KYA Manifest (SchemaStore) JSON Schema

Type	object
File match	`kya-manifest.json` `kya.json` `*.kya.json` `kya-manifest.schema.json`
Schema URL	https://catalog.lintel.tools/schemas/schemastore/kya-manifest/latest.json
Source	https://www.schemastore.org/kya.json

Versions

1.0 development

Validate with Lintel

npx @lintel/lintel check

Type: object

Know Your Agent (KYA) Manifest for autonomous AI agents (identity, governance, and operational constraints).

Properties

@context string[] required

JSON-LD contexts used to interpret terms. Must include the KYA context.

minItems=1

id string required

A URI value.

format=uri

type string[] required

JSON-LD types for the verifiable presentation. Must include VerifiablePresentation and KyaManifest.

minItems=1uniqueItems=true

All of: variant, variant

kyaVersion string required

The KYA specification version this manifest conforms to.

minLength=1

agentId string required

A DID string per the DID URI scheme.

pattern=^did:[a-z0-9]+:.*$

verificationMethod verificationMethod[] required

Inventory of public keys (verification methods) used by the agent and its governance.

minItems=1

authentication uri[] required

Verification method URIs authorized for authentication.

minItems=1uniqueItems=true

assertionMethod uri[] required

Verification method URIs authorized to assert statements (e.g., sign agent actions).

minItems=1uniqueItems=true

capabilityInvocation uri[] required

Verification method URIs authorized to invoke governance capabilities, including manifest updates.

minItems=1uniqueItems=true

proof manifestProof[] required

Cryptographic proofs establishing integrity and authorized governance invocation.

minItems=1

name string

A short human-readable name for the agent.

label string

A concise human-readable description of the agent’s purpose and constraints.

governingAuthority uri[]

URIs (often DIDs or fragments) identifying authorities overseeing the agent’s operation.

uniqueItems=true

keyAgreement uri[]

Verification method URIs used for key agreement (e.g., encrypted channels).

uniqueItems=true

minProofsRequired integer

Minimum number of valid governance proofs expected for the manifest (policy-level threshold).

min=1

legal object

Legal terms reference and dispute resolution configuration.

3 nested properties

termsUri string

A URI value.

format=uri

termsHash string

A 32-byte SHA-256 digest encoded as 64 hex characters.

pattern=^[A-Fa-f0-9]{64}$

disputeResolution disputeResolutionPath[]

permissionMode string

Whether enforcement is strict (deny-by-default) or permissive (allow-by-default with exceptions).

Values: "strict" "permissive"

permittedDomains string[]

Hostnames or domains the agent is allowed to interact with.

uniqueItems=true

permittedRegions string[]

Region or jurisdiction codes in which operation is permitted (policy-defined).

uniqueItems=true

forbiddenRegions string[]

Region or jurisdiction codes in which operation is forbidden (policy-defined).

uniqueItems=true

maxTransactionValue integer

Maximum permitted value for a single transaction (units defined by currency).

min=0

currency string

ISO 4217 currency code associated with value-denominated limits.

minLength=3maxLength=3

operatingLimits object

Limits expressed over rolling time windows (e.g., spend per period).

2 nested properties

periodSpendLimit integer

min=0

periodDuration string

A compact duration string (e.g., 30d, 12h, 60m).

pattern=^[0-9]+[smhdwy]$

signingPolicy object

Constraints describing signature thresholds by intent and conditions.

2 nested properties

defaultSignaturesRequired integer required

min=1

constraints signingConstraint[]

deployment object

Deployment policy and confidential compute (TEE) constraints.

All of: variant, variant

4 nested properties

tee object required

Confidential compute parameters used to bind an agent deployment to verifiable hardware attestation.

8 nested properties

framework string required

Values: "sevSnp" "tdx" "sgx" "nitro"

hardwareLabel string

measurementHash string

A hex-encoded string.

pattern=^[A-Fa-f0-9]+$

signerHash string

A hex-encoded string.

pattern=^[A-Fa-f0-9]+$

minimumSvn integer

min=0

allowDebug boolean

attestationUri string

A URI value.

format=uri

bindingMechanism string

Values: "reportData" "pubkeyHash"

info string

updatePolicy string

Values: "immutable" "signedRelease"

authoritativeSigner string

A DID string per the DID URI scheme.

pattern=^did:[a-z0-9]+:.*$

governance object

Governance endpoints, validity interval, visibility, and oracle configuration.

8 nested properties

controlUri string required

A URI value.

format=uri

validFrom string

An RFC 3339 date-time string.

format=date-time

validUntil string

An RFC 3339 date-time string.

format=date-time

pulseInterval integer

min=1

visibility string

Values: "public" "private" "permissioned"

statusUri string

A URI value.

format=uri

telemetryUri string

A URI value.

format=uri

oracles oracle[]

treasury treasuryItem[]

Optional treasury identifiers and usage classifications for operational funds or reserves.

verifiableCredential verifiableCredentialEntry[]

Evidence credentials embedded or referenced by digest for verification workflows.

Definitions

uri string

A URI value.

did string

A DID string per the DID URI scheme.

hex string

A hex-encoded string.

sha256Hex string

A 32-byte SHA-256 digest encoded as 64 hex characters.

dateTime string

An RFC 3339 date-time string.

duration string

A compact duration string (e.g., 30d, 12h, 60m).

verificationMethod object

A DID verification method entry (key material and controller).

id string required

A URI value.

format=uri

type string required

minLength=1

controller string required

A DID string per the DID URI scheme.

pattern=^did:[a-z0-9]+:.*$

publicKeyMultibase string required

minLength=1

legal object

Legal terms reference and dispute resolution configuration.

termsUri string

A URI value.

format=uri

termsHash string

A 32-byte SHA-256 digest encoded as 64 hex characters.

pattern=^[A-Fa-f0-9]{64}$

disputeResolution disputeResolutionPath[]

disputeResolutionPath object

One dispute resolution mechanism, ordered by priority.

priority integer

min=1

mechanism string

Values: "onChain" "digitalLegalFiling" "analogCourt" "arbitrator" "ai" "aiHitl"

entity string | object

escalationPossible boolean

operatingLimits object

Limits expressed over rolling time windows (e.g., spend per period).

periodSpendLimit integer

min=0

periodDuration string

A compact duration string (e.g., 30d, 12h, 60m).

pattern=^[0-9]+[smhdwy]$

signingPolicy object

Constraints describing signature thresholds by intent and conditions.

defaultSignaturesRequired integer required

min=1

constraints signingConstraint[]

signingConstraint object

An intent-scoped signing rule and its signature requirement.

intent string required

minLength=1

requirement object required

2 nested properties

threshold integer required

min=1

signers string[] required

minItems=1uniqueItems=true

condition object

deployment object

Deployment policy and confidential compute (TEE) constraints.

tee object required

Confidential compute parameters used to bind an agent deployment to verifiable hardware attestation.

8 nested properties

framework string required

Values: "sevSnp" "tdx" "sgx" "nitro"

hardwareLabel string

measurementHash string

A hex-encoded string.

pattern=^[A-Fa-f0-9]+$

signerHash string

A hex-encoded string.

pattern=^[A-Fa-f0-9]+$

minimumSvn integer

min=0

allowDebug boolean

attestationUri string

A URI value.

format=uri

bindingMechanism string

Values: "reportData" "pubkeyHash"

info string

updatePolicy string

Values: "immutable" "signedRelease"

authoritativeSigner string

A DID string per the DID URI scheme.

pattern=^did:[a-z0-9]+:.*$

tee object

Confidential compute parameters used to bind an agent deployment to verifiable hardware attestation.

framework string required

Values: "sevSnp" "tdx" "sgx" "nitro"

hardwareLabel string

measurementHash string

A hex-encoded string.

pattern=^[A-Fa-f0-9]+$

signerHash string

A hex-encoded string.

pattern=^[A-Fa-f0-9]+$

minimumSvn integer

min=0

allowDebug boolean

attestationUri string

A URI value.

format=uri

bindingMechanism string

Values: "reportData" "pubkeyHash"

governance object

Governance endpoints, validity interval, visibility, and oracle configuration.

controlUri string required

A URI value.

format=uri

validFrom string

An RFC 3339 date-time string.

format=date-time

validUntil string

An RFC 3339 date-time string.

format=date-time

pulseInterval integer

min=1

visibility string

Values: "public" "private" "permissioned"

statusUri string

A URI value.

format=uri

telemetryUri string

A URI value.

format=uri

oracles oracle[]

oracle object

A governance oracle definition used for external inputs (e.g., prices, FX rates, attestations).

id string required

minLength=1

serviceEndpoint uri[] required

minItems=1uniqueItems=true

purpose string[] required

minItems=1uniqueItems=true

providerDid string

A DID string per the DID URI scheme.

pattern=^did:[a-z0-9]+:.*$

role string

Values: "primary" "backup" "validator"

safetyBounds object

Optional bounds for oracle freshness, deviation, and confidence.

4 nested properties

maxStaleness integer

min=0

maxDeviation number

min=0

slippageTolerance number

min=0

minConfidence number

min=0max=1

treasuryItem object

A treasury identifier and its intended operational usage.

id string required

A URI value.

format=uri

assetHints string[] required

minItems=1uniqueItems=true

networks string[] required

minItems=1uniqueItems=true

usage string required

Values: "operational" "reserve" "escrow" "receivable"

verifiableCredentialEntry embeddedVc | referencedVc

Either an embedded VC payload or a referenced VC by digest.

embeddedVc object

A VC embedded directly in the manifest.

id string required

A URI value.

format=uri

type string[] required

minItems=1

issuer string required

A DID string per the DID URI scheme.

pattern=^did:[a-z0-9]+:.*$

credentialSubject required

proof required

validFrom string

An RFC 3339 date-time string.

format=date-time

issuanceDate string

An RFC 3339 date-time string.

format=date-time

validUntil string

An RFC 3339 date-time string.

format=date-time

credentialStatus object

challengeService challengeService[]

evidence evidenceItem[]

referencedVc object

A VC referenced by digest (and optionally a retrievable location).

id string required

A URI value.

format=uri

type string[] required

minItems=1

issuer string required

A DID string per the DID URI scheme.

pattern=^did:[a-z0-9]+:.*$

digestMultibase string required

minLength=1

location string

A URI value.

format=uri

challengeService object

A verifier challenge protocol or endpoint used to validate an embedded claim (e.g., ZK solvency).

type string required

minLength=1

method string required

Values: "directQuery" "proverIntermediary"

supportedQueries string[] required

minItems=1uniqueItems=true

challengeEndpoint string

A URI value.

format=uri

verificationKeyMultibase string

minLength=1

evidenceItem object

An evidence reference; if an id is present, a digest is required for integrity binding.

type string

id string

A URI value.

format=uri

digestMultibase string

minLength=1

vcPayloadDispatch

Conditional typing rules mapping known VC types to credentialSubject shapes.

solvencySubject object

Credential subject shape for solvency assertions.

accountType string required

Values: "custodial" "smartContract" "escrow" "wallet"

settlementScheme string[] required

minItems=1uniqueItems=true

assets assetBalance[] required

minItems=1

asOf string

An RFC 3339 date-time string.

format=date-time

assetBalance object

An asset identifier and balance string.

assetId string required

minLength=1

balance string

insuranceSubject object

Credential subject shape for insurance coverage assertions.

policyNumber string required

minLength=1

underwriter object required

2 nested properties

id string required

A URI value.

format=uri

name string

coverageLimit object

2 nested properties

amount string

currency string

minLength=3maxLength=3

coverageType string[]

uniqueItems=true

deductible object

2 nested properties

amount string

currency string

minLength=3maxLength=3

claimsEndpoint string

A URI value.

format=uri

auditSubject auditSubjectObject | auditSubjectObject[]

Credential subject shape for audits; may be a single object or an array of objects.

auditSubjectObject object

Audit data, including scope references and standards.

scopes object[]

auditStandards string[]

uniqueItems=true

findings object

legalEntitySubject object

Credential subject shape for a legal entity assertion.

legalName string

jurisdiction string

lei string

registrationNumber string

officials did[]

uniqueItems=true

licenseSubject object

Credential subject shape for license assertions.

licenses licenseRecord[] required

minItems=1

licenseRecord object

A single license entry, including type and license number.

licenseType string required

minLength=1

licenseNumber string required

minLength=1

grantingAuthority string

A DID string per the DID URI scheme.

pattern=^did:[a-z0-9]+:.*$

permittedActivities string[]

uniqueItems=true

manifestProof object

A data integrity proof used to authorize capabilityInvocation for the manifest.

type string required

minLength=1

verificationMethod string required

A URI value.

format=uri

proofPurpose const: "capabilityInvocation" required

Constant: "capabilityInvocation"

proofValue string required

minLength=1

cryptosuite string