AACP v0.1 — the first runnable conformance kit for proving an AI agent never acts outside its authorization AACP v0.1 —— 首套"证明 AI 智能体不越权"的可跑符合性套件
Super-apps are wiring AI agents onto payment and investment rails. Booking a ride is harmless; letting an agent move money is not — and the bottleneck to launch is no longer model capability, it's the uncertain time the compliance process takes.超级 App 正把 AI 智能体接入支付与理财轨道。帮你打车、点咖啡不可怕;可怕的是一旦智能体能动钱——买基金、转账——卡住上线的不再是模型能力,而是"合规流程所需时间不确定"。
China's three-ministry policy (May 2026) already requires that agents "must not exceed the scope of user authorization," that users keep "the right to know and the final decision," that operations be "traceable," and calls for a trusted certification standard system. The mandate exists; an operational, testable standard does not.2026 年 5 月三部门《智能体规范应用与创新发展实施意见》已写明:智能体"执行操作不得超出用户授权范围"、用户保留"知情权和最终决策权"、操作要"可追溯",并呼吁建设"可信认证标准体系"。政策落了,但把它变成可测试、可认证的工程标准,还是空白。
AACP (Agent Authorization Conformance Profile) fills that gap:AACP(Agent 授权符合性基线)就是来补这个空白的:
- ·6 provable authorization properties — authorization closure (no over-reach), bounded exposure (behavioral fence), an irreversible-action gate, human final decision, traceable audit, and default-deny / fail-safe.6 条可证明的授权属性——授权封闭(不越权)、敞口有界(行为围栏)、不可逆动作闸、人类最终决策权、可追溯审计、默认拒绝/失效安全。
- ·12 executable test cases run against your own agent + enforcement point, producing a machine- and human-readable L2 conformance report.12 个可执行用例,跑在你自己的智能体 + 强制执行点上,自动产出一份监管可读的 L2 符合性报告。
- ·A tamper-evident hash-chained ledger schema as the audit-evidence format, mapped to current regulation.一套防篡改的哈希链账本 schema 作为审计证据格式,逐条对位现行政策与标准。
Code under Apache-2.0, spec under CC-BY-4.0; CI reproduces an L2 PASS on Python 3.10–3.12 — including a deliberately insecure negative control, so the tests have teeth.代码 Apache-2.0、规范 CC-BY-4.0;CI 在 Python 3.10/3.11/3.12 上独立复现 L2 PASS,含一个"故意不合规"的反面对照,确保测试有牙。
We don't claim exclusivity — the moat is making the end-to-end reliable, reproducible, and auditable. Regulators, financial institutions, and researchers are welcome to harden it into an industry baseline.我们不声称只有我们能做这件事——护城河是把端到端做得可靠、可复现、可审计。欢迎监管机构、金融机构、研究者一起把它打磨成行业基准。
— Aron · Aiegis