_fields":"Clients must ignore JSON keys they do not recognize.","stable_core":"Verify responses always include type, protocol, protocol_version; preserve known required keys across upgrades."},"request_headers":["TrigGuard-Version (optional client pin, e.g. date or semver)","Accept: application/trigguard+json; version=… (optional)"],"note":"POST /protocol/verify-* paths stay fixed; evolve via additive fields and protocol_version. Never require exact key counts.","tracing":{"http_response_header":"X-TrigGuard-Request-Id","json_field":"request_id","note":"Same value in header and body when the function runs. Discovery GETs may be CDN-cached; body+header repeat until cache TTL (POST verify always fresh per invocation)."}},"last_updated":"2026-04-19T12:00:00.000Z"}