OATH

The robots.txt for AI honesty. Vendors sign a PluckOath/v1 attestation listing their public commitments and serve it at https://<vendor>/.well-known/pluck-oath.json. Every Bureau program contradict-checks against the oath at evaluation time. Vendors with no oath get a visible did not commit badge.

Phase 4 alpha

The signing + verification + contradict layers are alpha; the vendor-management UI at /bureau/oath/manage ships as a placeholder until Kite Event Log lands in Phase 4+.

Vendor flow

pluck bureau oath publish ./oath.json --keys ./keys --out ./.oath

The signed DSSE envelope lands in ./.oath/ as <envelopeHash>.intoto.jsonl. Host the envelope bytes at /.well-known/pluck-oath.json with Content-Type: application/json.

Operator flow

pluck bureau oath fetch openai.com --out ./.oath
pluck bureau oath verify ./.oath/<hash>.intoto.jsonl --expected-origin https://openai.com

Fetch is HTTPS-only, capped at 256 KiB, 10s timeout, no redirects. Verify cross-checks the served Origin against the oath body's vendor field.

Sealed-claim semantics

Every claim is sealed past expiresAt: contradict checks return oath-expired instead of triggering a red dot. Vendors must republish to extend coverage — ignoring expiry would create stale-data false-positives and punish vendors who let their oath quietly drift.

Predicate URI

https://pluck.run/PluckOath/v1