{
  "authority": "hvtracker.net",
  "name": "HVTracker — AI Agent Trust Registry",
  "description": "Independent trust registry for open-source AI agents. Ranks agents by evidence-weighted trust (HVTrust), not popularity.",
  "version": "0.2",
  "methodology": "https://hvtracker.net/methodology",
  "specs": {
    "trust_credential": "https://hvtracker.net/spec/trust-credential/v0.2",
    "mcp_server_trust": "https://hvtracker.net/spec/mcp-server-trust/v0.1",
    "runtime_trust": "https://hvtracker.net/spec/runtime-trust/v0.2",
    "methodology": "https://hvtracker.net/spec/methodology",
    "data_schema": "https://hvtracker.net/spec/data-schema"
  },
  "endpoints": {
    "registry": "https://hvtracker.net/data/latest.json",
    "agent_lookup": "https://hvtracker.net/data/agents/{slug}.json",
    "mcp_verify": "https://hvtracker.net/api/v1/mcp/verify?server={id}",
    "build_report": "https://hvtracker.net/data/build_report.json"
  },
  "trust_credential": {
    "format": "json",
    "signed": true,
    "signature_algorithm": "Ed25519",
    "public_key": "mEfivVkAEfx09O2Dm0oG8+Zbh3dEZ2UB8a6P/Fd9Tgo=",
    "public_key_encoding": "base64-raw-32",
    "canonicalization": "JSON with sorted keys, separators (\",\",\":\"), ensure_ascii=false, excluding the `signature` field",
    "verification": "Verify the base64 detached Ed25519 `signature` over the canonical credential against `public_key` — no re-fetch required. Credentials also remain reproducible: recompute the score from public signals per the methodology to cross-check. A null signature means the issuing build had no signing key."
  },
  "contact": "https://github.com/YugantM/hvtracker/issues",
  "license": "CC BY 4.0"
}
