Public draft v0.1 · updated 2026-06-24

Vacation Rental Protocol

An open protocol for host-domain signed vacation rental offers.

VRP lets agents verify that a stay offer came from the host-owned domain, includes fresh availability, exact pricing, and a direct booking URL before quoting it.

No central issuer. No trusted issuer registry. No accreditation gatekeeper. Verifiers choose their own trust policy.

▶ Watch an AI agent book a verified stay

Host domain discovery, signing keys, signed offer, and agent verification flow.

The 20-second film

Watch an AI agent reach a verified, direct booking

A guest asks. An agent finds the property on the open web. The host's own domain signs the offer — and it's verified in your browser. No marketplace, no gatekeeper.

▶ Watch the full film Verify it yourself — live →

What VRP Is

An open protocol for vacation rental offer verification.
A host-owned domain model for source identity.
Signed verified stay offers for machine validation.
Ed25519 JWKS for key discovery and signature checks.
Safe-to-quote guardrails for agent behavior.

What VRP Is Not

Not a marketplace.
Not an OTA.
Not a central issuer.
Not a central registry.
Not an accreditation program.
Not a ranking engine.
Not a booking intermediary or trust authority.

Machine-Readable Artifacts

StayIntent open discovery v0.1 /spec/stayintent-discovery-v0.1 Transparency Log v0.1 /spec/transparency-log-v0.1 Attestation Status (W3C Bitstring) v0.1 /spec/attestation-status-bitstring-v0.1 JSON-LD context https://vacationrentalprotocol.com/contexts/v1 Attestations JSON Schema /schemas/attestations-v0.1.schema.json Portable Attestations v0.1 /spec/attestations-v0.1.md Interop and trust positioning /docs/interop-and-trust-positioning.md Example attestation bundle /examples/attestations/attestation-bundle.v0.1.json

Offer Verification

Fetch the host discovery document.
Resolve the host-domain JWKS.
Verify the compact JWS over the signed offer.
Check freshness, exact price, availability, and direct booking URL.

Portable Attestations

Portable attestations use W3C Verifiable Credentials Data Model 2.0 and VC JOSE/COSE compact JWS to carry privacy-minimized trust history without making HemmaBo, or any other operator, the authority over truth.

Interop, Not Replacement

VRP is the host-domain offer verification layer. It can compose with UCP for checkout and order lifecycle, including lodging flows as the UCP lodging profile matures, AP2 for payment mandates, MCP for future tool exposure, and A2A for future agent-to-agent bindings. VRP v0.1 defines documents and verification rules, not runtime tools.

Self-issued host-domain attestations cover facts controlled by the host domain. Guest identity, right-to-let, local license status, insurance, and legal compliance require independent evidence and are future optional credential profiles, not HemmaBo certification.

Read the interop and trust positioning note .

For implementers

Implement VRP in 5 minutes — become node #2

One signing node is a file format; a second, independent node is a standard. There is no registry, no API key, and no gatekeeper — generate an Ed25519 key, sign a verified stay offer in your browser, and publish two static files from your own domain.

Sign your first offer →

Reference Implementation (live)

Reference implementation proof page · Proof node: villaakerlyckan.se · Runtime: HemmaBo

Host discovery villaakerlyckan.se/.well-known/vacation-rental.json Signed verified stay offer /api/verified-stay-offer First-mover evidence memo /docs/first-mover-evidence-memo.md

Repository

The public draft source is maintained at HemmaBo-se/vrp-spec. HemmaBo is a reference implementation and standards contributor, not a central issuer, registry, scorer, OTA, marketplace, booking intermediary, or trust authority.

Conformance & Transparency

The draft ships signed, runnable conformance vectors so anyone can test a verifier independently — positive and negative cases for the receipt envelope: offer + transport verified, partial / unverifiable payment, tampered signature, expired window, unsupported version, and malformed input.

Receipt conformance vectors (positive & negative)
Signed verified-stay-offer · JWKS
JSON Schemas (offer, attestations, discovery, JWKS, stay intent)

Offers are signed with Ed25519 (compact JWS) and verified against the host domain’s JWKS; did:web carries the portable-attestation layer. A tamper-evident, append-only transparency log (RFC 6962 Merkle) records the federation’s signed tree heads — live and independently verifiable at www.hemmabo.com/api/vrp-tlog (per-booking inclusion proofs are still being wired).

Specification text is CC0-1.0 (public domain); the reference code is Apache-2.0 with a royalty-free patent non-assertion.