A **clearing agent** (could be community-run, multiple competing agents allowed) does: 1. Fetch new tx files from federated sources (RSS-style, “heads.json”, or crawling). 2. Validate them under a published ruleset (policy version). 3. Build a **batch**: * list of included tx hashes * Merkle tree root * summary deltas per account (optional) * any exclusions with reasons 4. Get the batch **co-signed** by required signers (governance).
Then publish: * `batches/{batchId}.json` * `batches/{batchId}.sig` (or embedded signatures)
Now you have *off-chain finality* (final within that community) even before you anchor on-chain.
# “Low trust” handling If two clearing agents disagree, you can: * accept multiple batch candidates * let governance choose one (signing threshold) * or anchor both and let later arbitration resolve This becomes an explicit, inspectable political process, which fits your lore perfectly.