Skip to content
TruCore logoTruCore

Schema

ATF Permit Schema v1

This page documents a versioned demo permit shape for ATF integrations. It is designed to be clear, copyable, and deterministic for evaluation and receipts.

Overview

A permit in ATF is a compact authorization envelope for one financial action under explicit constraints. Integrations send policy-relevant fields in a stable shape so ATF can evaluate requests consistently.

This is a documentation artifact for developer onboarding. It does not claim that every field shown below is enforced in every production environment.

Schema

{
  "version": "v1",
  "issuer": "demo",
  "subject": { "type": "agent", "id": "agent_demo" },
  "action": "swap",
  "constraints": {
    "amount_max": 1000,
    "max_slippage_bps": 300,
    "ttl_seconds_max": 300,
    "protocol_allowlist": ["jupiter", "orca", "raydium"]
  },
  "nonce": "demo-nonce-0001",
  "issued_at": "2026-02-24T00:00:00Z",
  "expires_at": "2026-02-24T00:05:00Z"
}

Permit example

Copyable permit JSON

{
  "version": "v1",
  "issuer": "demo",
  "subject": { "type": "agent", "id": "agent_demo" },
  "action": "swap",
  "constraints": {
    "amount_max": 1000,
    "max_slippage_bps": 300,
    "ttl_seconds_max": 300,
    "protocol_allowlist": ["jupiter", "orca", "raydium"]
  },
  "nonce": "demo-nonce-0001",
  "issued_at": "2026-02-24T00:00:00Z",
  "expires_at": "2026-02-24T00:05:00Z"
}

Demo schema example for local integration and simulator requests.

Field explanations

  • version, schema contract identifier. This page documents v1.
  • issuer, source namespace for the permit payload, such as demo.
  • subject, principal authorized to act, including typed identity.
  • action, operation category being requested, such as swap.
  • constraints, execution bounds including amount, slippage, TTL cap, and protocol allowlist.
  • nonce, uniqueness token for replay resistance.
  • issued_at and expires_at, explicit validity window for time-bound execution.

Deterministic evaluation contract

ATF evaluates this contract deterministically. The same effective input and policy context returns the same decision and the same receipt_hash.

Deterministic checks and receipt hashes make financial decisions inspectable and reproducible for audit, incident review, and integration testing.

Versioning

Compatibility promise for v1, changes within v1 remain backward compatible for documented fields and semantics.

Future versions are introduced with explicit version identifiers, migration notes, and side-by-side documentation before v1 deprecation timelines are announced.

Links