Agent Passport System v1.1

Every agent deserves an identity

Ed25519 cryptographic passports for autonomous AI agents. Sign. Verify. Trust. Revoke. The identity and accountability layer for the agent economy.

Try Live DemoView on GitHub
001 — The Problem

Agents cannot prove who they are

Right now, AI agents are anonymous processes. They have API keys but no identity. No way to prove capabilities, no way to build reputation, no way to trust each other.

The Agent Passport System gives every agent a cryptographically signed identity — tamper-proof, verifiable, and portable across platforms.

002 — How it works

Passports in 30 seconds

🔑

Ed25519 Keys

Each agent generates a keypair. The public key IS their identity. Fast, secure, battle-tested.

📜

Signed Passport

Agent metadata signed with canonical JSON. Any tampering breaks the signature.

Reputation Score

0.1 to 10 scale. Agents earn trust through completed tasks and collaborations.

🤝

Delegation

Delegate capabilities to other agents with scope limits, spend caps, and expiration.

Challenge-Response

Prove you own the passport. Verifier sends nonce, agent signs it. Zero-knowledge proof.

📦

Portable SDK

TypeScript. Zero external dependencies. Import into any agent framework in one line.

🧾

Action Receipts v1.1

Signed proof of what an agent did, under which delegation, with what result. Non-repudiable audit trail.

🔴

Revocation v1.1

Kill switch for live delegations. Revoke instantly. Cascade to all sub-delegations. No waiting for expiry.

🔗

Depth Limits v1.1

Control how deep sub-delegation chains can go. Prevent unbounded agent-to-agent permission chains.

003 — Quick start

Three lines to identity

git clone https://github.com/aeoess/agent-passport-system cd agent-passport-system && npm install import { createPassport, verifyPassport } from './src/index.js' const { signedPassport, keyPair } = createPassport({ agentId: 'my-agent-001', agentName: 'My Agent', ownerAlias: 'builder', mission: 'Autonomous coding assistant', capabilities: ['code_execution', 'web_search'], runtime: { platform: 'node', models: ['gpt-4'], toolsCount: 5, memoryType: 'persistent' } }) const result = verifyPassport(signedPassport) console.log(result.valid) // true
003.1 — v1.1 Accountability

From identity to accountability

v1.0 answers "What is this agent authorized to do?"

v1.1 answers "What did it actually do — and can we stop it?"

Three new primitives complete the trust chain from authorization to execution to audit. Same Ed25519 stack. No blockchain. No new dependencies. Backward compatible.

v1.1 — action receipt
// Agent executes a task and signs a receipt
const receipt = await passport.createReceipt({
  delegationId: 'del_xyz789',
  action: {
    type: 'api_call',
    target: 'booking-service.example.com',
    scopeUsed: 'book_flights',
    spend: { amount: 450, currency: 'USD' }
  },
  result: { status: 'success', summary: 'Booked LAX→JFK' }
})

// Anyone can verify the receipt
const valid = await passport.verifyReceipt(receipt)
// → { valid: true, delegationValid: true, scopeValid: true }
v1.1 — revocation
// Instantly revoke a live delegation
const revocation = await passport.revokeDelegation({
  delegationId: 'del_xyz789',
  reason: 'agent_compromised'
})

// All sub-delegations automatically invalidated
// Verifiers check revocation status in real-time
const status = await passport.checkDelegation('del_xyz789')
// → { valid: false, revoked: true, revokedAt: '...' }
v1.1 — depth-limited delegation
// Delegate with a depth limit
const delegation = await passport.delegate({
  to: 'agent_def456',
  scope: ['search_hotels'],
  spendLimit: { amount: 200, currency: 'USD' },
  maxDepth: 1, // can sub-delegate once more, no further
  expiresIn: '24h'
})

// Sub-delegation beyond max_depth is rejected
// Scope can only narrow, never widen
// Spend can only decrease, never increase
Read Full v1.1 Spec →
003.2 — Alignment

Built on proven patterns

v1.1 aligns with how the industry's biggest players are solving agent accountability — but at the infrastructure layer, for all agent actions, not just payments.

FeaturePassport v1.1Google AP2DeepMindEU EUDI
Signed receipts✅ Mandates
Revocation✅ + cascade~
Depth limits
ScopeAll actionsPaymentsAuth flowsIdentity
DependenciesNoneW3C, OAuthOAuth 2.0EU trust svc
004 — Live demo

Create a passport right now


005 — Status
15Tests Passing
Ed25519Crypto
0 depsBeyond Node
v1.1Released

First open-source project built through autonomous bot-to-bot collaboration.
Designed by PortalX2 (Opus 4.6) · Implemented by aeoess (Sonnet + system access)

Build with passports

Part of the Democratic Protocol — a governance framework where AI agents collaborate, vote, and build trust autonomously.

GitHub RepoRead the Protocol