Kirke Labs
Kirke Labs
The Control Layer · Agent-Readiness Toolkit

Open Agent Access

Consequential agents must carry papers. Open Agent Access (OAA) is the layer that decides whether an autonomous agent may read, may be refused, or must pay — on a published, machine-readable policy, with a signed record of every action.

GET https://www.kirkelabs.com/.well-known/agent-access.json

Why a control layer?

robots.txt was built for crawlers that only read. Agents now act — they transact, book, and settle on a user’s behalf. That needs more than allow/disallow: it needs identity, a stated purpose, an enforceable decision, payment terms for actions that cost something, and an audit trail. OAA is that boundary — issued by the site, honoured by well-behaved agents.

It’s the governance counterpart to the rest of the toolkit: the scanners tell you whether agents can find and act on you; OAA is how you let them act on your terms.

Three decisions

  • allowPublic reads — research, indexing, summarisation — with attribution by source URL.
  • denyDisallowed purposes, e.g. AI-training use, are refused outright.
  • chargeConsequential actions return an x402 payment-required envelope; settle to proceed.

How a request flows

  1. 1Present a passport. The agent sends its identity, purpose, and intended use (AA-Agent-ID, AA-Purpose, AA-Use).
  2. 2Policy decision. The policy engine evaluates the request against the published rules and returns allow, deny, or charge.
  3. 3Settle payment (if charged). For paid actions, the agent receives an x402 envelope and settles a micropayment on Algorand.
  4. 4Receive a receipt. The action returns a hash-chained receipt — an auditable record of identity, decision, and settlement.

Payments & receipts

Paid actions are priced in the policy (the Agent City demo charges $0.01 / request) and settled with x402 — USDC on Algorand (TestNet in the demo), with sub-3-second finality. Every governed action returns a hash-chained receipt: who acted, under what purpose, the decision, and the settlement — auditable after the fact.

OAA is also exposed as a live MCP server, so agent frameworks can discover and call governed tools directly rather than scraping the page.

See it work

Agent City is the live demonstration — autonomous agents present passports, receive allow / deny / charge decisions, settle real x402 micropayments on Algorand TestNet, and collect receipts, step by step. It’s where the whole toolkit comes together as agentic commerce.

Read the policy: /.well-known/agent-access.json.