/method/mcp-record-custody-gateway

MCP Record Custody Gateway

The MCP Record Custody Gateway is the public-safe name for a governed custody-inspection stack. It lets an operator inspect whether a protocol-facing agent boundary has a refs-only custody posture without treating that inspection as MCP execution, record admission, receipt persistence, protocol modification, or model-output verification.

What the Gateway is

The Gateway is a refs-only custody surface. It can identify the boundary type, protocol binding, receipt family, custody status, candidate ref, bridge ref, trace-context ref, and related opaque refs that matter for review. It is designed to keep raw payloads, tool arguments, credential secrets, and private paths out of the public-readable object.

What the Gateway is not

The Gateway is not an MCP runtime. It does not call MCP, run connectors, write sinks, admit records, persist receipts, grant MCP authority, modify protocol behavior, or verify model output. GARPedia explains the posture; it does not operate the boundary.

Six-repo owner split

The Gateway stack is split across six owners so no one surface has to overclaim authority.

garp-doctrine: Defines the doctrine and receipt-body vocabulary, including the recognized agent_delegation_issued and agent_delegation_revoked body kinds.
garp-sdk: Owns the canonical portable MCP Record Custody Gateway contract.
garp-local: Projects the read-only API at GET /workbench/mcp-record-custody-gateway without calling MCP or retaining credential secrets.
garp-workbench: Renders the operator cockpit and its exclusion and non-claim flags.
arcs-amnesiac: Projects non-ready custody statuses into ShadowGraph/refusal reasons with dormant reopening conditions.
garpedia_org: Explains the public method boundary without rendering private traces, payloads, credentials, arguments, or paths.

Durable non-claims

MCP Record Custody Gateway is not admission.
MCP Record Custody Gateway does not verify model output.
MCP Record Custody Gateway does not call MCP.
MCP Record Custody Gateway does not run connectors.
MCP Record Custody Gateway does not write sinks.
MCP Record Custody Gateway does not persist receipts.
MCP Record Custody Gateway does not modify the MCP protocol.
MCP Record Custody Gateway does not grant MCP authority.
MCP Record Custody Gateway does not retain raw payloads.
MCP Record Custody Gateway does not retain tool arguments.
MCP Record Custody Gateway does not retain credential secrets.
MCP Record Custody Gateway does not retain private paths.

Reopening conditions

In the amnesiac projection, a custody_record_ready status produces no shadow record. Non-ready custody statuses can become dormant ShadowGraph/refusal reasons with reopening conditions such as operator review, fresh observation, actor context becoming available, target context becoming available, a policy-gate change, privacy-policy review resolution, or a boundary-type registry expansion. Those conditions describe what would matter later; they do not automatically reopen or admit a record.

Related method pages

/method/trace-context-bridge — the sibling bridge that maps trace-context refs without becoming a custody gateway.
/method/workspace-memory-index — the sibling index for governed workspace-memory posture.
/method/reverse-wiki — the read-side grammar this page belongs to.
/method/reverse-wiki-function-inventory — the function inventory where public method surfaces are kept legible.