Transaction-Time Verification
The key innovation: two moments matter, and the correct moment to verify is at transaction time.
This section is advisory.
Transaction-time verification is the key innovation of the LCP standard beyond discoverability. The insight is simple: the correct moment to fetch, verify, and save terms is not when the agent first discovers a service — it is at transaction time, right before the agent pays.
Two Moments
Discovery time — The agent visits /.well-known/legal-context.json to understand how a service handles legal terms. This is informational. The agent may browse terms, evaluate the vendor, and decide whether to engage.
Transaction time — The correct moment to fetch, verify, and save the terms. This is when the contentHash matters (Level 2+).
The Proposal-Phase Pattern
Every major agentic commerce protocol has a two-phase flow — propose, then execute:
| Protocol | Proposal Phase | Execution Phase |
|---|---|---|
| MPP | 402 challenge | Payment credential + 200 receipt |
| ACP | Checkout session creation | Complete checkout |
| x402 | 402 response | Payment + resource delivery |
| UCP | Checkout session creation | Payment confirmation + order |
| AP2 | Cart/Intent Mandate creation | Payment Mandate + authorization |
At Level 2+, the contentHash SHOULD be included in the proposal phase. Including it in the proposal allows the agent to verify before paying. Including it only in the receipt is valid but weaker — the agent cannot verify before committing.
Agent Verification Flow (Level 2+)
- Receive the proposed
contentHashfrom the server (in the proposal) - Fetch the terms document from the URL provided
- Compute SHA-256 of the downloaded document
- Compare to the proposed
contentHash— if mismatch, halt - Save the document locally
- Proceed with payment
- Receive receipt containing the same
contentHash— confirmation of what was agreed
This eliminates both race conditions (terms changed between discovery and transaction) and malice (server claiming different terms after the fact). The agent verifies at the moment that matters — right before it pays.
Level 1 Behavior
At Level 1 (no hash), there is no contentHash in the proposal. The terms URL from legal-context.json is the reference. The agent should still fetch and save the terms at transaction time as evidence of what it saw, even without a hash to verify against.
At Level 1, the discovery-time terms and the transaction-time terms are assumed to be the same; the agent has no mechanism to detect a change between discovery and transaction.
Document Preservation
Agents SHOULD save a copy of the terms at transaction time regardless of level. At Level 2+, agents SHOULD verify the contentHash against the downloaded document before proceeding.
The vendor does not need to guarantee long-term availability of the document at the URL. The document only needs to be downloadable when the agent transacts. After that, the proof lives with the parties — the document in their possession and the hash in the receipt.
A hash without a document is a proof without evidence.