Skip to content

[Hackathon] stellarminds-ai: capsule-emit trust layer — verifiable, anchored records for NANDA agents#54

Open
StevenMih wants to merge 3 commits into
projnanda:mainfrom
StevenMih:hackathon/capsule-trust
Open

[Hackathon] stellarminds-ai: capsule-emit trust layer — verifiable, anchored records for NANDA agents#54
StevenMih wants to merge 3 commits into
projnanda:mainfrom
StevenMih:hackathon/capsule-trust

Conversation

@StevenMih

Copy link
Copy Markdown

What this adds

capsule-emit-nanda — a drop-in NANDA trust plugin backed by the Agent Action Capsule spec (IETF draft). Every corroborated receipt triggers a capsule_emit.emit() call, sealing the reputation event to a tamper-evident ledger that any third party can independently verify — with zero changes to existing NANDA agent code.

A companion demo (StripeCapsuledPayments) shows the same capsule pattern applied to payment events.

How it works

NANDA scenario  →  ctx.plugins.get("trust").report(agent, evidence)
                →  CapsuleEmitTrust.report()
                →  capsule_emit.emit(action, operator, agent_input, agent_output, anchor=True)
                →  anchored to https://anchor.agentactioncapsule.org/v1/digest (live public log)
                →  capsule sealed to local JSONL ledger
                →  agent-action-capsule verify --store capsule_ledger.jsonl  ✔

Three gates before a receipt contributes to reputation:

  1. Valid — Ed25519 issuer signature verifies
  2. Corroborated — distinct counterparty co-signed the same interaction
  3. Anchored — a capsule was emitted and is present in the ledger

Gate 3 is the novel contribution: an agent whose interactions are never anchored gets zero reputation score even if their receipts are individually valid and corroborated. The capsule ledger is the authoritative, externally-auditable record.

Installable package

pip install -e examples/capsule-emit
# scenario.yaml
layers:
  trust: capsule_emit

Smoke tests

$ pytest examples/capsule-emit/tests/ -v
tests/test_smoke.py::test_trust_report_and_score  PASSED
tests/test_smoke.py::test_sandbox_pay             PASSED

Both plugins instantiate cleanly, exercise a happy path each, and sandbox mode runs without any Stripe credentials.

Files changed

Path Role
examples/capsule-emit/capsule_emit_nanda/trust.py CapsuleEmitTrust — NANDA Trust protocol implementation
examples/capsule-emit/capsule_emit_nanda/payments.py StripeCapsuledPayments — standalone payment demo
examples/capsule-emit/pyproject.toml Installable package config, entry-points
examples/capsule-emit/README.md Plugin docs
examples/capsule-emit/tests/test_smoke.py Smoke tests
examples/stripe-capsule-payment/README.md Stripe demo docs with protocol-conformance caveats

Demo clarifications

  • StripeCapsuledPayments is a standalone demo, not a conforming NANDA Payments protocol implementation. The NANDA Payments protocol requires pay(to, amount, ref) -> Receipt; this class uses a different signature. @runtime_checkable only checks method names, so an isinstance check will falsely pass — documented in the module docstring.
  • On the real-Stripe path, payee is not enforced at the Stripe level (no destination/transfer_data) — the capsule commits to the payer/payee pair by digest, but the charge does not route to the payee.

stevenmih and others added 3 commits June 21, 2026 20:28
Two new examples showing how capsule-emit integrates with NANDA Town:

1. examples/capsule-trust/ — Tutorial for using CapsuleEmitTrust
   (from pip install capsule-emit[nanda]) as a drop-in replacement for
   agent_receipts. Adds independently-verifiable capsule ledger to any
   scenario; ring-severance validators still pass. Includes the tax
   audit demo reference (biz_control vs biz_capsule — same cheat policy,
   only the record layer differs; capsule business learns to go honest).

2. examples/stripe-capsule-payment/ — Tutorial for wrapping the NANDA
   Payments layer with Stripe + capsule-emit. Every completed payment is
   sealed in an Agent Action Capsule whose agent_input_digest commits to
   amount, payer, and payee at call time — tamper-evident payment audit
   trail verifiable by any third party.

3. scenarios/receipt_reputation_capsule.yaml — receipt_reputation
   scenario with layers.trust: capsule_emit instead of agent_receipts.
   Run with: nest run scenarios/receipt_reputation_capsule.yaml then
   agent-action-capsule verify --store capsule_ledger.jsonl

Reference: https://github.com/action-state-group/capsule-emit

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Reworks PR projnanda#32 from docs-only to a working capability that users can
install and run. The gap: `pip install capsule-emit[nanda]` didn't
exist and `nest run scenarios/receipt_reputation_capsule.yaml` failed
for anyone who checked out the repo.

**What's new:**

`examples/capsule-emit/` — installable `capsule-emit-nanda` package
containing two real NANDA layer plugins with entry points:

- `trust: capsule_emit` → `CapsuleEmitTrust` — drop-in for
  `agent_receipts`; seals every corroborated receipt to an Agent
  Action Capsule ledger. Ring-severance logic identical; adds
  third-party auditability via `agent-action-capsule verify --store`.
- `payments: stripe_capsule` → `StripeCapsuledPayments` — Stripe
  (or deterministic sandbox by default) payments layer; every payment
  sealed with `agent_input_digest` committing to amount + payer/payee
  at call time. No real charges without `STRIPE_SECRET_KEY`.

**Updated:**

- `examples/capsule-trust/README.md` — capability-first; install now
  points at `pip install -e examples/capsule-emit` (the real package).
- `examples/stripe-capsule-payment/README.md` — capability-first with
  code pattern; sandbox vs real-Stripe instructions; IETF slug fixed.
- `scenarios/receipt_reputation_capsule.yaml` — install comment fixed
  to match the real package path.
- IETF slug corrected throughout: `draft-steele-agent-action-capsule`
  → `draft-mih-scitt-agent-action-capsule`.

After `pip install -e examples/capsule-emit`:
- `nest plugins list | grep -E "trust|payments"` shows both entries
- `nest run scenarios/receipt_reputation_capsule.yaml` succeeds
- `agent-action-capsule verify --store capsule_ledger.jsonl` exit 0

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…nding, smoke tests

- Relabel StripeCapsuledPayments as a standalone demo, not a drop-in
  NANDA Payments layer: update module docstring, class docstring, and
  both READMEs (stripe-capsule-payment + capsule-emit).
- Add payee caveat in module docstring and stripe-capsule-payment README:
  on the real-Stripe path payee is not enforced in the PaymentIntent
  (no destination/transfer), so the capsule commits to payer/payee by
  digest but the charge does not route to the payee.
- Fix money rounding: int(amount*100) -> round(amount*100) so $19.99
  charges 1999 cents instead of silently truncating to 1998.
- Add examples/capsule-emit/tests/test_smoke.py: instantiate both
  plugins, exercise one trust report/score + one sandbox pay (2 passed).
- Remove phantom sentinel comment in trust.py referencing the
  non-existent test_private_import_still_works test.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant