OMP v1.0 Specification

1. Scope

OMP defines a universal, vendor-neutral data exchange contract for agent ecosystems.
It applies to all agent-related data objects — structured the same way, encrypted by default, and governed by public versioned specs.

2. Core principles

  1. One object model — all data types share a base structure.

  2. Privacy-by-default — transport + storage encryption, field-level options.

  3. Provenance & audit — signatures, integrity hashes, access logs.

  4. Verifiable deletion — revocation receipts and tombstones propagate.

  5. Stable kernel — minimal changes, extensions via versioned add-ons.

3. Data Object Schema (Base)

Every OMP object must include:

4. Wire Contract

All compliant implementations must expose these HTTPS endpoints:Every OMP object must include:

5. Security Requirements

  • Transport: TLS 1.3+ (mTLS optional, recommended for B2B).

  • Authentication: OAuth2, mTLS, or compatible open standard.

  • Integrity: SHA-256 or better hashing of payloads.

  • Encryption: AES-256-GCM at rest; per-field optional encryption for sensitive content.

  • Revocation: Deletion must produce a verifiable tombstone record.

6. Conformance Rules

To claim OMP compliance:

  1. Pass the reference test suite.

  2. Implement all required schema fields and endpoints.

  3. Honor consent and retention policies.

  4. Maintain public conformance metadata.

7. Versioning

  • Core: Semantic versioning (e.g., 1.0.1).

  • Extensions: Namespaced (e.g., ext.location, ext.vector).

  • Deprecations: Announced ≥6 months before removal.

8. Governance

  • On it’s way to being stewarded in Switzerland under a neutral foundation.

  • Public proposals, community review, and reference tests before release.

9. References