The four rings explained
Red boundary — Invisible beyond this point · ~95% of stores
The outer boundary is not a ring you can see — it is the edge of where AI agents stop looking. Most businesses sit here. They have websites, Stripe accounts, and working stores. But no /.well-known/agent-purchase.json discovery file. No machine-readable product endpoints. No agent-accessible purchase path.
To a shopping agent — ChatGPT Operator, Perplexity Comet, Google's AP2 — these stores do not exist. The invisible coffee shop is the clearest illustration of what this costs.
Amber ring — AI-Discoverable · partial readiness
Inside the amber ring: stores that have taken partial steps — an llms.txt file, some JSON-LD structured data, or a basic robots.txt AI permission. AI agents can find these stores and understand what they sell.
But they cannot complete a transaction. Discovery without transaction is a dead end — the agent finds the store and immediately hits a wall. Being discovered is not the same as being chosen.
Blue ring — AI-Integrated businesses · full stack
Inside the blue ring: stores that have deployed the full agentic commerce stack — ACP, AP2, UCP MCP, and A2A. These are the early movers: Target, Sephora, Nordstrom, Lowe's, Best Buy, Home Depot, Wayfair, Costco, Macy's.
Their infrastructure is agent-readable. Their checkouts handle agent-initiated purchases. AI agents can find them, evaluate their products, and complete transactions end-to-end. Being here means being visible and transactable. It does not yet mean being trusted at the cryptographic layer.
Green ring — ABT-C Certified · only here · exclusively sidratnam.com
The innermost ring is not about discovery. It is about verifiable trust at the transaction layer — and consumer privacy as a structural guarantee, not a policy promise. ABT-C (Authenticated Business Transaction — Commerce) is a patent-pending cryptographic protocol that enforces your privacy policy at the protocol level. Not "we comply with our privacy policy." The protocol makes non-compliance structurally impossible.
Customer PII is encrypted before it touches your infrastructure. Only the consumer holds the key to restore it. As a merchant, you never see the raw data — you cannot leak what you cannot read. The consumer is the only party who can grant or revoke access to their own identity data. This is not a compliance posture. It is the architecture.
For the merchant: adopting ABT-C is a signal to your customers that you have put their privacy first — not as a marketing claim, but as a technical commitment baked into every transaction. You do not have to enforce your own privacy policy. The protocol enforces it for you.
For the AI agent: every transaction produces a hash-chained receipt that can be verified independently. The agent does not have to trust the merchant's word. The proof is cryptographic.
ABT-C is U.S. Provisional Patent Application No. 64/056,353. Patent Pending.
You don't pay until a successful test.
Apply for an install →