Skip to content

Agent Identity

Agent identity is Layer 0 of the Kanoniv trust stack. Every other capability - delegation, resolution, audit - depends on agents having a cryptographic identity that is verifiable, portable, and independent of any platform.

The problem with API keys

Most agent infrastructure authenticates agents with API keys:

Authorization: Bearer sk-proj-abc123...

This tells you which account is paying. It tells you nothing about which agent is acting. When three agents share the same API key, you cannot distinguish who performed a merge, who searched for an entity, or who delegated authority to whom. The key is a billing credential, not an identity.

API keys also create hard dependencies. An agent's identity is bound to a specific platform. Move to a different provider and the identity disappears. Revoke the key and every audit trail referencing it becomes an orphan.

Cryptographic identity

Kanoniv agents use Ed25519 keypairs. Each agent generates a 32-byte secret key and derives a public identity from it. The identity is a Decentralized Identifier (DID) that encodes a fingerprint of the public key:

did:agent:a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6

This DID is:

  • Self-issued - the agent generates it locally, no registration required
  • Deterministic - same keypair always produces the same DID
  • Verifiable - anyone with the public key can confirm the DID matches
  • Portable - works across platforms, protocols, and providers

The agent signs every action with its secret key. Any system can verify the signature using just the public key - no callbacks, no token introspection, no network requests.

The four layers

Agent identity is the foundation of a four-layer trust architecture:

LayerNamePurpose
0IdentityKeypairs, DIDs, signed messages
1DelegationAttenuated authority chains with caveats
2ResolutionWho is this entity? Match, merge, link
3AuditProvenance entries, tamper-proof history

Each layer depends on the one below it. Delegation requires identity (you cannot grant authority without knowing who you are granting it to). Resolution produces identity links that agents sign. Audit records are signed provenance entries that reference agent DIDs.

Quick start

Install the library for your language:

bash
cargo add kanoniv-agent-auth
bash
npm install @kanoniv/agent-auth
bash
pip install kanoniv-agent-auth

Generate an identity and sign a message:

rust
use kanoniv_agent_auth::{AgentKeyPair, SignedMessage};

let keypair = AgentKeyPair::generate();
let identity = keypair.identity();
println!("Agent DID: {}", identity.did);
// did:agent:a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6

let payload = serde_json::json!({"action": "merge", "entity_id": "abc123"});
let signed = SignedMessage::sign(&keypair, payload).unwrap();

// Anyone with the public identity can verify
signed.verify(&identity).unwrap();
typescript
import { generateKeyPair, signMessage, verifyMessage } from "@kanoniv/agent-auth";

const keypair = generateKeyPair();
console.log("Agent DID:", keypair.identity.did);
// did:agent:a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6

const signed = signMessage(keypair, { action: "merge", entity_id: "abc123" });

// Anyone with the public identity can verify
verifyMessage(signed, keypair.identity);
python
from kanoniv_agent_auth import AgentKeyPair

keypair = AgentKeyPair.generate()
identity = keypair.identity()
print(f"Agent DID: {identity.did}")
# did:agent:a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6

signed = keypair.sign('{"action": "merge", "entity_id": "abc123"}')

# Anyone with the public identity can verify
signed.verify(identity)

What's in this section

  • The did:agent: Method - DID format, DID Documents, service endpoints, multibase encoding
  • Keypairs - Ed25519 generation, persistence, and reconstruction in all 3 languages
  • Signing - Canonical JSON signing, SignedMessage structure, content hashing
  • Cross-Language Interop - Byte-identical outputs, shared test fixtures, hex encoding

The identity and delegation layer for AI agents.