aeoess
diff --git a/‎README.md‎
Lines changed: 6 additions & 6 deletions b/‎README.md‎
Lines changed: 6 additions & 6 deletions
diff --git a/‎pyproject.toml‎
Lines changed: 2 additions & 2 deletions b/‎pyproject.toml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/agent_passport/__init__.py‎
Lines changed: 122 additions & 10 deletions b/‎src/agent_passport/__init__.py‎
Lines changed: 122 additions & 10 deletions
diff --git a/‎src/agent_passport/v2/accountability/__init__.py‎
Lines changed: 109 additions & 0 deletions b/‎src/agent_passport/v2/accountability/__init__.py‎
Lines changed: 109 additions & 0 deletions
@@ -10,7 +10,7 @@
 pip install agent-passport-system
 ```
 
-> **Current stable**: `2.3.0` (default `pip install`). **Pre-release**: `2.4.0a0` (`pip install --pre agent-passport-system==2.4.0a0`). The 2.4.0a0 alpha adds the evidentiary type safety primitives (claim/evidence registry, claim verifier with forbidden-substitution detection, contestation cascade) in symmetry with TypeScript SDK npm 2.6.0-alpha.0. Cross-impl byte-parity verified against TS-generated canonical JSON fixtures. Paper review window may shape-shift these primitives; alpha versioning avoids forcing major-version ceremony for every adjustment. Wave 1 accountability primitives are still TypeScript-only this iteration.
+> **Current stable**: `2.3.0` (default `pip install`). **Pre-release**: `2.4.0a1` (`pip install --pre agent-passport-system==2.4.0a1`). The 2.4.0a1 alpha adds Wave 1 accountability primitives (ActionReceipt, AuthorityBoundaryReceipt, CustodyReceipt, ContestabilityReceipt, APSBundle), Cognitive Attestation (Paper 4), and Instruction Provenance Receipts (v0.2). 2.4.0a0 already added evidentiary type safety (claim/evidence registry, claim verifier, contestation cascade). All primitives are byte-parity-verified against TypeScript SDK npm 2.6.0-alpha.0 fixtures. Paper review window may shape-shift these primitives; alpha versioning avoids forcing major-version ceremony for every adjustment.
 
 
 ## Quick Start
@@ -110,7 +110,7 @@ This Python SDK implements all 8 Agent Passport Protocol layers:
 7. **Integration Wiring** — Cross-layer bridges (commerce+intent, coordination+agora)
 8. **Agentic Commerce** — 4-gate checkout, human approval, spend limits
 
-Strict subset of the [TypeScript SDK](https://www.npmjs.com/package/agent-passport-system) at npm v2.6.0-alpha.0. The four evidentiary type safety primitives (claim/evidence registry, claim verifier with forbidden-substitution detection, contestation cascade, GroundsClass extension) ship in `agent_passport.v2` from Python SDK 2.4.0a0 (alpha pre-release) onward, with cross-impl byte-parity verified against TS-generated fixtures. Wave 1 accountability primitives (ActionReceipt, AuthorityBoundaryReceipt, CustodyReceipt, ContestabilityReceipt, APSBundle) ship in the TypeScript SDK only this iteration; full Python port deferred. The cascade primitive uses a minimal Python ContestabilityReceipt that widens when Wave 1 ports. Cross-language signature verification continues to work for the primitives Python does ship. Also available via the [MCP server](https://mcp.aeoess.com/sse).
+Cross-language parity with the [TypeScript SDK](https://www.npmjs.com/package/agent-passport-system) at npm v2.6.0-alpha.0. Python SDK 2.4.0a1 ships the full Wave 1 surface: ActionReceipt, AuthorityBoundaryReceipt, CustodyReceipt, ContestabilityReceipt, APSBundle (with balanced Merkle commitment), Cognitive Attestation (Paper 4 — three-stage verification, typed dispute primitives), and Instruction Provenance Receipts v0.2 (path canonicalization, context-root binding, action-time recompute). The four evidentiary type safety primitives shipped in 2.4.0a0. All surfaces verified against TS-issued fixtures for byte-identical canonical JSON. Cross-language signature verification covers every signed primitive in the SDK. Also available via the [MCP server](https://mcp.aeoess.com/sse).
 
 ## Links
 
@@ -135,10 +135,10 @@ Strict subset of the [TypeScript SDK](https://www.npmjs.com/package/agent-passpo
 ```bash
 pip install pynacl pytest
 PYTHONPATH=src pytest tests/ -v
-# 398 passed, 1 skipped, 6 xfailed across 30 test files. Coverage tracks the
-# protocol layers the Python port has actually shipped (see "Strict subset" note above).
-# The new test_claim_*, test_downstream_taint files include 15 cross-impl byte-parity
-# checks against TS-generated canonical JSON fixtures.
+# 2.4.0a1: 518 passed, 1 skipped, 6 xfailed. Coverage covers all 8 protocol layers
+# plus the v2 evidentiary type safety, Wave 1 accountability, Cognitive Attestation,
+# and Instruction Provenance Receipt surfaces. Cross-impl byte-parity tests assert
+# byte-identical canonical JSON against TS-issued fixtures.
 ```
 
 ## License
 
@@ -4,8 +4,8 @@ build-backend = "hatchling.build"
 
 [project]
 name = "agent-passport-system"
-version = "2.4.0a0"
-description = "Python SDK for the Agent Passport System. Identity, delegation, governance, data source registration, training attribution, per-period attribution settlement, mutual authentication, evidentiary type safety (claim/evidence registry, claim verifier with forbidden-substitution detection, contestation cascade). Cross-language parity with agent-passport-system npm v2.6.0-alpha.0 verified by byte-identical canonical JSON fixtures."
+version = "2.4.0a1"
+description = "Python SDK for the Agent Passport System. Identity, delegation, governance, data source registration, training attribution, per-period attribution settlement, mutual authentication, evidentiary type safety, Wave 1 accountability primitives (action, authority-boundary, custody, contestability, bundle), Cognitive Attestation, Instruction Provenance Receipts. Cross-language parity with agent-passport-system npm v2.6.0-alpha.0 verified by byte-identical canonical JSON fixtures."
 readme = "README.md"
 license = "Apache-2.0"
 requires-python = ">=3.9"
 
@@ -28,7 +28,7 @@
 Docs: https://aeoess.com/llms-full.txt
 """
 
-__version__ = "2.4.0a0"
+__version__ = "2.4.0a1"
 
 # Crypto
 from .crypto import generate_key_pair, sign, verify, public_key_from_private
@@ -285,11 +285,11 @@
 from .canonical import canonicalize_jcs
 
 
-# Evidentiary Type Safety primitives (SDK v2.4.0a0 alpha pre-release)
-# Ports of the four TypeScript SDK 2.6.0-alpha.0 primitives:
-# claim-evidence-types, claim-verifier, downstream-taint, GroundsClass.
-# ContestabilityReceipt fully ports when Wave 1 accountability ports;
-# the cascade-consumed shape ships now as a minimal dataclass.
+# Evidentiary Type Safety primitives (SDK v2.4.0a1 alpha pre-release)
+# Ports of TypeScript SDK 2.6.0-alpha.0:
+#   2.4.0a0: claim-evidence-types, claim-verifier, downstream-taint
+#   2.4.0a1: full Wave 1 accountability surface, cognitive-attestation,
+#            instruction-provenance.
 from .v2 import (
     # claim_evidence_types
     ClaimType,
@@ -306,13 +306,125 @@
     OpenContestationResolver,
     verify_evidence_claim,
     # downstream_taint
-    ContestStatus,
-    ContestabilityControllerResponse,
-    ContestabilityReceipt,
-    GroundsClass,
     TaintCandidate,
     TaintedRecord,
     TaintedSet,
     compute_downstream_taint,
     is_contestation_tainting,
 )
+
+# Wave 1 accountability — full surface (v2.4.0a1)
+# create_action_receipt / verify_action_receipt collide with legacy
+# delegation-flavored functions of the same names; the Wave 1 versions
+# are re-exported under accountability_* prefixes here. The unaliased
+# forms remain available via `from agent_passport.v2.accountability
+# import ...`.
+from .v2.accountability import (
+    # base
+    CaptureMode,
+    Completeness,
+    ScopeOfClaim,
+    # action
+    ActionPayload,
+    ActionReceipt as AccountabilityActionReceipt,
+    SideEffectClass,
+    TransparencyLogInclusion,
+    # authority-boundary
+    AuthorityBoundaryReceipt,
+    BoundaryResult,
+    # custody
+    CustodyEventType,
+    CustodyPurpose,
+    CustodyReceipt,
+    SubjectReceiptBatch,
+    # contestability
+    ContestabilityContestant,
+    ContestabilityControllerResponse,
+    ContestabilityReceipt,
+    ContestStatus,
+    GroundsClass,
+    GroundsClassValue,
+    RequestedRemedy,
+    StandingBasis,
+    # bundle
+    APSBundle,
+    BundledReceiptRef,
+    # construct (aliased to avoid legacy delegation collision)
+    attach_controller_response,
+    create_action_receipt as create_accountability_action_receipt,
+    create_aps_bundle,
+    create_authority_boundary_receipt,
+    create_contestability_receipt,
+    create_custody_receipt,
+    # bundle helpers
+    compute_merkle_root,
+    # verify (aliased)
+    verify_action_receipt as verify_accountability_action_receipt,
+    verify_aps_bundle,
+    verify_authority_boundary_receipt,
+    verify_contestability_receipt,
+    verify_custody_receipt,
+)
+
+# Cognitive Attestation (Paper 4)
+from .v2.cognitive_attestation import (
+    ActivationStatistic,
+    AggregationPolicy,
+    AttachmentPoint,
+    CognitiveAttestation,
+    CompletenessClaim,
+    DictionaryRef,
+    ExecutionEnvironment,
+    FeatureActivation,
+    ModelRef,
+    Precision,
+    SAEType,
+    Signature as CognitiveSignature,
+    SignerRole as CognitiveSignerRole,
+    TiebreakerRule,
+    TokenRange,
+    BuildAttestationInput,
+    build_attestation,
+    canonicalize_attestation,
+    cognitive_attestation_digest,
+    sign_attestation as sign_cognitive_attestation,
+    sort_feature_activations,
+    validate_attestation_shape,
+    RegistryResolver,
+    RegistryVerificationResult,
+    ReplayBackend,
+    ReplayVerificationResult,
+    RequiredRoleCoverage,
+    verify_against_registry,
+    verify_by_replay,
+    verify_required_signer_roles,
+    verify_signature as verify_cognitive_signature,
+    ComputationalDispute,
+    DecompositionAdequacyDispute,
+    Dispute,
+    ExclusionDispute,
+    FacetedReinterpretationDispute,
+    InterpretiveDispute,
+    ThresholdDispute,
+)
+
+# Instruction Provenance Receipt (Paper 8 candidate, v0.2)
+from .v2.instruction_provenance import (
+    AttestationTier,
+    FilesystemMode,
+    InstructionFile,
+    InstructionProvenanceReceipt,
+    InstructionProvenanceReceiptBoundTo,
+    InstructionRole,
+    IPRConstructionError,
+    IPRPathError,
+    canonicalize_envelope as canonicalize_instruction_envelope,
+    canonicalize_path,
+    compute_context_root,
+    create_instruction_provenance_receipt,
+    matches_any_pattern,
+    sign_ed25519 as sign_ed25519_ipr,
+    sort_instruction_files,
+    verify_action_time_context_root,
+    verify_instruction_provenance_receipt,
+)
@@ -0,0 +1,109 @@
+# Copyright 2024-2026 Tymofii Pidlisnyi. Apache-2.0 license. See LICENSE.
+"""Wave 1 accountability — public surface.
+
+Mirrors src/v2/accountability/index.ts in agent-passport-system 2.6.0-alpha.0.
+
+Five primitives: ActionReceipt, AuthorityBoundaryReceipt, CustodyReceipt,
+ContestabilityReceipt, APSBundle. Cross-impl byte-parity with the TS SDK
+verified against TS-supplied fixtures in tests/v2/wave1/.
+
+This module replaces the minimal ContestabilityReceipt that shipped in
+v2/downstream_taint.py at 2.4.0a0. The downstream-taint cascade now
+imports its receipt and response shapes from here directly; the cascade
+contract is unchanged.
+"""
+
+from .types import (
+    # base
+    CaptureMode,
+    Completeness,
+    ScopeOfClaim,
+    # action
+    ActionPayload,
+    ActionReceipt,
+    SideEffectClass,
+    TransparencyLogInclusion,
+    # authority-boundary
+    AuthorityBoundaryReceipt,
+    BoundaryResult,
+    # custody
+    CustodyEventType,
+    CustodyPurpose,
+    CustodyReceipt,
+    SubjectReceiptBatch,
+    # contestability
+    ContestabilityContestant,
+    ContestabilityControllerResponse,
+    ContestabilityReceipt,
+    ContestStatus,
+    GroundsClass,
+    GroundsClassValue,
+    RequestedRemedy,
+    StandingBasis,
+    # bundle
+    APSBundle,
+    BundledReceiptRef,
+)
+
+from .construct import (
+    attach_controller_response,
+    create_action_receipt,
+    create_authority_boundary_receipt,
+    create_contestability_receipt,
+    create_custody_receipt,
+)
+
+from .bundle import (
+    compute_merkle_root,
+    create_aps_bundle,
+    verify_aps_bundle,
+)
+
+from .verify import (
+    verify_action_receipt,
+    verify_authority_boundary_receipt,
+    verify_contestability_receipt,
+    verify_custody_receipt,
+)
+
+__all__ = [
+    # types
+    "APSBundle",
+    "ActionPayload",
+    "ActionReceipt",
+    "AuthorityBoundaryReceipt",
+    "BoundaryResult",
+    "BundledReceiptRef",
+    "CaptureMode",
+    "Completeness",
+    "ContestStatus",
+    "ContestabilityContestant",
+    "ContestabilityControllerResponse",
+    "ContestabilityReceipt",
+    "CustodyEventType",
+    "CustodyPurpose",
+    "CustodyReceipt",
+    "GroundsClass",
+    "GroundsClassValue",
+    "RequestedRemedy",
+    "ScopeOfClaim",
+    "SideEffectClass",
+    "StandingBasis",
+    "SubjectReceiptBatch",
+    "TransparencyLogInclusion",
+    # construct
+    "attach_controller_response",
+    "create_action_receipt",
+    "create_aps_bundle",
+    "create_authority_boundary_receipt",
+    "create_contestability_receipt",
+    "create_custody_receipt",
+    # bundle helpers
+    "compute_merkle_root",
+    # verify
+    "verify_action_receipt",
+    "verify_aps_bundle",
+    "verify_authority_boundary_receipt",
+    "verify_contestability_receipt",
+    "verify_custody_receipt",
+]