{
  "tool_id": "art-22-agentic-payments-protocol-comparator",
  "note": "golden_hash is empty until first `node golden-parity.test.mjs --update`.",
  "vectors": [
    {
      "name": "minimal",
      "policy_parameters": {
        "protocols": [
          "ap2",
          "acp"
        ],
        "scenario": "cross_merchant"
      },
      "output_payload": {
        "protocols_compared": [
          "ap2",
          "acp"
        ],
        "protocol_names": [
          "AP2",
          "ACP"
        ],
        "scenario": "cross_merchant",
        "protocols_detail": [
          {
            "id": "ap2",
            "name": "AP2",
            "sub": "Agent Payments Protocol",
            "backer": "Google → donated to FIDO Alliance (2026)",
            "artifact": "Checkout Mandate + Payment Mandate, expressed as Verifiable Digital Credentials (VDCs)",
            "signed": "Cryptographically signed VDCs; Open→Closed mandate chain",
            "scope": "Cart + amount + payment instrument, bound at the Closed stage",
            "rail": "Rail-agnostic — cards today; x402/stablecoin via the A2A x402 extension",
            "identity": "FIDO / verifiable credentials; rides on A2A",
            "audit": "Strong — non-repudiable chained VDC audit trail",
            "status": "v0.2; donated to FIDO Alliance (~Apr 2026)"
          },
          {
            "id": "acp",
            "name": "ACP",
            "sub": "Agentic Commerce Protocol (Shared Payment Token)",
            "backer": "OpenAI + Stripe",
            "artifact": "Shared Payment Token (SPT) + Agentic Checkout session objects",
            "signed": "Delegated authorization (OAuth 2.0); PSP-issued SPT",
            "scope": "Single-use SPT scoped to merchant + cart total",
            "rail": "Card via any compatible PSP (Stripe first); merchant stays merchant of record",
            "identity": "OAuth 2.0 delegated auth",
            "audit": "Order/session objects; PSP transaction record",
            "status": "beta; spec dated 2026-04-17"
          }
        ],
        "crosswalk": [
          {
            "concept": "Authorization artifact",
            "values": {
              "ap2": "Payment Mandate (VDC)",
              "acp": "Shared Payment Token"
            }
          },
          {
            "concept": "Proof of user intent",
            "values": {
              "ap2": "Signed mandate chain",
              "acp": "OAuth delegation + SPT"
            }
          },
          {
            "concept": "Scope unit",
            "values": {
              "ap2": "Cart + amount",
              "acp": "Merchant + cart total"
            }
          },
          {
            "concept": "Settlement medium",
            "values": {
              "ap2": "Card or stablecoin",
              "acp": "Card via PSP"
            }
          },
          {
            "concept": "Identity / trust root",
            "values": {
              "ap2": "FIDO / VDC",
              "acp": "OAuth 2.0"
            }
          }
        ],
        "recommendation": {
          "primary_pick": [
            "ap2"
          ],
          "primary_names": [
            "AP2"
          ],
          "also_consider": [
            "acp"
          ],
          "also_names": [
            "ACP"
          ],
          "rationale": "A rail-agnostic, non-repudiable mandate chain across merchants is AP2's core design (Checkout + Payment Mandate VDCs). ACP fits if you are standardising on the OpenAI/Stripe checkout surface."
        },
        "note": "Orientation snapshot only — verify every field against the cited primary source. Specs version monthly."
      },
      "golden_hash": "cb19712b21d544ae4a8b8c19a59ae1ca3c235a8bc6f4ede0804872ac870d03f8"
    },
    {
      "name": "mpp_all_rails_subscription",
      "policy_parameters": {
        "protocols": [
          "ap2",
          "acp",
          "x402",
          "tap",
          "mc",
          "mpp"
        ],
        "scenario": "agent_subscription"
      },
      "output_payload": {
        "protocols_compared": [
          "ap2",
          "acp",
          "x402",
          "tap",
          "mc",
          "mpp"
        ],
        "protocol_names": [
          "AP2",
          "ACP",
          "x402",
          "Visa TAP",
          "MC Agent Pay",
          "MPP"
        ],
        "scenario": "agent_subscription",
        "protocols_detail": [
          {
            "id": "ap2",
            "name": "AP2",
            "sub": "Agent Payments Protocol",
            "backer": "Google → donated to FIDO Alliance (2026)",
            "artifact": "Checkout Mandate + Payment Mandate, expressed as Verifiable Digital Credentials (VDCs)",
            "signed": "Cryptographically signed VDCs; Open→Closed mandate chain",
            "scope": "Cart + amount + payment instrument, bound at the Closed stage",
            "rail": "Rail-agnostic — cards today; x402/stablecoin via the A2A x402 extension",
            "identity": "FIDO / verifiable credentials; rides on A2A",
            "audit": "Strong — non-repudiable chained VDC audit trail",
            "status": "v0.2; donated to FIDO Alliance (~Apr 2026)"
          },
          {
            "id": "acp",
            "name": "ACP",
            "sub": "Agentic Commerce Protocol (Shared Payment Token)",
            "backer": "OpenAI + Stripe",
            "artifact": "Shared Payment Token (SPT) + Agentic Checkout session objects",
            "signed": "Delegated authorization (OAuth 2.0); PSP-issued SPT",
            "scope": "Single-use SPT scoped to merchant + cart total",
            "rail": "Card via any compatible PSP (Stripe first); merchant stays merchant of record",
            "identity": "OAuth 2.0 delegated auth",
            "audit": "Order/session objects; PSP transaction record",
            "status": "beta; spec dated 2026-04-17"
          },
          {
            "id": "x402",
            "name": "x402",
            "sub": "HTTP 402 payment protocol",
            "backer": "Coinbase → x402 Foundation (Linux Foundation)",
            "artifact": "PaymentRequired + PaymentPayload objects in HTTP headers",
            "signed": "Client-signed PaymentPayload (wallet signature)",
            "scope": "Exact amount per scheme (exact); metered \"upto\" planned",
            "rail": "Stablecoin on-chain (USDC) — Base, Polygon, Arbitrum, Solana, World",
            "identity": "Wallet keypair; facilitator /verify + /settle",
            "audit": "Inherent — on-chain settlement record",
            "status": "Linux Foundation project (formalized ~Apr 2026)"
          },
          {
            "id": "tap",
            "name": "Visa TAP",
            "sub": "Visa Trusted Agent Protocol",
            "backer": "Visa (Intelligent Commerce)",
            "artifact": "Scoped Visa tokenised credential + HTTP message signatures",
            "signed": "HTTP Message Signatures (RFC 9421); 3 signatures incl. agent-recognition",
            "scope": "Merchant scope via the issued tokenised credential",
            "rail": "Visa card network",
            "identity": "RFC 9421 / aligned with Web Bot Auth",
            "audit": "Signature timestamps, session id, kid for replay protection",
            "status": "Introduced ~Oct 2025; on Visa Developer + GitHub"
          },
          {
            "id": "mc",
            "name": "MC Agent Pay",
            "sub": "Mastercard Agent Pay (Agentic Tokens)",
            "backer": "Mastercard (MDES)",
            "artifact": "Agentic Token (tokenised card credential via MDES)",
            "signed": "Token bound to agent id + merchant scope + consent policy",
            "scope": "Agent + merchant + consent policy bindings",
            "rail": "Mastercard card network",
            "identity": "MDES tokenisation",
            "audit": "Network transaction record + token provenance",
            "status": "Announced Apr 2025; first live txn Sep 2025"
          },
          {
            "id": "mpp",
            "name": "MPP",
            "sub": "Machine Payments Protocol (Tempo)",
            "backer": "Tempo (Stripe + Paradigm); co-authored by Stripe",
            "artifact": "Session object (charge / session / subscription) with a pre-authorized spend cap",
            "signed": "Access-key-scoped, pre-authorized session; streamed micropayments within the cap",
            "scope": "Spend cap + cadence/expiry, bound at session grant; per-draw within envelope",
            "rail": "Multi-rail — stablecoins on Tempo (TIP-20), cards via Stripe, Bitcoin via Lightning",
            "identity": "Access keys / scoped session keys (\"OAuth of payments\")",
            "audit": "Session draw ledger; per-cycle reconciliation against the authorized envelope",
            "status": "Tempo mainnet live Mar 2026; MPP open standard"
          }
        ],
        "crosswalk": [
          {
            "concept": "Authorization artifact",
            "values": {
              "ap2": "Payment Mandate (VDC)",
              "acp": "Shared Payment Token",
              "x402": "PaymentPayload",
              "tap": "Tokenised credential + signature",
              "mc": "Agentic Token",
              "mpp": "Session (charge/session/subscription)"
            }
          },
          {
            "concept": "Proof of user intent",
            "values": {
              "ap2": "Signed mandate chain",
              "acp": "OAuth delegation + SPT",
              "x402": "Wallet signature",
              "tap": "Cardholder consent + token",
              "mc": "Consent policy in token",
              "mpp": "Pre-authorized spend cap + access key"
            }
          },
          {
            "concept": "Scope unit",
            "values": {
              "ap2": "Cart + amount",
              "acp": "Merchant + cart total",
              "x402": "Exact amount",
              "tap": "Merchant scope",
              "mc": "Agent + merchant + consent",
              "mpp": "Spend cap + cadence/expiry"
            }
          },
          {
            "concept": "Settlement medium",
            "values": {
              "ap2": "Card or stablecoin",
              "acp": "Card via PSP",
              "x402": "USDC on-chain",
              "tap": "Visa rails",
              "mc": "Mastercard rails",
              "mpp": "Stablecoin (Tempo) / card / Lightning"
            }
          },
          {
            "concept": "Identity / trust root",
            "values": {
              "ap2": "FIDO / VDC",
              "acp": "OAuth 2.0",
              "x402": "Wallet key",
              "tap": "RFC 9421 / Web Bot Auth",
              "mc": "MDES token",
              "mpp": "Access keys / scoped session keys"
            }
          }
        ],
        "recommendation": {
          "primary_pick": [
            "mpp"
          ],
          "primary_names": [
            "MPP"
          ],
          "also_consider": [
            "ap2"
          ],
          "also_names": [
            "AP2"
          ],
          "rationale": "Recurring or streamed agent spend under a single pre-authorization is Tempo MPP's subscription/session model (spend cap + cadence, streamed micro-draws, per-cycle reconciliation). AP2 can supply the verifiable mandate envelope around it."
        },
        "note": "Orientation snapshot only — verify every field against the cited primary source. Specs version monthly."
      },
      "golden_hash": "ce2c0b3e889088b019214f5445963705898fb4446bca619b0a142cb59c18acc2"
    }
  ]
}
