From 2444f58eca5736c3a110a76abd78994ea947092a Mon Sep 17 00:00:00 2001 From: vvillait88 Date: Tue, 5 May 2026 11:59:03 -0700 Subject: [PATCH 1/2] docs(llms-txt): correct Memory contract emission points (1.3.5) Auto-generated llms.txt's Memory contract section claimed first-encounter 403s emitted agent_memory; in practice the API emits on POST /v1/sessions success, POST /v1/credentials first-mint, POST /v1/credentials/wallets first-seen, AND on bootstrap missing_identity denials. Merchants emit on their 200 success bodies (store hand-rolls; martin uses firstEncounterAgentMemory). Update the auto-generated text to describe both the merchant-side 200 emit and the three AgentScore API emission points, so agents reading the SDK's auto-llms.txt see the same picture as agents reading martin's hand-curated llms.txt. Em-dash sweep on the surrounding identity section (4 instances replaced with colon / semicolon / parens). Co-Authored-By: Claude Opus 4.7 (1M context) --- agentscore_commerce/discovery/llms_txt.py | 19 +++++++++++-------- pyproject.toml | 2 +- uv.lock | 2 +- 3 files changed, 13 insertions(+), 10 deletions(-) diff --git a/agentscore_commerce/discovery/llms_txt.py b/agentscore_commerce/discovery/llms_txt.py index 106e296..d6f3eac 100644 --- a/agentscore_commerce/discovery/llms_txt.py +++ b/agentscore_commerce/discovery/llms_txt.py @@ -31,24 +31,27 @@ def llms_txt_identity_section(input: LlmsTxtIdentitySectionInput) -> str: compliance_note = f"\n\nCompliance: {', '.join(parts)}." return ( "## Choose your identity header\n\n" - "AgentScore provides cross-merchant identity — one KYC works for every AgentScore-gated endpoint, " + "AgentScore provides cross-merchant identity: one KYC works for every AgentScore-gated endpoint, " "no re-verification per site. Pick the right header based on how you plan to pay:\n\n" "- **Wallet-auth** (preferred for agents with a stable crypto wallet): send `X-Wallet-Address: 0x...`. " - "Only works on rails that carry a wallet signature — Tempo MPP and x402 EIP-3009. " + "Only works on rails that carry a wallet signature (Tempo MPP and x402 EIP-3009). " "The wallet you claim MUST sign the payment; we verify that the payment signer resolves to the same " "operator as the claimed wallet. No TTL, no rotation.\n" "- **Operator-token** (works for every rail): send `X-Operator-Token: opc_...`. Required when paying " "with Stripe SPT or card (those rails have no wallet signer). Reusable across every AgentScore " "merchant until the token expires.\n" - "- **Neither**: you'll get 403 with `verify_url` + `poll_secret` — complete the session flow once, " + "- **Neither**: you'll get 403 with `verify_url` + `poll_secret`; complete the session flow once, " "then reuse the credential (or any wallet that pays under it) forever.\n\n" "If you reach another AgentScore-gated endpoint in the future, the same credential and/or any " - "linked wallet already works — skip the session flow.\n\n" + "linked wallet already works; skip the session flow.\n\n" "## Memory contract\n\n" - "First-encounter 403 responses (and the POST /v1/sessions success body) include an `agent_memory` " - "block describing how AgentScore identity works across merchants. LLM-hosted agents should persist " - "its contents (the pattern, never secrets) so subsequent AgentScore-gated endpoints become " - f"returning-customer encounters.{compliance_note}" + "AgentScore-gated merchants emit an `agent_memory` block in their 200 success bodies " + "describing how AgentScore identity works across merchants. The AgentScore API's " + "POST /v1/sessions, POST /v1/credentials, and POST /v1/credentials/wallets first-mint " + "success bodies also include it. LLM-hosted agents should persist its contents (the " + "pattern, never secrets) so subsequent AgentScore-gated endpoints become returning-" + "customer encounters. The operator_token or linked wallet you use here is reusable " + f"everywhere.{compliance_note}" ) diff --git a/pyproject.toml b/pyproject.toml index b579cc6..5b5798b 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -4,7 +4,7 @@ build-backend = "hatchling.build" [project] name = "agentscore-commerce" -version = "1.3.4" +version = "1.3.5" description = "Agent commerce SDK for Python — identity middleware (FastAPI, Flask, Django, AIOHTTP, Sanic, ASGI) + payment helpers + 402 builders + discovery + Stripe multichain. The full merchant-side toolkit for AgentScore-powered agent commerce." readme = "README.md" license = "MIT" diff --git a/uv.lock b/uv.lock index 49b20fd..25f5b8f 100644 --- a/uv.lock +++ b/uv.lock @@ -10,7 +10,7 @@ resolution-markers = [ [[package]] name = "agentscore-commerce" -version = "1.3.4" +version = "1.3.5" source = { editable = "." } dependencies = [ { name = "agentscore-py" }, From 78649fb4935eb98c9baf685445a96bae2a771662 Mon Sep 17 00:00:00 2001 From: vvillait88 Date: Tue, 5 May 2026 12:18:00 -0700 Subject: [PATCH 2/2] chore: refresh uv.lock (django patch bump) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit uv lock --upgrade — only django moved (5.2.13→5.2.14, 6.0.4→6.0.5). Folds into the unreleased 1.3.5; version stays at 1.3.5. Co-Authored-By: Claude Opus 4.7 (1M context) --- uv.lock | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/uv.lock b/uv.lock index 25f5b8f..70688b1 100644 --- a/uv.lock +++ b/uv.lock @@ -25,8 +25,8 @@ coinbase = [ { name = "cdp-sdk" }, ] django = [ - { name = "django", version = "5.2.13", source = { registry = "https://pypi.org/simple" }, marker = "python_full_version < '3.12'" }, - { name = "django", version = "6.0.4", source = { registry = "https://pypi.org/simple" }, marker = "python_full_version >= '3.12'" }, + { name = "django", version = "5.2.14", source = { registry = "https://pypi.org/simple" }, marker = "python_full_version < '3.12'" }, + { name = "django", version = "6.0.5", source = { registry = "https://pypi.org/simple" }, marker = "python_full_version >= '3.12'" }, ] fastapi = [ { name = "fastapi" }, @@ -55,8 +55,8 @@ dev = [ { name = "aiohttp" }, { name = "anyio", extra = ["trio"] }, { name = "cdp-sdk" }, - { name = "django", version = "5.2.13", source = { registry = "https://pypi.org/simple" }, marker = "python_full_version < '3.12'" }, - { name = "django", version = "6.0.4", source = { registry = "https://pypi.org/simple" }, marker = "python_full_version >= '3.12'" }, + { name = "django", version = "5.2.14", source = { registry = "https://pypi.org/simple" }, marker = "python_full_version < '3.12'" }, + { name = "django", version = "6.0.5", source = { registry = "https://pypi.org/simple" }, marker = "python_full_version >= '3.12'" }, { name = "fastapi" }, { name = "flask" }, { name = "lefthook" }, @@ -1005,7 +1005,7 @@ wheels = [ [[package]] name = "django" -version = "5.2.13" +version = "5.2.14" source = { registry = "https://pypi.org/simple" } resolution-markers = [ "python_full_version < '3.12'", @@ -1015,14 +1015,14 @@ dependencies = [ { name = "sqlparse", marker = "python_full_version < '3.12'" }, { name = "tzdata", marker = "python_full_version < '3.12' and sys_platform == 'win32'" }, ] -sdist = { url = "https://files.pythonhosted.org/packages/1f/c5/c69e338eb2959f641045802e5ea87ca4bf5ac90c5fd08953ca10742fad51/django-5.2.13.tar.gz", hash = "sha256:a31589db5188d074c63f0945c3888fad104627dfcc236fb2b97f71f89da33bc4", size = 10890368, upload-time = "2026-04-07T14:02:15.072Z" } +sdist = { url = "https://files.pythonhosted.org/packages/65/95/95f7faa0950867afaa0bef2460c6263afd6a2c78cc9434046ed28160b015/django-5.2.14.tar.gz", hash = "sha256:58a63ba841662e5c686b57ba1fec52ddd68c0b93bd96ac3029d55728f00bf8a2", size = 10895118, upload-time = "2026-05-05T13:57:31.104Z" } wheels = [ - { url = "https://files.pythonhosted.org/packages/59/b1/51ab36b2eefcf8cdb9338c7188668a157e29e30306bfc98a379704c9e10d/django-5.2.13-py3-none-any.whl", hash = "sha256:5788fce61da23788a8ce6f02583765ab060d396720924789f97fa42119d37f7a", size = 8310982, upload-time = "2026-04-07T14:02:08.883Z" }, + { url = "https://files.pythonhosted.org/packages/14/44/f172870cf87aa25afef48fb72adba89ee8b77fcab6f3b23d240b923f1528/django-5.2.14-py3-none-any.whl", hash = "sha256:6f712143bd3064310d1f50fac859c3e9a274bdcfc9595339853be7779297fc76", size = 8311320, upload-time = "2026-05-05T13:57:25.795Z" }, ] [[package]] name = "django" -version = "6.0.4" +version = "6.0.5" source = { registry = "https://pypi.org/simple" } resolution-markers = [ "python_full_version >= '3.14'", @@ -1034,9 +1034,9 @@ dependencies = [ { name = "sqlparse", marker = "python_full_version >= '3.12'" }, { name = "tzdata", marker = "python_full_version >= '3.12' and sys_platform == 'win32'" }, ] -sdist = { url = "https://files.pythonhosted.org/packages/60/b9/4155091ad1788b38563bd77a7258c0834e8c12a7f56f6975deaf54f8b61d/django-6.0.4.tar.gz", hash = "sha256:8cfa2572b3f2768b2e84983cf3c4811877a01edb64e817986ec5d60751c113ac", size = 10907407, upload-time = "2026-04-07T13:55:44.961Z" } +sdist = { url = "https://files.pythonhosted.org/packages/5e/f1/bf85f0d29ef76abf901f193fe8fef4769d3da7794197832bc30151c071d8/django-6.0.5.tar.gz", hash = "sha256:bc6d6872e98a2864c836e42edd644b362db311147dd5aa8d5b82ba7a032f5269", size = 10924131, upload-time = "2026-05-05T13:54:39.329Z" } wheels = [ - { url = "https://files.pythonhosted.org/packages/e9/47/3d61d611609764aa71a37f7037b870e7bfb22937366974c4fd46cada7bab/django-6.0.4-py3-none-any.whl", hash = "sha256:14359c809fc16e8f81fd2b59d7d348e4d2d799da6840b10522b6edf7b8afc1da", size = 8368342, upload-time = "2026-04-07T13:55:37.999Z" }, + { url = "https://files.pythonhosted.org/packages/94/5b/1328f8b84fce040c404f76822bf8c57d254e368e8cbd8bd67ec2b26d75f5/django-6.0.5-py3-none-any.whl", hash = "sha256:9d58a7cb49244e74c8e161d5e403a46d6209f1009ba40f5a66d6aa0d0786a8f0", size = 8368680, upload-time = "2026-05-05T13:54:33.532Z" }, ] [[package]]