AI Agent

🤖

AI Agent

AGENT

Who holds this role: Claude instances, automated pipeline scripts, Pipedream workflows, any non-human principal acting on behalf of a credentialed human

✅ Permitted Actions

Submit data on behalf of delegating human (inherits human's permissions only)
Read permitted datasets for analysis
Call POST /policy/evaluate before any write operation
Generate PROV-O provenance records for every action

🚫 Prohibited Actions

Hold independent credentials (credential must be delegated from a human DID)
Exceed the permission scope of the delegating human
Bypass POST /policy/evaluate
Take any action when FPIC block is active — absolute prohibition

Required Credential: cth:AgentCredential (delegated from human DID)

Agent inherits the delegating human's DID permissions — never more. Every agent action creates a PROV-O record naming the delegating human DID and the agent ID. FPIC block is enforced at DB row-level security — OPA never even sees the request.

CTH as Framework Operator

Governance Board

Dispute Resolution & Framework Evolution

Role Taxonomy Overview

Data Submitter

Accredited Validator

Community Sovereign

CTH Data Steward

Regulator / Auditor

AI Agent

R-SUB: Submission Rules

R-VAL: Validation Rules

R-CON: Consent & Benefit Rules

R-AGT: Agent Rules

R-CHG: Change Governance Rules

Standards Overview

T-01: Identity & Credential Layer

T-02: Provenance & Quality Layer

T-03: Policy & Enforcement Layer

T-04: Discovery & AI Access Layer

EUDR — EU Deforestation Regulation

CSRD — Corporate Sustainability Reporting

CBAM — Carbon Border Adjustment Mechanism

ISSB IFRS S2 — Climate Disclosures

Article 6.4 — Paris Agreement Carbon Credits

AI Agent

AI Agent

✅ Permitted Actions

🚫 Prohibited Actions