Legal Context Protocol

Level 2: Provable

A content hash proves exactly what the terms were and that they have not changed.

This section is advisory.

Overview

For greater trust, the legal context includes digital proof of the terms. The legal-context.json file includes a contentHash field — a SHA-256 hash of the terms document. This proves:

  • What the terms were — the hash identifies the exact document
  • That they have not changed — any modification breaks the hash

How It Works

{
  "terms": "https://example.com/terms/v3.pdf",
  "contentHash": "0x7f83b1657ff1fc53b92dc18148a1d65dfc2d4b1fa3d677284addd200126d9069"
}

If a contentHash is provided, the terms document MUST be byte-for-byte identical every time it is served. No dynamic content insertion, no session-specific rendering, no content negotiation that changes the response. Any party that downloads the file and computes SHA-256 MUST get the same hash.

Verification

Any party can verify the terms:

  1. Download the document from the terms URL
  2. Compute SHA-256 of the downloaded file
  3. Compare to the contentHash value

If the hashes match, the document is the exact document the vendor published. If they do not match, the document has been altered.

Optional Anchoring

The hash alone — without any anchoring — provides provability. Anyone with the document can verify it matches the hash.

Optionally, the hash may be anchored to prove when the terms were published:

  • Blockchain — the hash recorded on-chain with a block timestamp
  • Timestamp authority — a signed timestamp per RFC 3161
  • Content-addressed storage — IPFS or Arweave, where the storage address is derived from the content

Anchoring adds temporal proof but is not required for Level 2. The hash itself is the core mechanism.

Terms Versioning

When vendors update their terms:

  1. The terms document at the URL changes
  2. The contentHash in legal-context.json is updated
  3. Previous transactions reference the previous contentHash

The contentHash in a transaction receipt is authoritative for that transaction. If an agent transacted with hash H1 and the vendor later updates to H2, the transaction is governed by H1 regardless. The agent's saved copy and the receipt hash identify the version that was in effect.

When Level 2 Is Appropriate

Level 2 is appropriate when it matters that the terms cannot be altered after the fact:

  • B2B procurement and service agreements
  • High-value purchases
  • Cross-border transactions
  • Any transaction where a dispute about "what the terms were" is plausible

For transactions that additionally require proof of explicit consent, see Level 3: Signed.

Level 1: Informational

The agent finds the terms. Proceeding with a transaction constitutes consent.

Level 3: Signed

A digital signature provides cryptographic proof of explicit consent to specific terms.

On this page

OverviewHow It WorksVerificationOptional AnchoringTerms VersioningWhen Level 2 Is Appropriate