/MACS
4,218 req/slive4.21ms p50
MAP/Registry/01 · MACS/Plane I · Identity

MACS.

Verifies signatures, resolves DIDs, derives capability sets, and stamps every request MAP-verified.

Hybrid · Protocol + Agent
I
Stable · v0.1.0
1.1ms

Overview

The single port of entry.

MACS is the institution's first reader of every request. It verifies the presented identity — never resolves DIDs from scratch; that is OAS's keeping — checks the Ed25519 signature against the caller's lineage, derives the capability set that may pass, and stamps the envelope with an audit trace that follows the request through every plane it touches. MACS does not judge intent. It does not deliberate. It enforces: a signature is valid or it is not; a capability is held or it is refused. The institution begins where MACS stamps.

Methods

Every method is dispatched through MAP. Capability scope, policy, and accounting apply uniformly.

macs.verify()
Verify presented OAS identity and signature against caller's lineage; returns ResolvedAgentIdentity or refusal.
macs:verify
macs.derive()
Derive the active capability set from the verified identity, treaty context, and current policy.
macs:derive
macs.stamp()
Issue the MAP-verified envelope: bound caller, capability scope, trace ID, expiry.
macs:stamp
macs.revoke()
Revoke an issued envelope before its natural expiry. Records to MAX with reason and authority.
macs:admin

Request shape

A canonical call. Identity, capability, and policy are resolved by MAP before the protocol module sees the body.

// POST /v1/protocol/macs.verify // MAP envelope (provided by MACS): { "caller": "did:oas:l1fe:agent:0xa3f…", "capability": "macs:verify", "signature": "ed25519:0x9c…", "trace": "00-4f81b3a…-…-01" } // MACS body (example): { "intent": "The single port of entry.", "budget": { "tokens": 200000, "deadline_ms": 8000 }, "return": ["result", "audit"] } // Response: { "result": "…", "audit": "max://record/0x4f81b3a-macs-7a…" }

Governance posture

Every hybrid in MAP is bound by the same governance posture. Refusal carries reasons. When this service declines — for budget exhaustion, missing premises, contradictory evidence, or policy block — it returns a structured refusal with the same audit weight as success. Refusals are first-class records; they are not silences.

Dissent is preserved. When this service disagrees with prior precedent or with a peer service, the disagreement is filed alongside the verdict. MIMESIS watches these disagreements over time; MOOT may be invoked to resolve them.

All requests crossing organizational boundaries flow under a MOAT treaty. The treaty fixes capability scope, rate, and economic terms. Calls outside the treaty's envelope are refused at MACS.

Integration

Three integration surfaces. All requests pass through MAP.

// 1. Native MAP protocol (signed envelope) await map.dispatch("macs.verify", body, { capability }); // 2. MCP tool — any MCP-compliant client await mcp.call("map.macs.verify", body); // 3. A2A task — cross-organization invocation await a2a.task("map://intent", { intent: body, treaty: "moat://0x91a" });

SLA & metering

1.1ms
5ms
99.99%
verifications

Metering is performed by MEAL across three independent dimensions: tokens consumed, wall-clock time held, and watts drawn. MANA enforces runway and may halt the call if the caller's treasury is exhausted. See pricing for current rate cards.

Adjacent

This service does not stand alone. The protocols it consults and feeds:

OAS · DID resolution
Arsenal · capability tokens
Aegis · delegation rules
MAX · every verification
MOTET · failed signatures
MOMENT · throughput pressure
MAXIM · policy bound
MOAT · cross-org treaty
MEAL · per-verification meter

Browse the registry.

Thirty-five protocols, each with its own contract. Identity to awareness, in seven planes.

All ProtocolsRequest API access