{"slug": "ctef-v0-3-2-the-substrate-gate-just-closed-for-cross-framework-agent-trust", "title": "CTEF v0.3.2 — the substrate gate just closed for cross-framework agent trust", "summary": "The CTEF v0.3.2 specification has been released, establishing a substrate-layer canonical form that enables cross-framework agent trust without requiring shared authority or framework extensions. The release includes six normative additions driven by interop incidents, and has been validated through empirical byte-match testing across five independent JCS implementations producing 265 byte-for-byte agreements across 53 canonicalization edge cases. Ten independent implementations have reproduced the reference vectors without coordination, confirming that the substrate allows any framework to emit verifiable attestations that any consumer can verify regardless of the originating framework.", "body_md": "If you build agent-to-agent infrastructure, you've probably hit the cross-framework trust problem: how does an MCP agent verify a claim emitted by an x402 service, attested to by an ERC-8004 identity contract, with a behavioral history from a third-party observer?\n\nYou can't ask each framework to extend the others. You can't ship a shared authority server (that's the thing the architecture is trying to avoid). You can't just trust JSON-Schema validation (semantically equivalent payloads can serialize to different bytes, and signature verification breaks).\n\nThe answer that fell out of 18 months of working-group convergence: **a substrate-layer canonical form that every framework can emit and every consumer can verify**, with zero cross-framework knowledge required.\n\nCTEF v0.3.2 publishes that substrate.\n\nSix normative additions, each driven by a partner-thread interop incident:\n\n`claim_subtype: tier_upgrade`\n\nregistry first entry`tier_upgrade_proof`\n\nfixture lands as the first reference implementation of the authority-claim registry pattern.The bar a substrate spec needs to clear before it's actually a substrate (and not just a proposal) is empirical byte-match across multiple independent implementations. The v0.3.2 publish window crosses two such bars:\n\n**JCS canonicalization × vector sets:** 5 independent JCS implementations validated against 4 distinct vector sets — **20/20 cells byte-identical, 265 byte-for-byte agreements**:\n\n| Implementation | Lang | CTEF/APS (14) | AP2 OMH v0 (7) | privacy_class v0.1 (13) | per-chain envelope v0 (19) |\n|---|---|---|---|---|---|\n`rfc8785@0.1.4` |\nPython (Trail of Bits / William Woodruff) | ✓ | ✓ | ✓ | ✓ |\n`canonicalize@3.0.0` |\nJavaScript (Erdtman; Rundgren contributor) | ✓ | ✓ | ✓ | ✓ |\n`gowebpki/jcs@v1.0.1` |\nGo | ✓ | ✓ | ✓ | ✓ |\n`cyberphone/json-canonicalization` |\nJava (Rundgren — RFC 8785 reference) |\n✓ | ✓ | ✓ | ✓ |\n`serde_jcs@0.2.0` |\nRust (seritalien) | ✓ | ✓ | ✓ | ✓ |\n\n`cyberphone/json-canonicalization`\n\nis Anders Rundgren's reference implementation cited in RFC 8785 itself. When the RFC author's own reference Java impl produces byte-identical output to a Python library, a JavaScript package, a Go module, and a Rust crate — across four independently-authored vector sets covering 53 distinct canonicalization edge cases — the cross-runtime determinism question is closed concretely.\n\nThe substrate is reproducible in-tree at [ agentgraph-co/agentgraph/tests/cross-impl/](https://github.com/agentgraph-co/agentgraph/tree/v0.3.3-cross-extension-matrix/tests/cross-impl) — single-file runner per language, run any one and get 53/53 PASS or a divergence report.\n\n**Implementations × byte-match validation:** 10 independent implementations have all reproduced the CTEF v0.3.2 reference vectors:\n\nAgentGraph (substrate maintainer) · APS · AgentID · @nobulex/crypto · HiveTrust · msaleme/red-team-blue-team-agent-fabric · Foxbook · Dominion Observatory · ArkForge · AlgoVoi (chopmob-cloud).\n\nNo coordination. Each implementation built independently, validated independently, produced identical canonical bytes.\n\nA relying-party agent in 2026 doesn't get to pick the framework its counterparty was built on. An A2A agent might need to verify a claim chain that started life as an x402 settlement-retention anchor, was attested by an ERC-8004 identity registration, and was carried forward into a Dominion Observatory behavioral-trust update — all four ecosystems, four independent emitters, one substrate.\n\nCTEF v0.3.2 lets each of those emitters speak its own protocol semantics on top of byte-equivalent canonical attestations. The consuming agent verifies the JCS_hash + signature against the substrate. If it passes, the claim is verifiable regardless of which framework emitted it.\n\nThe architectural pattern: every framework can be a substrate emitter without any framework being authoritative.\n\n**v0.3.2 is the last byte-match-led publish.** The substrate is solved — 5 implementations × 53 vectors × 4 author sets is the bar, and the bar has been cleared. What comes next composes ON TOP of that substrate, not against it.\n\nThe Consilium pass (aeoess + 8 implementers, substrate window through Jun 5, normative outputs before Jul 1) is the next coordination layer. Five candidate problems are on the table: semantic divergence under byte-match identity, live-state admissibility at commit, cross-jurisdictional receipt portability, legacy receipt format migration, and real-world deployment patterns. Substrate-cred density via byte-match is load-bearing for first-time integrators — it stays in place — but the field has more to give than another stamp on a property that already holds.\n\nv0.3.3 (mid-June) lands the **cross-extension URN-layer matrix** — a row-per-URN-namespace table that binds substrate emitters to claim_type, evidenceType, and live fixture sets. **Four of seven rows are already PR-accepted** by maintainers (AlgoVoi, Arian, Erik Newton on Concordia, ArkForge open question). Remaining rows scaffolded for PRs:\n\n`urn:erc8004:identity`\n\n(cryptographic identity)`urn:mycelium:trail`\n\n(behavioral continuity, argentum-core)`urn:x402:audit-chain`\n\n(settlement-retention authority)`urn:nobulex:receipt`\n\n(behavioral continuity, Nobulex AAIF)`urn:observatory:eval`\n\n(behavioral, Dominion)`urn:foxbook:leaf`\n\n(cryptographic identity)`urn:concordia:attestation`\n\n(third-party authority)v0.4 (Q3 2026) opens APP↔CTEF composability and the Trust Policy Manifest.\n\n`/.well-known/cte-test-vectors.json`\n\n`/.well-known/interop-harness.json`\n\nIf you maintain a framework that emits trust-relevant attestations, the v0.3.3 cross-extension matrix branch is open for PRs.", "url": "https://wpnews.pro/news/ctef-v0-3-2-the-substrate-gate-just-closed-for-cross-framework-agent-trust", "canonical_source": "https://dev.to/agentgraph/ctef-v032-the-substrate-gate-just-closed-for-cross-framework-agent-trust-2c0a", "published_at": "2026-05-27 21:06:36+00:00", "updated_at": "2026-05-27 21:40:42.527394+00:00", "lang": "en", "topics": ["ai-agents", "ai-infrastructure", "ai-tools", "ai-research"], "entities": ["CTEF", "MCP", "x402", "ERC-8004", "JCS", "APS", "AP2"], "alternates": {"html": "https://wpnews.pro/news/ctef-v0-3-2-the-substrate-gate-just-closed-for-cross-framework-agent-trust", "markdown": "https://wpnews.pro/news/ctef-v0-3-2-the-substrate-gate-just-closed-for-cross-framework-agent-trust.md", "text": "https://wpnews.pro/news/ctef-v0-3-2-the-substrate-gate-just-closed-for-cross-framework-agent-trust.txt", "jsonld": "https://wpnews.pro/news/ctef-v0-3-2-the-substrate-gate-just-closed-for-cross-framework-agent-trust.jsonld"}}