# Supply-Y Protocol > Supply-Y Protocol 1.0 is the stable Agent-to-Agent contract for exchanging bounded, encrypted supply-chain decisions without centralizing customer plaintext or private keys. Use the documentation below to understand, implement and verify the protocol. Protocol 1.0 is stable and a public fictional-data Sandbox is available; hosted production APIs, production Skill signing trust, public SDK distribution and certification are not yet generally available. Supporting Skill and SDK versions are independent from the Protocol version. ## Start - [Overview](https://supply-y.net/docs/markdown/index.md): Understand, integrate and verify the Supply-Y Agent-to-Agent protocol for secure cross-company supply-chain collaboration. - [Use Cases](https://supply-y.net/docs/markdown/use-cases.md): Compare six fixture-backed Supply-Y collaboration loops for material risk, weekly planning, incident mitigation, quality, engineering change and compliance evidence. - [Protocol 1.0 Release](https://supply-y.net/docs/markdown/release.md): Pin the stable Supply-Y Protocol 1.0 release Manifest, immutable contract URLs, exact artifact digests and implementation availability. - [Changelog](https://supply-y.net/docs/markdown/changelog.md): Review every Supply-Y Protocol wire release, exact Manifest binding, compatibility decision, retired preview identifier and required migration. - [Availability & Readiness](https://supply-y.net/docs/markdown/readiness.md): See which Supply-Y Protocol 1.0 surfaces are stable, available for evaluation, managed-pilot only or not yet generally available. - [Getting Started](https://supply-y.net/docs/markdown/getting-started.md): Choose an Agent and transport path, create a controlled Package, exchange it securely and prove the first Supply-Y collaboration loop. - [Plan a Pilot](https://supply-y.net/docs/markdown/pilot.md): Scope a Supply-Y pilot with explicit entry criteria, customer responsibilities, data boundaries, stage gates, acceptance evidence and exit rules. - [Common Questions](https://supply-y.net/docs/markdown/faq.md): Direct answers about Supply-Y data ownership, customer deployment, policy, ciphertext audit, Catena-X, failure handling and production readiness. - [Install In Your Agent](https://supply-y.net/docs/markdown/agent-install.md): Copy one message into a company Agent to discover, install and verify Supply-Y, then review its compatibility report before enabling exchange. ## Understand - [Protocol Concepts](https://supply-y.net/docs/markdown/concepts.md): Understand controlled reasoning, Packages, policies, collaboration loops, participant value and Native versus Catena-X transport. - [Glossary](https://supply-y.net/docs/markdown/glossary.md): Find precise Supply-Y definitions, aliases and distinctions for Protocol 1.0, Packages, Skills, policy, receipts, transport, audit and certification. - [Architecture](https://supply-y.net/docs/markdown/architecture.md): The Supply-Y logical architecture for customer Agents, Native encrypted transport, Catena-X EDC, identity, APIs, storage, events and audit. - [Catena-X Integration](https://supply-y.net/docs/markdown/catena-x.md): Implement Supply-Y Catena-X Mode with one EDC asset, a signed control manifest, no duplicate payload and explicit interoperability limits. - [Security & Trust](https://supply-y.net/docs/markdown/security.md): Supply-Y data ownership, encryption, key trust, policy receipts, malicious-input controls, audit integrity and explicit security limits. - [Trust Center](https://supply-y.net/docs/markdown/trust-center.md): Review Supply-Y Protocol 1.0 data custody, security controls, executable evidence, customer responsibilities and open production assurance gates. - [Governance & Support](https://supply-y.net/docs/markdown/governance.md): See who owns each Supply-Y decision, how protocol changes become immutable releases, and where to report integration, security or pilot issues. ## Build - [Signed Skills](https://supply-y.net/docs/markdown/skills.md): Inspect installable Supply-Y Agent Skills, signed release manifests, deterministic update decisions, approval boundaries and production trust requirements. - [Crypto Profile](https://supply-y.net/docs/markdown/crypto.md): The normative Native Mode encryption, signature, key-ownership and verification profile, with executable sender-recipient test vectors. - [API Contract](https://supply-y.net/docs/markdown/api.md): The Supply-Y Agent-facing API for identity, Skills, keys, Package lifecycle, threads, notifications, audit and Catena-X transfers. - [TypeScript SDK](https://supply-y.net/docs/markdown/sdk.md): Use the Supply-Y TypeScript SDK to validate objects and thread context, evaluate Skill updates, keep keys behind KMS adapters and call all 21 Agent API operations. - [Protocol Playground](https://supply-y.net/docs/markdown/playground.md): Edit and validate Supply-Y protocol objects locally in the browser using the published schemas, fixtures and domain conformance profile. - [Hosted Sandbox](https://supply-y.net/docs/markdown/sandbox.md): Create a short-lived test session and run signed Policy Receipts, encrypted Packages, recipient receipts, notifications and audit evidence against the Protocol 1.0 API. ## Operate - [Events & Webhooks](https://supply-y.net/docs/markdown/events.md): Implement signed Supply-Y webhooks, durable Agent inboxes, retry, deduplication, ordered polling, gap recovery and notification acknowledgement. - [Conformance](https://supply-y.net/docs/markdown/conformance.md): Executable Supply-Y object, thread-context, cryptographic, Safe Agent and transport checks, plus production certification requirements. - [Versioning](https://supply-y.net/docs/markdown/versioning.md): Supply-Y Protocol, schema, Skill and API version rules, maturity evidence, deprecation policy and conformance levels. ## Reference - [Schemas & Examples](https://supply-y.net/docs/markdown/reference.md): Inspect Supply-Y JSON Schemas, valid examples, red-team fixtures, machine-readable conformance cases and validation evidence. ## Machine-readable contracts - [Agent discovery](https://supply-y.net/.well-known/supply-y): Canonical starting point for Agent installation and capability discovery. - [Protocol 1.0 Release Manifest](https://supply-y.net/protocol/1.0/manifest.json): Immutable inventory of normative artifacts, byte counts and SHA-256 digests. - [Protocol release index](https://supply-y.net/protocol/releases.json): Machine-readable history of stable releases, exact Manifest bindings and retired pre-stable identifiers. - [Protocol 1.0 Agent Bundle](https://supply-y.net/protocol/1.0/bundle.json): Digest-pinned public implementation and conformance material without repository access. - [Agent installation prompt](https://supply-y.net/agent-install.txt): Guarded plain-text instructions that a company can give directly to its Agent. - [Agent Conformance Profile 1.0](https://supply-y.net/agent-conformance/1.0/profile.json): Nine required cross-language checks and exact result identifiers. - [Agent API OpenAPI contract](https://supply-y.net/openapi.json): Machine-readable contract for the customer-facing Agent API. - [Security contact](https://supply-y.net/.well-known/security.txt): Private reporting channels and disclosure policy links. ## Optional - [Hosted Agent Sandbox](https://supply-y.net/sandbox): Run one signed, encrypted and auditable Protocol 1.0 exchange with fictional data and expiring credentials. - [3D Package Loop Demo](https://supply-y.net/demo): Interactive explanation of six representative supply-chain collaboration scenarios.