agentscore
diff --git a/‎README.md‎
Lines changed: 1 addition & 1 deletion b/‎README.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎agentscore_commerce/identity/ucp.py‎
Lines changed: 7 additions & 3 deletions b/‎agentscore_commerce/identity/ucp.py‎
Lines changed: 7 additions & 3 deletions
diff --git a/‎agentscore_commerce/identity/ucp_jwks.py‎
Lines changed: 8 additions & 5 deletions b/‎agentscore_commerce/identity/ucp_jwks.py‎
Lines changed: 8 additions & 5 deletions
diff --git a/‎pyproject.toml‎
Lines changed: 1 addition & 1 deletion b/‎pyproject.toml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎scripts/regenerate_cross_lang_fixtures.py‎
Lines changed: 263 additions & 0 deletions b/‎scripts/regenerate_cross_lang_fixtures.py‎
Lines changed: 263 additions & 0 deletions
diff --git a/‎tests/fixtures/cross-lang/node-capability.json‎
Lines changed: 4 additions & 4 deletions b/‎tests/fixtures/cross-lang/node-capability.json‎
Lines changed: 4 additions & 4 deletions
@@ -230,7 +230,7 @@ signed = sign_ucp_profile(profile.to_dict(), signing_key=key.private_key, kid=ke
 jwks = build_jwks_response([key.public_jwk])
 ```
 
-`verify_ucp_profile` enforces the JWS protected header `typ='ucp-profile+jws'`, restricts `alg` to `EdDSA`/`ES256`, requires a `kid`, rejects duplicate kids in the JWKS, and compares the canonical body bytes against the JWS payload to catch swap-after-sign tampering. Failures raise `UCPVerificationError` (a `ValueError` subclass) with a discriminated `code` attribute (`no_signature`/`missing_kid`/`kid_not_found`/`duplicate_kid`/`unsupported_alg`/`wrong_typ`/`signature_invalid`/`body_mismatch`/`malformed_jws`/`malformed_jwks`/`unusable_key`/`unrecognized_critical_header`).
+`verify_ucp_profile` enforces the JWS protected header `typ='agentscore-profile+jws'` (vendor-namespaced; UCP §6 does not define a profile-as-JWS typ), restricts `alg` to `EdDSA`/`ES256`, requires a `kid`, rejects duplicate kids in the JWKS, and compares the canonical body bytes against the JWS payload to catch swap-after-sign tampering. Failures raise `UCPVerificationError` (a `ValueError` subclass) with a discriminated `code` attribute (`no_signature`/`missing_kid`/`kid_not_found`/`duplicate_kid`/`unsupported_alg`/`wrong_typ`/`signature_invalid`/`body_mismatch`/`malformed_jws`/`malformed_jwks`/`unusable_key`/`unrecognized_critical_header`).
 
 `sign_ucp_profile` rejects profiles containing `float` values and `int` values whose magnitude exceeds `Number.MAX_SAFE_INTEGER` (2^53 - 1): cross-language float canonicalization is not stable, and Python's arbitrary-width ints lose precision when JS verifiers reparse the canonical body. Use decimal strings (e.g. `"9.99"`) for monetary or fractional fields and for any integer that may exceed the safe range.
 
 
@@ -28,7 +28,11 @@
 
 _DEFAULT_VERSION = "2026-04-17"
 _SPEC_URL = "https://ucp.dev/"
-AGENTSCORE_UCP_CAPABILITY = "agentscore-identity"
+# Reverse-DNS namespacing per UCP convention (``^[a-z][a-z0-9]*(?:\.[a-z][a-z0-9_]*)+$``).
+# The bare ``agentscore-identity`` form fails the spec regex; vendor-namespacing under the
+# ``sh.agentscore`` authority is honest about the capability being our extension, not a
+# UCP-canonical slot.
+AGENTSCORE_UCP_CAPABILITY = "sh.agentscore.identity"
 """Capability name AgentScore registers in the UCP profile. Consumers filter on this
 to find verified-buyer claims attached to the profile."""
 
@@ -241,7 +245,7 @@ def build_ucp_profile(
     """Compose a UCP profile body for ``/.well-known/ucp`` publication.
 
     Merges AgentScore identity claims into ``capabilities`` as an
-    ``agentscore-identity`` capability when ``data`` carries a resolved operator.
+    ``sh.agentscore.identity`` capability when ``data`` carries a resolved operator.
     Consumers reading the profile can opt into the AgentScore claims by filtering
     on the capability name.
 
@@ -325,7 +329,7 @@ async def ucp_profile():
             UCPCapability(
                 name=AGENTSCORE_UCP_CAPABILITY,
                 version=_AGENTSCORE_CAPABILITY_VERSION,
-                schema=agentscore_schema_url or "https://agentscore.sh/schemas/ucp/agentscore-identity.v1.json",
+                schema=agentscore_schema_url or "https://agentscore.sh/schemas/ucp/sh-agentscore-identity-v1.json",
                 extras={"claims": claims},
             ),
         )
 
@@ -39,7 +39,10 @@
 )
 
 _ALLOWED_ALGS = ("EdDSA", "ES256")
-_UCP_TYP = "ucp-profile+jws"
+# JWS protected header ``typ`` value. Vendor-namespaced because UCP §6 does not define
+# a profile-as-JWS typ; the value advertises that this signed envelope follows the
+# AgentScore extension semantics rather than a UCP-canonical signing convention.
+_PROFILE_TYP = "agentscore-profile+jws"
 
 _MAX_SAFE_INT = 2**53 - 1
 
@@ -307,7 +310,7 @@ def sign_ucp_profile(
         raise ValueError(msg)
 
     canonical_body = _canonicalize_profile(profile)
-    header = {"alg": alg, "kid": kid, "typ": _UCP_TYP}
+    header = {"alg": alg, "kid": kid, "typ": _PROFILE_TYP}
     # joserfc treats EdDSA as "not recommended" by default; UCP §6 explicitly accepts
     # both EdDSA and ES256, so allow both.
     registry = JWSRegistry(algorithms=list(_ALLOWED_ALGS))
@@ -347,7 +350,7 @@ def verify_ucp_profile(
     """Verify a signed UCP profile against a JWKS.
 
     Returns ``True`` when:
-      * the JWS protected header carries ``kid`` + ``typ='ucp-profile+jws'`` + a
+      * the JWS protected header carries ``kid`` + ``typ='agentscore-profile+jws'`` + a
         registered ``alg`` (EdDSA or ES256),
       * the JWKS contains exactly one key with the matching ``kid``,
       * the JWS signature validates against that key,
@@ -394,10 +397,10 @@ def verify_ucp_profile(
     # Pre-deserialize header checks — joserfc's deserialize_compact accepts kid-less
     # JWSs (it iterates the KeySet) so we enforce kid/typ/alg ourselves.
     header = _peek_jws_header(sig)
-    if header.get("typ") != _UCP_TYP:
+    if header.get("typ") != _PROFILE_TYP:
         raise UCPVerificationError(
             "wrong_typ",
-            f"UCP signature typ must be {_UCP_TYP!r}; got {header.get('typ')!r}.",
+            f"UCP signature typ must be {_PROFILE_TYP!r}; got {header.get('typ')!r}.",
         )
     if header.get("alg") not in _ALLOWED_ALGS:
         raise UCPVerificationError(
 
@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "agentscore-commerce"
-version = "1.3.7"
+version = "1.4.0"
 description = "Agent commerce SDK for Python — identity middleware (FastAPI, Flask, Django, AIOHTTP, Sanic, ASGI) + payment helpers + 402 builders + discovery + Stripe multichain. The full merchant-side toolkit for AgentScore-powered agent commerce."
 readme = "README.md"
 license = "MIT"
 
@@ -0,0 +1,263 @@
+"""Regenerate the full cross-lang fixture corpus (Python side).
+
+Writes all ``py-*.json`` fixtures under ``tests/fixtures/cross-lang/``. Used
+after a canonicalization-relevant change (typ rename, capability-name rename,
+schema-URL rename, key-sort tweak, etc.) where every JWS in the corpus needs
+to be re-signed.
+
+Each scenario hand-crafts the profile body, signs with a fresh keypair, and
+writes the ``{profile, jwks, alg, kid, generator}`` envelope. Cross-lang
+verify in ``tests/test_ucp_cross_lang.py`` (and the Node sibling) pulls these
+in alongside the ``node-*`` fixtures generated by the Node sibling.
+"""
+
+from __future__ import annotations
+
+import json
+from pathlib import Path
+from typing import Any
+
+from agentscore_commerce.identity import (
+    AssessResult,
+    OperatorVerification,
+    UCPCapability,
+    UCPPaymentHandler,
+    UCPService,
+    UCPSigningKey,
+    build_ucp_profile,
+)
+from agentscore_commerce.identity.ucp_jwks import (
+    build_jwks_response,
+    generate_ucp_signing_key,
+    sign_ucp_profile,
+)
+
+OUT_DIR = Path(__file__).resolve().parent.parent / "tests" / "fixtures" / "cross-lang"
+
+
+def _write(name: str, env: dict[str, Any]) -> None:
+    out = OUT_DIR / f"{name}.json"
+    out.write_text(json.dumps(env, indent=2, ensure_ascii=False) + "\n")
+    print(f"wrote {out}")
+
+
+def _envelope(signed: dict[str, Any], public_jwk: dict[str, Any], alg: str, kid: str) -> dict[str, Any]:
+    return {
+        "profile": signed,
+        "jwks": build_jwks_response([public_jwk]),
+        "alg": alg,
+        "kid": kid,
+        "generator": "python",
+    }
+
+
+def main() -> None:
+    # py-minimal
+    kid = "py-minimal-EdDSA"
+    key = generate_ucp_signing_key(kid=kid)
+    profile = build_ucp_profile(
+        name="Minimal Merchant",
+        services=[UCPService(type="rest", url="https://m.example.com")],
+        payment_handlers=[],
+        signing_keys=[UCPSigningKey.from_jwk(key.public_jwk)],
+    )
+    signed = sign_ucp_profile(profile.to_dict(), signing_key=key.private_key, kid=kid)
+    _write("py-minimal", _envelope(signed, key.public_jwk, "EdDSA", kid))
+
+    # py-es256-rails
+    kid = "py-es256-rails-ES256"
+    key = generate_ucp_signing_key(kid=kid, alg="ES256")
+    profile = build_ucp_profile(
+        name="ES256 Merchant",
+        services=[
+            UCPService(type="rest", url="https://a.example.com"),
+            UCPService(type="a2a", url="https://a.example.com/agent-card.json"),
+        ],
+        payment_handlers=[
+            UCPPaymentHandler(name="tempo", config={"rail": "tempo-mainnet", "chain_id": 4217}),
+            UCPPaymentHandler(name="x402", config={"networks": ["base-8453"]}),
+        ],
+        signing_keys=[UCPSigningKey.from_jwk(key.public_jwk)],
+    )
+    signed = sign_ucp_profile(profile.to_dict(), signing_key=key.private_key, kid=kid, alg="ES256")
+    _write("py-es256-rails", _envelope(signed, key.public_jwk, "ES256", kid))
+
+    # py-extras-int
+    kid = "py-extras-int-EdDSA"
+    key = generate_ucp_signing_key(kid=kid)
+    profile = build_ucp_profile(
+        name="Extras Merchant",
+        services=[UCPService(type="rest", url="https://e.example.com")],
+        payment_handlers=[UCPPaymentHandler(name="stripe", config={"profile_id": "abc", "count": 7})],
+        signing_keys=[UCPSigningKey.from_jwk(key.public_jwk)],
+    )
+    signed = sign_ucp_profile(profile.to_dict(), signing_key=key.private_key, kid=kid)
+    _write("py-extras-int", _envelope(signed, key.public_jwk, "EdDSA", kid))
+
+    # py-capability — hand-crafted vendor capability (renamed to
+    # sh.agentscore.identity to match the new namespace; the in-fixture name
+    # is independent of the SDK's auto-injection but consistency keeps the
+    # corpus honest about what callers should publish).
+    kid = "py-capability-EdDSA"
+    key = generate_ucp_signing_key(kid=kid)
+    profile = build_ucp_profile(
+        name="Capability Merchant",
+        services=[UCPService(type="rest", url="https://c.example.com")],
+        capabilities=[
+            UCPCapability(
+                name="sh.agentscore.identity",
+                schema="https://agentscore.sh/schema/identity/1",
+                version="1",
+                extras={"kyc_required": True},
+            ),
+        ],
+        payment_handlers=[
+            UCPPaymentHandler(name="tempo", config={"rail": "tempo-mainnet", "chain_id": 4217}),
+        ],
+        signing_keys=[UCPSigningKey.from_jwk(key.public_jwk)],
+    )
+    signed = sign_ucp_profile(profile.to_dict(), signing_key=key.private_key, kid=kid)
+    _write("py-capability", _envelope(signed, key.public_jwk, "EdDSA", kid))
+
+    # py-unicode
+    kid = "py-unicode-EdDSA"
+    key = generate_ucp_signing_key(kid=kid)
+    profile = build_ucp_profile(
+        name="Café 日本 🍷 Merchant",
+        services=[UCPService(type="rest", url="https://日本.example.com")],
+        payment_handlers=[UCPPaymentHandler(name="tempo", config={"note": "メモ"})],
+        signing_keys=[UCPSigningKey.from_jwk(key.public_jwk)],
+    )
+    signed = sign_ucp_profile(profile.to_dict(), signing_key=key.private_key, kid=kid)
+    _write("py-unicode", _envelope(signed, key.public_jwk, "EdDSA", kid))
+
+    # py-multikey — JWKS with two keys, signed by the newer one.
+    old_key = generate_ucp_signing_key(kid="py-multikey-old")
+    new_key = generate_ucp_signing_key(kid="py-multikey-new")
+    profile = build_ucp_profile(
+        name="Multi-Key Merchant",
+        services=[UCPService(type="rest", url="https://mk.example.com")],
+        payment_handlers=[UCPPaymentHandler(name="tempo", config={"rail": "tempo-mainnet"})],
+        signing_keys=[
+            UCPSigningKey.from_jwk(old_key.public_jwk),
+            UCPSigningKey.from_jwk(new_key.public_jwk),
+        ],
+    )
+    signed = sign_ucp_profile(profile.to_dict(), signing_key=new_key.private_key, kid="py-multikey-new")
+    _write(
+        "py-multikey",
+        {
+            "profile": signed,
+            "jwks": build_jwks_response([old_key.public_jwk, new_key.public_jwk]),
+            "alg": "EdDSA",
+            "kid": "py-multikey-new",
+            "generator": "python",
+        },
+    )
+
+    # py-emoji-keys — extras with non-ASCII object keys (BMP private use, CJK
+    # compatibility, supplementary plane). Exercises codepoint-vs-UTF-16 sort.
+    kid = "py-emoji-keys-EdDSA"
+    key = generate_ucp_signing_key(kid=kid)
+    profile = build_ucp_profile(
+        name="Emoji Keys Merchant",
+        services=[UCPService(type="rest", url="https://emoji.example.com")],
+        payment_handlers=[UCPPaymentHandler(name="tempo", config={})],
+        signing_keys=[UCPSigningKey.from_jwk(key.public_jwk)],
+        extras={
+            "extras": {
+                "a": 1,
+                "豈": 2,
+                "": 3,
+                "🍷": 4,
+            },
+        },
+    )
+    signed = sign_ucp_profile(profile.to_dict(), signing_key=key.private_key, kid=kid)
+    _write("py-emoji-keys", _envelope(signed, key.public_jwk, "EdDSA", kid))
+
+    # py-int-boundary — exercises Number.MAX_SAFE_INTEGER round-trip.
+    kid = "py-int-boundary-EdDSA"
+    key = generate_ucp_signing_key(kid=kid)
+    profile = build_ucp_profile(
+        name="Int Boundary Merchant",
+        services=[UCPService(type="rest", url="https://i.example.com")],
+        payment_handlers=[],
+        signing_keys=[UCPSigningKey.from_jwk(key.public_jwk)],
+        extras={
+            "extras": {
+                "max_safe_int": 9007199254740991,
+                "min_safe_int": -9007199254740991,
+                "small_int": 42,
+                "neg_small_int": -42,
+                "zero": 0,
+            },
+        },
+    )
+    signed = sign_ucp_profile(profile.to_dict(), signing_key=key.private_key, kid=kid)
+    _write("py-int-boundary", _envelope(signed, key.public_jwk, "EdDSA", kid))
+
+    # py-data-driven-claims — exercises the build_ucp_profile data path with
+    # API-shape "missing" sentinels (empty string + None). Both languages MUST
+    # emit identical canonical bytes for this input.
+    kid = "py-data-driven-claims-EdDSA"
+    key = generate_ucp_signing_key(kid=kid)
+    result = AssessResult(
+        allow=True,
+        resolved_operator="op_data_driven",
+        verify_url="https://agentscore.sh/verify/op_data_driven",
+        raw={
+            "account_verification": {
+                "kyc_level": "",
+                "sanctions_clear": False,
+                "age_bracket": None,
+                "jurisdiction": None,
+                "verified_at": None,
+            },
+        },
+    )
+    profile = build_ucp_profile(
+        name="Data Driven Claims Merchant",
+        services=[UCPService(type="rest", url="https://d.example.com")],
+        payment_handlers=[],
+        signing_keys=[UCPSigningKey.from_jwk(key.public_jwk)],
+        data=result,
+    )
+    signed = sign_ucp_profile(profile.to_dict(), signing_key=key.private_key, kid=kid)
+    _write("py-data-driven-claims", _envelope(signed, key.public_jwk, "EdDSA", kid))
+
+    # py-typed-claims — exercises the typed AssessResult fields (no raw
+    # fallback). Cross-lang parity check for the typed-field-only call site.
+    kid = "py-typed-claims-EdDSA"
+    key = generate_ucp_signing_key(kid=kid)
+    result = AssessResult(
+        allow=True,
+        resolved_operator="op_typed_claims",
+        verify_url="https://agentscore.sh/verify/op_typed_claims",
+        operator_verification=OperatorVerification(
+            level="enhanced",
+            operator_type="api",
+            verified_at="2026-04-01T00:00:00Z",
+        ),
+        account_verification={
+            "kyc_level": "enhanced",
+            "sanctions_clear": True,
+            "age_bracket": "21+",
+            "jurisdiction": "US",
+            "verified_at": "2026-04-01T00:00:00Z",
+        },
+        raw=None,
+    )
+    profile = build_ucp_profile(
+        name="Typed Claims Merchant",
+        services=[UCPService(type="rest", url="https://t.example.com")],
+        payment_handlers=[],
+        signing_keys=[UCPSigningKey.from_jwk(key.public_jwk)],
+        data=result,
+    )
+    signed = sign_ucp_profile(profile.to_dict(), signing_key=key.private_key, kid=kid)
+    _write("py-typed-claims", _envelope(signed, key.public_jwk, "EdDSA", kid))
+
+
+if __name__ == "__main__":
+    main()
@@ -10,7 +10,7 @@
     ],
     "capabilities": [
       {
-        "name": "agentscore-identity",
+        "name": "sh.agentscore.identity",
         "schema": "https://agentscore.sh/schema/identity/1",
         "version": "1",
         "kyc_required": true
@@ -32,11 +32,11 @@
         "use": "sig",
         "crv": "Ed25519",
         "kty": "OKP",
-        "x": "8zz-L1N_SZ0EUmciU1IzuxBuGd67MSg-OemKm6ofmgg"
+        "x": "kFgwv82ZN7H3jk9gHbUDTi6EZZeaUUBsLBgnfm8Mtog"
       }
     ],
     "name": "Capability Merchant",
-    "signature": "eyJhbGciOiJFZERTQSIsImtpZCI6Im5vZGUtY2FwYWJpbGl0eS1FZERTQSIsInR5cCI6InVjcC1wcm9maWxlK2p3cyJ9.eyJjYXBhYmlsaXRpZXMiOlt7Imt5Y19yZXF1aXJlZCI6dHJ1ZSwibmFtZSI6ImFnZW50c2NvcmUtaWRlbnRpdHkiLCJzY2hlbWEiOiJodHRwczovL2FnZW50c2NvcmUuc2gvc2NoZW1hL2lkZW50aXR5LzEiLCJ2ZXJzaW9uIjoiMSJ9XSwibmFtZSI6IkNhcGFiaWxpdHkgTWVyY2hhbnQiLCJwYXltZW50X2hhbmRsZXJzIjpbeyJjb25maWciOnsiY2hhaW5faWQiOjQyMTcsInJhaWwiOiJ0ZW1wby1tYWlubmV0In0sIm5hbWUiOiJ0ZW1wbyJ9XSwic2VydmljZXMiOlt7InR5cGUiOiJyZXN0IiwidXJsIjoiaHR0cHM6Ly9jLmV4YW1wbGUuY29tIn1dLCJzaWduaW5nX2tleXMiOlt7ImFsZyI6IkVkRFNBIiwiY3J2IjoiRWQyNTUxOSIsImtpZCI6Im5vZGUtY2FwYWJpbGl0eS1FZERTQSIsImt0eSI6Ik9LUCIsInVzZSI6InNpZyIsIngiOiI4enotTDFOX1NaMEVVbWNpVTFJenV4QnVHZDY3TVNnLU9lbUttNm9mbWdnIn1dLCJzcGVjIjoiaHR0cHM6Ly91Y3AuZGV2LyIsInZlcnNpb24iOiIyMDI2LTA0LTE3In0.YmiTy87alEbVfAEXYzXYkBrsbO_kHqgTSlv3gKuzy6Oere-pJl0PmZ8zGW2uTyjaGC9OFbjLUIzowY3jnJmGAg"
+    "signature": "eyJhbGciOiJFZERTQSIsImtpZCI6Im5vZGUtY2FwYWJpbGl0eS1FZERTQSIsInR5cCI6ImFnZW50c2NvcmUtcHJvZmlsZStqd3MifQ.eyJjYXBhYmlsaXRpZXMiOlt7Imt5Y19yZXF1aXJlZCI6dHJ1ZSwibmFtZSI6InNoLmFnZW50c2NvcmUuaWRlbnRpdHkiLCJzY2hlbWEiOiJodHRwczovL2FnZW50c2NvcmUuc2gvc2NoZW1hL2lkZW50aXR5LzEiLCJ2ZXJzaW9uIjoiMSJ9XSwibmFtZSI6IkNhcGFiaWxpdHkgTWVyY2hhbnQiLCJwYXltZW50X2hhbmRsZXJzIjpbeyJjb25maWciOnsiY2hhaW5faWQiOjQyMTcsInJhaWwiOiJ0ZW1wby1tYWlubmV0In0sIm5hbWUiOiJ0ZW1wbyJ9XSwic2VydmljZXMiOlt7InR5cGUiOiJyZXN0IiwidXJsIjoiaHR0cHM6Ly9jLmV4YW1wbGUuY29tIn1dLCJzaWduaW5nX2tleXMiOlt7ImFsZyI6IkVkRFNBIiwiY3J2IjoiRWQyNTUxOSIsImtpZCI6Im5vZGUtY2FwYWJpbGl0eS1FZERTQSIsImt0eSI6Ik9LUCIsInVzZSI6InNpZyIsIngiOiJrRmd3djgyWk43SDNqazlnSGJVRFRpNkVaWmVhVVVCc0xCZ25mbThNdG9nIn1dLCJzcGVjIjoiaHR0cHM6Ly91Y3AuZGV2LyIsInZlcnNpb24iOiIyMDI2LTA0LTE3In0.PIG6fQt84ZM1r08g7_vsl1Hhi6B385BFnPCKo7WkbsyjcpKFpvidTmwBjZ6auUzEOyag6IF0OmEz_8gotuEZAw"
   },
   "jwks": {
     "keys": [
@@ -46,7 +46,7 @@
         "use": "sig",
         "crv": "Ed25519",
         "kty": "OKP",
-        "x": "8zz-L1N_SZ0EUmciU1IzuxBuGd67MSg-OemKm6ofmgg"
+        "x": "kFgwv82ZN7H3jk9gHbUDTi6EZZeaUUBsLBgnfm8Mtog"
       }
     ]
   },