Layer 0: Identity
Every agent gets a did:agent: decentralized identifier derived from an Ed25519 keypair. No registry, no server, no DNS. The DID exists the moment the key is generated.
Cryptographic agent identity. Attenuated authority. Entity resolution. One library across Rust, TypeScript, and Python - with byte-identical outputs.
cargo add kanoniv-agent-authnpm install @kanoniv/agent-authpip install kanoniv-agent-authimport { McpProof, verifyMcpCall } from "@kanoniv/agent-auth";
function handleToolCall(args: Record<string, unknown>) {
const { proof, cleanArgs } = McpProof.extract(args);
if (proof) {
const result = verifyMcpCall(proof, rootIdentity);
console.log(`Agent ${result.invoker_did} verified (depth: ${result.depth})`);
}
// use cleanArgs for your tool logic
}No external service. No API key management. The proof is self-contained - the server verifies the entire delegation chain using only the cryptographic material in the request.
Authority flows from a root (human or system) to agents, narrowing at each step:
Root (Human)
|-- delegates to Manager: [resolve, search, merge]
|-- delegates to Worker: [resolve] (narrower)
|-- calls MCP tool with proof
|-- server verifies entire chain back to rootCaveats accumulate. Each delegation can restrict actions, set expiry times, cap costs, or scope to specific resources. You can only give away a subset of what you have.
| Caveat | What it restricts |
|---|---|
action_scope | Allowed actions (e.g. ["resolve", "search"]) |
expires_at | RFC 3339 expiry timestamp |
max_cost | Cost ceiling for the operation |
resource | Resource glob pattern (e.g. "entity:customer:*") |
context | Key/value context match (e.g. session_id) |
custom | Arbitrary key/value constraint |
Adding auth to an MCP server? Start with MCP Server Auth - 5 lines, 5 minutes.
Building agents that delegate to each other? See Agent Identity then Delegation.
Need identity resolution for multi-agent systems? Go to the API Quickstart - resolve your first entity in 60 seconds.
Agent identity and delegation are MIT-licensed and open source at github.com/kanoniv/agent-auth. The entity resolution engine is a managed service at kanoniv.com.