Skill

ap2-dispute-accountability

Implements AP2 dispute resolution and accountability with cryptographic evidence, liability allocation, chargeback handling, and audit trails for agentic payment systems.

security

authentication

Install

npx claudepluginhub orcaqubits/agentic-commerce-skills-plugins --plugin ap2-agentic-payments

Tool Access

This skill is limited to using the following tools:

ReadWriteEditBashGrepGlobWebSearchWebFetch

Preview

**Fetch live docs**:

SKILL.md

Similar Skills

cache-components

Guides Next.js Cache Components and Partial Prerendering (PPR) with cacheComponents enabled. Implements 'use cache', cacheLife(), cacheTag(), revalidateTag(), static/dynamic optimization, and cache debugging.

cache-components

139.1k

claude-opus-4-5-migration

2 files

Migrates code, prompts, and API calls from Claude Sonnet 4.0/4.5 or Opus 4.1 to Opus 4.5, updating model strings on Anthropic, AWS, GCP, Azure platforms.

claude-opus-4-5-migration

83.2k

claude-code-plugin-release

1 file

Automates semantic versioning and release workflow for Claude Code plugins: bumps versions in package.json, marketplace.json, plugin.json; verifies builds; creates git tags, GitHub releases, changelogs.

claude-mem

64.7k

Stats

Parent Repo Stars14

Parent Repo Forks9

Last CommitMar 9, 2026

Actions

View Source View Plugin View on GitHub View README

AP2 Dispute Resolution and Accountability

Before writing code

Fetch live docs:

Fetch https://ap2-protocol.org/specification/ for the accountability model
Fetch https://ap2-protocol.org/topics/core-concepts/ for dispute resolution details
Web-search ap2 protocol dispute accountability liability mandate evidence for accountability framework
Web-search ap2 protocol chargeback fraud resolution for dispute handling patterns

Conceptual Architecture

Why Accountability Matters

In agentic commerce, the traditional dispute model breaks down:

Who's responsible when an AI agent buys the wrong item?
How do you prove the user authorized a purchase?
What evidence settles a dispute between a user, agent, and merchant?

AP2's VDC-based accountability model provides cryptographic evidence for every dispute scenario.

Liability Allocation Table

Scenario	Key Evidence	Accountability
First-party misuse	User-signed Cart/Intent Mandate	User — signature proves authorization
Agent mispick (user approved cart)	Cart Mandate shows item, user signed	User — they approved the specific cart
Agent mispick (unapproved)	Intent Mandate vs cart discrepancy	Shopping Agent/Platform — exceeded intent
Merchant non-fulfillment	Valid mandate + payment confirmation vs absent delivery	Merchant — committed via signature
Account takeover	Authentication signals during session	CP/User — depends on auth strength evidence
Man-in-the-middle	Digital signature verification	Attack prevented — signatures invalid if tampered
Price discrepancy	Merchant-signed Cart Mandate vs charged amount	Merchant — signed specific prices
Unauthorized transaction	Absence of user signature on mandate	Platform/Agent — no valid user authorization

Evidence Chain

For every transaction, AP2 preserves:

User's original intent — Natural language captured in Intent Mandate
User's authorization — Cryptographic signature on the mandate
Merchant's commitment — Merchant entity signature on Cart Mandate
Payment authorization — Payment Mandate with user signature
Challenge completion — Records of 3DS/OTP challenges
Transaction receipt — Payment confirmation from MPP

Dispute Investigation Process

Collect mandates — Gather all signed VDCs for the transaction
Verify signatures — Confirm all signatures are valid and match claimed identities
Compare intent vs outcome — Check if the purchase matches the authorized intent
Check constraint compliance — For Intent Mandates, verify constraints were respected
Review risk signals — Assess the risk context at transaction time
Determine liability — Apply the accountability rules based on evidence

Audit Trail Requirements

Store for the full retention period (at least the refund period):

All signed mandates (Cart, Intent, Payment)
Agent-to-agent message logs
Challenge records
Payment receipts
Risk signal snapshots
User session authentication records

Chargeback Handling

When a chargeback is filed:

Retrieve the transaction's VDC evidence
Verify mandate signatures
Compare the disputed transaction against signed mandates
Provide evidence to the payment network
The cryptographic evidence resolves most disputes definitively

Fraud Scenarios

AI Agent Fraud Prevention:

Intent Mandate captures user's exact words → agent can't claim different intent
Cart Mandate requires user signature → agent can't forge approval
Payment Mandate requires device attestation → agent can't self-authorize

Merchant Fraud Prevention:

Merchant signs Cart Mandate → can't deny offered prices/products
Payment receipt confirms delivery obligation
Fulfillment tracking compared against commitment

Best Practices

Store all VDCs with their signatures for the full retention period
Implement automated signature verification in dispute workflows
Build dashboards showing intent vs outcome comparisons
Log all risk signals at transaction time (they can't be recreated later)
Implement the accountability table as deterministic rules
Support both manual and automated dispute investigation
Provide clear evidence reports for payment networks
Test dispute scenarios explicitly during development
Consider regulatory requirements for evidence retention (varies by jurisdiction)

Fetch the specification for exact accountability rules, evidence requirements, and retention policies before implementing dispute handling.