Fidacy

UCP Binding · v1

Fidacy Trust-Verdict Binding (UCP)

How a Fidacy trust verdict rides the Universal Commerce Protocol. A signed approve / review / deny decision that anyone verifies independently, without trusting Fidacy.

This binding names behavior the Fidacy engine already ships. It does not invent a new container: the verdict travels in UCP's own signals mechanism, and the signed EdDSA JWS is the source of truth. Canonical spec lives in fidacy-open/spec.

Binding URI

https://fidacy.com/ucp/extensions/trust-verdict/v1

Where the verdict rides: a UCP signal

UCP's signals schema defines signals as values that must not be buyer-asserted and are instead “independently verifiable third-party attestations”, keyed by reverse-domain identifiers. A Fidacy verdict is exactly that, so it rides under com.fidacy.trust_verdict:

"signals": {
  "com.fidacy.trust_verdict": {
    "format": "application/vc+jws",
    "jws": "<compact EdDSA JWS, the signed verdict>",
    "kid": "<signing key id>",
    "provider_jwks": "https://api.fidacy.com/.well-known/jwks.json",
    "payload": { "decision": "approve", "score": 12 }
  }
}

Advisory action

Fidacy is a third-party trust layer, not a UCP business or platform, and does not own the checkout status. Alongside the signal it returns an advisory recommended_action the merchant maps onto its own state: approve → proceed, review → step_up (UCP requires_escalation), deny → decline.

Verify it yourself

The convenience fields are untrusted hints until the JWS is verified. A recipient reads jws, fetches the public JWKS (provider_jwks), and checks the EdDSA signature with @fidacy/verify. No trust in Fidacy required.

What this binding does not do

Resources