# Supply-Y Protocol Documentation

Supply-Y Protocol 1.0 is the stable Agent-to-Agent contract for exchanging bounded, encrypted supply-chain decisions without centralizing customer plaintext or private keys.

## Current status

- Protocol 1.0 is stable and published through an immutable Release Manifest and Agent Bundle.
- Object, crypto, behavior, interoperability and Agent installation evidence is executable.
- Hosted production APIs, production Skill signing trust, public SDK distribution and certification are not yet generally available.
- Protocol, schema, Skill, SDK and installation-contract versions are independent contracts.

## Value for every tier

- **Tier 3 material supplier:** triggers earlier downstream action while protecting exact stock, capacity and commercial terms.
- **Tier 2 component supplier:** receives enough context to assess component impact while protecting plant schedules, defect detail and customer exposure.
- **Tier 1 system supplier:** coordinates mitigation across components without relaying raw supplier files or sourcing economics.
- **Brand OEM:** receives a decision-ready risk, capacity or compliance picture while protecting demand volume, launch sequence and margin priorities.

Read the [complete value model](https://supply-y.net/docs/markdown/concepts.md#value-for-every-tier).

## One verified Package in practice

Fixture: `pkg_material_constraint_001` (`supply-y/1.0`)

- **From:** `org_tier3_material`
- **To:** `org_tier2_connector`
- **Affected scope:** `high_temperature_connector_housing`, `ev_and_adas_variants`, `north_america`
- **Constraint:** 20-30 `percent_constraint`
- **Confidence:** 0.78; multiple supplier signals and production schedule checks
- **Requested response:** separate critical and non-critical SKU demand
- **Deadline:** `2026-07-04T18:00:00Z`
- **Not disclosed:** `customer names`, `contract prices`, `exact capacity`, `allocation formula`
- **Controls:** 30-day retention; forwarding not allowed; human approval required

Controlled reasoning shares the facts, uncertainty, requested action and usage boundary needed for a decision, without sending the raw records behind them.

Inspect the [full fixture](https://supply-y.net/docs/reference#examples-valid-reasoning-package-material-constraint-native-valid-json) or [validate it locally](https://supply-y.net/docs/playground).

## Start

- [Overview](https://supply-y.net/docs/markdown/index.md): Understand, integrate and verify the Supply-Y Agent-to-Agent protocol for secure cross-company supply-chain collaboration.
- [Use Cases](https://supply-y.net/docs/markdown/use-cases.md): Compare six fixture-backed Supply-Y collaboration loops for material risk, weekly planning, incident mitigation, quality, engineering change and compliance evidence.
- [Protocol 1.0 Release](https://supply-y.net/docs/markdown/release.md): Pin the stable Supply-Y Protocol 1.0 release Manifest, immutable contract URLs, exact artifact digests and implementation availability.
- [Changelog](https://supply-y.net/docs/markdown/changelog.md): Review every Supply-Y Protocol wire release, exact Manifest binding, compatibility decision, retired preview identifier and required migration.
- [Availability & Readiness](https://supply-y.net/docs/markdown/readiness.md): See which Supply-Y Protocol 1.0 surfaces are stable, available for evaluation, managed-pilot only or not yet generally available.
- [Getting Started](https://supply-y.net/docs/markdown/getting-started.md): Choose an Agent and transport path, create a controlled Package, exchange it securely and prove the first Supply-Y collaboration loop.
- [Plan a Pilot](https://supply-y.net/docs/markdown/pilot.md): Scope a Supply-Y pilot with explicit entry criteria, customer responsibilities, data boundaries, stage gates, acceptance evidence and exit rules.
- [Common Questions](https://supply-y.net/docs/markdown/faq.md): Direct answers about Supply-Y data ownership, customer deployment, policy, ciphertext audit, Catena-X, failure handling and production readiness.
- [Install In Your Agent](https://supply-y.net/docs/markdown/agent-install.md): Copy one message into a company Agent to discover, install and verify Supply-Y, then review its compatibility report before enabling exchange.

## Understand

- [Protocol Concepts](https://supply-y.net/docs/markdown/concepts.md): Understand controlled reasoning, Packages, policies, collaboration loops, participant value and Native versus Catena-X transport.
- [Glossary](https://supply-y.net/docs/markdown/glossary.md): Find precise Supply-Y definitions, aliases and distinctions for Protocol 1.0, Packages, Skills, policy, receipts, transport, audit and certification.
- [Architecture](https://supply-y.net/docs/markdown/architecture.md): The Supply-Y logical architecture for customer Agents, Native encrypted transport, Catena-X EDC, identity, APIs, storage, events and audit.
- [Catena-X Integration](https://supply-y.net/docs/markdown/catena-x.md): Implement Supply-Y Catena-X Mode with one EDC asset, a signed control manifest, no duplicate payload and explicit interoperability limits.
- [Security & Trust](https://supply-y.net/docs/markdown/security.md): Supply-Y data ownership, encryption, key trust, policy receipts, malicious-input controls, audit integrity and explicit security limits.
- [Trust Center](https://supply-y.net/docs/markdown/trust-center.md): Review Supply-Y Protocol 1.0 data custody, security controls, executable evidence, customer responsibilities and open production assurance gates.
- [Governance & Support](https://supply-y.net/docs/markdown/governance.md): See who owns each Supply-Y decision, how protocol changes become immutable releases, and where to report integration, security or pilot issues.

## Build

- [Signed Skills](https://supply-y.net/docs/markdown/skills.md): Inspect installable Supply-Y Agent Skills, signed release manifests, deterministic update decisions, approval boundaries and production trust requirements.
- [Crypto Profile](https://supply-y.net/docs/markdown/crypto.md): The normative Native Mode encryption, signature, key-ownership and verification profile, with executable sender-recipient test vectors.
- [API Contract](https://supply-y.net/docs/markdown/api.md): The Supply-Y Agent-facing API for identity, Skills, keys, Package lifecycle, threads, notifications, audit and Catena-X transfers.
- [TypeScript SDK](https://supply-y.net/docs/markdown/sdk.md): Use the Supply-Y TypeScript SDK to validate objects and thread context, evaluate Skill updates, keep keys behind KMS adapters and call all 21 Agent API operations.
- [Protocol Playground](https://supply-y.net/docs/markdown/playground.md): Edit and validate Supply-Y protocol objects locally in the browser using the published schemas, fixtures and domain conformance profile.
- [Hosted Sandbox](https://supply-y.net/docs/markdown/sandbox.md): Create a short-lived test session and run signed Policy Receipts, encrypted Packages, recipient receipts, notifications and audit evidence against the Protocol 1.0 API.

## Operate

- [Events & Webhooks](https://supply-y.net/docs/markdown/events.md): Implement signed Supply-Y webhooks, durable Agent inboxes, retry, deduplication, ordered polling, gap recovery and notification acknowledgement.
- [Conformance](https://supply-y.net/docs/markdown/conformance.md): Executable Supply-Y object, thread-context, cryptographic, Safe Agent and transport checks, plus production certification requirements.
- [Versioning](https://supply-y.net/docs/markdown/versioning.md): Supply-Y Protocol, schema, Skill and API version rules, maturity evidence, deprecation policy and conformance levels.

## Reference

- [Schemas & Examples](https://supply-y.net/docs/markdown/reference.md): Inspect Supply-Y JSON Schemas, valid examples, red-team fixtures, machine-readable conformance cases and validation evidence.

For machine discovery, start at [/.well-known/supply-y](https://supply-y.net/.well-known/supply-y).

---

Canonical HTML: [Supply-Y Protocol Docs](https://supply-y.net/docs)
Agent documentation index: [llms.txt](https://supply-y.net/llms.txt)
