Agent Identity
Agent identity is Layer 0 of the Kanoniv trust stack. Every other capability - delegation, resolution, audit - depends on agents having a cryptographic identity that is verifiable, portable, and independent of any platform.
The problem with API keys
Most agent infrastructure authenticates agents with API keys:
Authorization: Bearer sk-proj-abc123...This tells you which account is paying. It tells you nothing about which agent is acting. When three agents share the same API key, you cannot distinguish who performed a merge, who searched for an entity, or who delegated authority to whom. The key is a billing credential, not an identity.
API keys also create hard dependencies. An agent's identity is bound to a specific platform. Move to a different provider and the identity disappears. Revoke the key and every audit trail referencing it becomes an orphan.
Cryptographic identity
Kanoniv agents use Ed25519 keypairs. Each agent generates a 32-byte secret key and derives a public identity from it. The identity is a Decentralized Identifier (DID) that encodes a fingerprint of the public key:
did:agent:a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6This DID is:
- Self-issued - the agent generates it locally, no registration required
- Deterministic - same keypair always produces the same DID
- Verifiable - anyone with the public key can confirm the DID matches
- Portable - works across platforms, protocols, and providers
The agent signs every action with its secret key. Any system can verify the signature using just the public key - no callbacks, no token introspection, no network requests.
The four layers
Agent identity is the foundation of a four-layer trust architecture:
| Layer | Name | Purpose |
|---|---|---|
| 0 | Identity | Keypairs, DIDs, signed messages |
| 1 | Delegation | Attenuated authority chains with caveats |
| 2 | Resolution | Who is this entity? Match, merge, link |
| 3 | Audit | Provenance entries, tamper-proof history |
Each layer depends on the one below it. Delegation requires identity (you cannot grant authority without knowing who you are granting it to). Resolution produces identity links that agents sign. Audit records are signed provenance entries that reference agent DIDs.
Quick start
Install the library for your language:
cargo add kanoniv-agent-authnpm install @kanoniv/agent-authpip install kanoniv-agent-authGenerate an identity and sign a message:
use kanoniv_agent_auth::{AgentKeyPair, SignedMessage};
let keypair = AgentKeyPair::generate();
let identity = keypair.identity();
println!("Agent DID: {}", identity.did);
// did:agent:a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6
let payload = serde_json::json!({"action": "merge", "entity_id": "abc123"});
let signed = SignedMessage::sign(&keypair, payload).unwrap();
// Anyone with the public identity can verify
signed.verify(&identity).unwrap();import { generateKeyPair, signMessage, verifyMessage } from "@kanoniv/agent-auth";
const keypair = generateKeyPair();
console.log("Agent DID:", keypair.identity.did);
// did:agent:a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6
const signed = signMessage(keypair, { action: "merge", entity_id: "abc123" });
// Anyone with the public identity can verify
verifyMessage(signed, keypair.identity);from kanoniv_agent_auth import AgentKeyPair
keypair = AgentKeyPair.generate()
identity = keypair.identity()
print(f"Agent DID: {identity.did}")
# did:agent:a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6
signed = keypair.sign('{"action": "merge", "entity_id": "abc123"}')
# Anyone with the public identity can verify
signed.verify(identity)What's in this section
- The did:agent: Method - DID format, DID Documents, service endpoints, multibase encoding
- Keypairs - Ed25519 generation, persistence, and reconstruction in all 3 languages
- Signing - Canonical JSON signing, SignedMessage structure, content hashing
- Cross-Language Interop - Byte-identical outputs, shared test fixtures, hex encoding
