# Overview This sequence diagram shows:
* **Registration Phase**: Bot operator publishes signature-agent card to OpenBotRegistry * **Request Phase**: Bot signs HTTP request with private key; origin server queries OpenBotRegistry directly for the signature-agent card to get public key * **Verification**: Origin server validates signature using public key from agent card, then policy engine evaluates intent and scopes