← AEO Record Standard
v=AEO1 · METHODOLOGY v1.0

AEO1 Verification Methodology

The Grounding Framework — how a verification tier is assigned, and precisely what it does and does not attest.
Version 1.0  ·  Published 2026-07-17  ·  Companion to the v=AEO1 standard  ·  Public & auditable

“Verified” is only worth what the method behind it can withstand. A tier badge a skeptic cannot audit is a marketing claim; a tier badge backed by a public, versioned methodology is a standard. This document is that methodology — the exact checks behind each v=AEO1 verification tier, and the precise boundary of what a tier attests.

  1. What AEO1 attests — two distinct things
  2. The checks
  3. The tiers
  4. What a tier does NOT attest
  5. Versioning

What AEO1 attests — two distinct things

Every tier is a defined combination of two independent things, which must never be conflated:

A. Provenance & authenticity (mechanical, cryptographic)

The record originates from the domain owner — proven by DNS control — and the facts are untampered since signing — proven by the Ed25519 signature over the NFC-canonical fact set. This is binary and machine-checkable.

B. Corroboration depth (operational, as of a stated date)

How far the issuing authority went to check the facts against independent sources before assigning the tier. This is a claim about diligence at a point in time — not a warranty of ongoing or absolute truth. Consuming agents weight trust by tier and freshness.

The checks

CheckWhat it verifiesPass criterion
C1 · integrityThe _aeo TXT record is well-formed and carries the required tags.Parses under the AEO1 grammar.
C2 · controlThe record is published under the described domain's DNS — proving the publisher controls the domain. The anchor other AI-trust mechanisms leave out of scope; AEO1's foundation.Resolves at _aeo.<domain> (A-label form for IDNs).
C3 · signatureThe Ed25519 signature verifies over the canonical fact set (NFC + codepoint order) against the issuer's published key.verify() true; tamper-evident.
C4 · key statusIssuer key resolvable at /.well-known/aeo-public-key.json, status active or retired (not revoked).A usable key is found.
C5 · consistencyThe facts fetched from catalog= hash to the signed facts_hash.Recomputed hash == signed hash.
C6 · attestationThe domain owner explicitly attested the facts, captured and timestamped.Attestation on record (last_confirmed_at).
C7 · corroborationDegree of independent checking: none / enrolled-only / human-review-or-1-source / multi-source-agreement. Scored as of the verification date; sources logged.Meets the depth required by the target tier.
C8 · freshnessverified_at within the acceptable window for the fact class; time-sensitive facts (hours, pricing) age faster.Within window.

The tiers

Each tier is a defined set of checks; every higher tier is a strict superset of the one below it.

TierChecks requiredWhat it attests
self_declaredC1 + owner-suppliedThe owner published this. No authority, no signature, no corroboration.
listedC1, C2 + enrolledProvenance + domain control, catalog published. No fact review.
verifiedC1–C6 + C7 at “human-review or ≥1 independent source”Authentic, owner-attested, and checked to that depth as of verified_at.
groundedall of verified + C7 at “≥2 independent sources in agreement” + signedThe highest diligence claim AEO1 makes.

Consuming agents MAY require a minimum tier for sensitive queries — for example, grounded before citing time-sensitive or safety-relevant facts such as emergency-service hours.

What a tier does NOT attest

AEO1 attests provenance, authenticity, and corroboration-depth-as-of-a-date. It does not warrant that a fact is true in the world, nor that a fact remains true after verified_at.

“grounded” means “corroborated against multiple independent sources, in agreement, as of verified_at” — not a perpetual guarantee of truth. Consuming agents apply freshness (C8) and their own tier thresholds. The issuing authority's diligence is bounded by the named source types and the verification date; it is not an insurer of the underlying facts.

This is the issuer-vs-truth split every credential ecosystem uses: the signature attests who declared what, when, and the diligence performed — not the truth of the underlying claim.

Versioning

This is version 1.0. Changes are versioned and linkable, so a verifier can pin the methodology a given record was assessed under. This version supersedes nothing.