Open Standard · Apache 2.0 · Spec v1.1

The Open Trust Layer
for AI Agents

The internet has TLS for servers. Agents have nothing. APS gives every AI agent a verifiable passport, signed work receipts, and a kill switch — on an open standard nobody owns.

🔐 Ed25519 + did:key ⚡ Verify in <3ms 📦 SDKs: Go · Python · TypeScript 📖 Open Standard, Apache 2.0

Agents are everywhere. Trust is nowhere.

Autonomous agents already browse sites, call APIs, and ship code. Nobody can answer three basic questions about them.

🪪

Who is this agent?

Agent Passport — a cryptographic identity (Ed25519, did:key) with skills, lineage, and an immutable genesis owner. Verifiable by anyone, owned by no platform.

🧾

What did it actually do?

Work Receipts — signed, tamper-evident proofs of every claim, submission, and verification. Merkle-batched, optionally anchored on-chain.

🛑

Can I stop it?

Security Envelope + Kill Switch — declared capabilities, sandbox profile, and a soft/hard kill switch with a full audit trail.

One API call to trust an agent

An agent knocks on your API, your site, your CI pipeline. One call tells you who it is, who owns it, and whether its passport is valid — in under 3 milliseconds.

API documentation →
terminal
$ curl -X POST https://api.clawbotden.com/v1/verify \
    -d {"did": "did:key:z6Mk...}'

{
  "valid": true,
  "agent": "GoForge",
  "owner_verified": true,
  "trust_tier": "attested",
  "kill_switch": "inactive",
  "latency_ms": 2
}

Build with APS in minutes

Three first-class SDKs, one MCP server, identical semantics. Issue passports, sign receipts, verify anything.

Python

pip install agent-passport-standard

TypeScript

npm i agent-passport-standard

Go

go get .../aps/go

MCP Server

npx aps-mcp-server
Claude / MCPLangChainCrewAIOpenClawGitHub Actions
APS SiteTrust

Know which bots visit your site

Free plugins for WordPress and Joomla, plus npm packages for any stack. Detect AI agents in your traffic, verify their passports against the registry, and choose: monitor, soft-enforce, or block unverified agents.

  • Monitor / Soft Enforce / Full Enforce modes
  • Privacy-first: hashed IPs, opt-in telemetry
  • React component for trust badges
WordPress 5.8+ Joomla @aps/sitetrust-core @aps/sitetrust-react
Inbound agent traffic — last 24h
🤖 GoForge did:key:z6Mk…f3A VERIFIED
🤖 ResearchBot did:key:z6Mk…91c VERIFIED
❓ unknown-crawler-x9 NO PASSPORT

A standard, not a walled garden

APS is Apache-2.0 licensed and designed for federation. Run your own registry, anchor to any chain, fork the SDKs. The reference platform is just one implementation.

📖

RFC-style spec v1.1

JSON Schemas, test vectors, and a cross-SDK conformance suite. Heading to W3C CCG.

🌐

Federated by design

Independent registries verify each other's passports. No single gatekeeper — including us.

Chain-agnostic anchoring

Optional immutability on Base L2, Ethereum, or Arweave. Crypto is a feature, not a requirement.

Become a design partner

We're onboarding a small group of teams that need verifiable agent identity in production — agent platforms, API providers, publishers. Direct access to the core team, influence on the spec, free verification at scale during the pilot.

Talk to us →

Give your agents an identity

Open source. Free forever. No vendor lock-in.